as written in the title, I want to access to apache2 website using domain name only and not server's IP.
I would like to get a error 403 when trying to access the website with the server's IP.
How is it possible?
thanks
I managed, with help of this thread: https://serverfault.com/questions/511...uses-the-ip-ad
finally, I added this into /etc/apache2/sites-available/default.conf:
<Directory /var/www/>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^xx\.xx\.xx\.xx
RewriteRule ^(.*)$ - [F,L]
[...]
</Directory>
Now, I have a 403 error when typing directly my IP adress, and I can access my website only by typing the domain name.
thanks all.
Related
I am looking to deny access to my /wp-admin/ folder to everyone but specific IP addresses. For everyone else, the page should serve a 404 error. Here's what I'm working with thus far:
# ALLOW USER BY IP
<Limit GET POST>
order deny,allow
deny from all
allow from 168.162.1.3
RedirectMatch 404 ".*"
</Limit>
I believe I'm close, but the problem is that a 404 error is not served, instead it creates a redirect loop. This would obviously be taxing on my server for no reason. So how then, can a simply serve a 404 error to everyone but these specific IP addresses and also deny them access to the repository?
Interesting idea. I'm curious as to why you're so keen on a 404 error as opposed to a 403! I guess you could be trying to mask WordPress but then you'll have to mask all the references to wp-content on the frontend too.
Anyway, let's get on with this. In order to do this, do this:
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !=8.8.8.8 [OR]
RewriteCond %{REMOTE_ADDR} !=127.0.0.1
RewriteRule ^wp-admin($|/) - [L,R=404]
Set 8.8.8.8 to your real IP Address. You can add additional OR conditions to whitelist other IPs the same way I did with localhost (127.0.0.1).
You will need to be using Apache 2.1.1 or above because we are using the R=404 flag.
I currently have my local .htaccess on a MAMP server set up to block all incoming traffic from outside my local system;
<FilesMatch ".*">
Order deny,allow
Deny from all
Allow from 127.0.0.1
</FilesMatch>
This works fine but I then use API's like PayPal that require access to your site for IPN's. Is it possible to keep the restriction on the rest of the site and allow outside access only to specific urls like https://example.com/paypal_ipn?
I understand I can just switch the restriction off when using IPN's but that's not what I'm looking for. Many thanks.
You can use mod_rewrite based rules instead in your root .htaccess:
RewriteEngine On
RewriteCond %{THE_REQUEST} !/paypal_ipn [NC]
RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1
RewriteRule ^ - [F]
This will block all requests that are not:
originating from localhost (127.0.0.1)
for /paypal_ipn
I have a host in my university's http server under the domain: university.com/~username
Now, I also have a domain on: mydomain.net with GoDaddy
I want to know if it is possible to have a subdomain:
university.mydomain.net that basically redirects to
university.com/~username.
Now, the trick here is that if I want to access
university.com/~username/subdir via university.mydomain.net/subdir
the address bar in the browser shows: university.mydomain.net/subdir no
matter if I access it via university.com/~username or university.mydomain.net
The problem with using permanent redirect with masking in GoDaddy, then if
I am in the dir university.mydomain.net/subdir and go to the subsubdir
university.mydomain.net/subdir/subsubdir then the browser still shows university.mydomain.net/subdir
And about CNAMEs or other kind of register in GoDaddy, I really have no idea
what to do (this is my first domain) and I don't even know if I have the rights
in my university server to make a difference.
I tried with a RewriteRule in a .htaccess file, but this always tries to
redirect (no matter what flag I use) to university.mydomain.com/subdir
while the only thing I want to do is that the address bar shows the direction
without following it.
I really don't even know if this is possible somehow. Sorry if it's an stupid
question, I'm very new with domains and those stuffs.
Under the CNAME you need to add you subdomain entry (in the Godaddy DNS management console)
university.mydomain.net points to #
and in your host the # might be pointing to the IP address where your university server is running.
Then in your apache vhost config, you would need to have rewrite rule like
<VirtualHost *:80>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^university.mydomain.net(:80)?$
RewriteRule ^/(.*) http://university.com/~username/$1 [P,QSA,L]
RewriteCond %{HTTP_HOST} ^university.com(:80)?$
RewriteRule ^/~username/(.*) http://university.mydomain.net/$1 [R=301,L]
</VirtualHost>
We have two domains and one is primarily for marketing purposes to see how our campaigning works. The marketing domain is redirected to the primary domain. In the httpd.conf, we have a virtual host defined for each of the domain that we host and here is how we redirect the marketing domain to primary domain:
<VirtualHost *:80>
.....
RewriteEngine on
RewriteRule ^/(.*)$ http://primarydomain.com/products [L,R=301]
</VirtualHost>
The redirection works fine, but in the access log, the "referer" is blank. We use AWStats to analyse our web traffic by looking at the access log and without the referer it is hard for us to say how many people landed on the primary domain through the marking domain link. Any recommendations on how to get the "referer" information passed in as part of the RewriteRule so that it is recorded in the access log?
Thanks!
Say you've got an Apache2 virtual host setup, something like this:
/htdocs/parent1.com
/htdocs/sub1.parent1.com
/htdocs/sub2.parent1.com
/htdocs/parent2.net
/htdocs/parentn.org
Say you'd like to do this with VirtualDocumentRoot /htdocs/%0, so that you can add and remove virtual hosts without tinkering with your Apache configuration. That's important: please please no messing with htaccess files or httpd.conf every time a virtual host comes or goes - whether that host is a parent domain or not. In fact, say you're using AllowOverride None.
Anyway, the question is, how might you 301 redirect non-existent sub-domains to their corresponding parent domains without redirecting existent sub-domains?
I may have solved my own problem. However I would appreciate any feedback if somebody finds a problem with what I'm doing.
The following leaves alone any request to an arbitrary subdomain, as long as there exists a corresponding document root; but redirects any request to a subdomain which does not exist in the filesystem.
<IfModule rewrite_module>
RewriteEngine On
RewriteMap lowercase int:tolower
RewriteCond "/htdocs/${lowercase:%{HTTP_HOST}}" !-d
RewriteCond %{HTTP_HOST} "\.([^\.]+\.[^\.]+)$"
RewriteRule ^/(.*)$ "http://%1/$1" [R=301]
</IfModule>
Allows me to setup wildcard DNS and use name-based virtual hosting, without touching any configuration settings. Also, there's no htaccess involved. Just make your folder with any name like "/htdocs/[host.]domain.tld" and you're up and running. As far as I can tell, this doesn't really work with SSL/TLS (presumably something to do with %{HTTP_HOST}?), but secure sites are comparably few and better resolved by IP address than by hostname.