I am trying to set something up on my local server where if I go to mydomain/docs it does a redirect internally to mydomain/slate/build, but have the user still see mydomain/docs in their browser's url. I have it half working - when I go to mydomain/docs, it loads the correct index.html in /slate/build but the issue is that my url bar:wq shows mydomain/slate/build when the desired url is mydomain/docs.
Here is my entire .htaccess file that does the redirect:
RewriteEngine on
RewriteRule ^/?docs$ /slate/build [L]
And here is what I believe to be potentially relevant from my apache2.conf:
HostnameLookups Off
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
Allow from all
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
And finally my VirtualHost in sites-enabled:
<VirtualHost mydomain>
DirectoryIndex index.html
ServerAdmin postmaster#dummy-host.localhost
DocumentRoot /correct/file/structure
ServerName mydomain
ServerAlias mydomain
</VirtualHost>
Yes it is - it's a directory with an index.html in it, which is the file I'm trying to pull up.
Since it's a directory, you need to end the URI with a slash, otherwise mod_dir will kick in an redirect the browser to the same URI but with a trailing slash. Try changing your rule to:
RewriteEngine on
RewriteRule ^/?docs$ /slate/build/ [L]
Related
Server is running on RHEL 7.9, httpd 2.4.6 and I have the following structure in my /var/www/html directory:
/site
index.php
I can reach the root index.php by visiting the IP address. However, when I try to access content inside /site directory, it automatically switches to https, hence the content does not load.
Some snippets from /etc/httpd/conf/httpd.conf:
DocumentRoot "/var/www/html"
<Directory />
AllowOverride None
Require all denied
Options -Indexes +FollowSymLinks
</Directory>
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
Require all granted
</Directory>
<Directory "/var/www/html">
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
AccessFileName .htaccess
<IfModule dir_module>
DirectoryIndex index.php index.htm index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
IncludeOptional conf.d/*.conf
I have a virtual host setup for /etc/httpd/conf.d/site.conf
<VirtualHost <server ip>:80>
ServerAdmin webmaster#sitename.com
DocumentRoot /var/www/html/site/
ServerName www.sitename.com
ServerAlias sitename
<Directory /var/www/html/site>
Require all granted
</Directory>
</VirtualHost>
My .htaccess:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUESTFILENAME} !-f
RewriteCond %{REQUESTFILENAME} !-d
RewriteRule ^login/generic_oauth$ auth0-callback.php [L]
RewriteRule ^(.*)$ index.php?page=$1 [L]
My vhost file:
<VirtualHost *:443>
DocumentRoot /home/blabla/www/frontend/
ServerName some-domain.net
ServerAlias www.some-domain.net
SSLEngine on
SSLCertificateFile /etc/apache2/crt/cert.pem
SSLCertificateKeyFile /etc/apache2/crt/key.pem
<Directory />
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory /home/blabla/www/>
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
The problem is when I try to access https://www.some-domain.net/login/generic_oauth Apache is loading login.php (which exists). Problem disappears when I rename the file to loggin.php for example.
The problem is when I try to access https://www.some-domain.net/login/generic_oauth Apache is loading login.php (which exists). Problem disappears when I rename the file to loggin.php for example.
This problem is symptomatic of having MultiViews enabled. Although, you appear to be disabling MultiViews in the server config, except that you are not targeting the DocumentRoot with your <Directory> containers...
DocumentRoot /home/blabla/www/frontend/
:
<Directory />
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory /home/blabla/www/>
Options -Indexes +FollowSymLinks -MultiViews
AllowOverride All
Require all granted
</Directory>
You should not be setting AllowOveride All and Require all granted in the <Directory /> container, ie. the entire drive! You should be disabling access instead and this should already be defined outside of the <VirtualHost> container, in the main server config.
You are then granting access to /home/blabla/www/, but this is the directory above the DocumentRoot?! Do you have another .htaccess in this parent directory? Do you have another <Directory> container that matches the DocumentRoot?
So, your config should look more like this:
<Directory />
Options SymLinksIfOwnerMatch
AllowOverride None
Require all denied
</Directory>
<VirtualHost *:443>
ServerName some-domain.net
ServerAlias www.some-domain.net
SSLEngine on
SSLCertificateFile /etc/apache2/crt/cert.pem
SSLCertificateKeyFile /etc/apache2/crt/key.pem
DocumentRoot /home/blabla/www/frontend/
<Directory /home/blabla/www/frontend>
Options +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
As with any changes to the server config, you need to restart Apache.
If this does not resolve the issue then you need to look for any other places in the config that could be enabling MultiViews. And if all else fails, explicitly disable MultiViews in the .htaccess file itself:
Options -MultiViews
Going to example.com/config or example.com/account/login returns 403 Forbidden.
In reality, /config and /account/login should be redirected to index.php but it gives 403.
My directory structure is like this:
/var/www/example
└─/assets
└─/bower_components
└─/node_modules
└─/partials
└─/templates
└─/tests
└─/vendor
└─index.php
This is my Virtual host configuration:
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/example
<DirectoryMatch "^/var/www/example/(?!(assets|partials))\w+">
Require all denied
</DirectoryMatch>
<Location />
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
</Location>
</VirtualHost>
I want to disallow access to every folder except assets and partials, that's why I added that DirectoryMatch directive.
I use a PHP framework called Slim so I have to add Location and Rewrite directives.
I think Apache thinks my URLs are directories and blocks them. Is there a way to unblock my URLs?
Try adding:
<Directory "/var/www/example">
Order Allow,Deny
Allow From all
</Directory>
above the <DirectoryMatch> container in your vhost config.
Since you're using apache 2.4, then use require all:
<Directory "/var/www/example">
Require all granted
</Directory>
If you're using Apache 2.4 try to add in the end of your VirtualHost:
<Directory /var/www/example>
Options Indexes FollowSymLinks MultiViews
# If you want to enable overrides, you should read:
# http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
AllowOverride All
Require all granted
Satisfy Any
Order allow,deny
Allow from all
</Directory>
my problem is that I want to deny the access to a folder but I can't.
I've put a .htaccess file in this folder with just these lines:
order deny,allow
deny from all
Any idea of what can be happening?
I get it! It was due to the apache configuration. In my foo.conf of sites-avaiables directory I had:
AllowOverride None
As apache doc says, AllowOverride Description: Types of directives that are allowed in .htaccess files
When it is changed to:
AllowOverride All
it works perfectly!
You can also configure it with specific options:
AllowOverride directive-type
directive-options at: apache.org
I had the same issue using that method. Try this instead:
RewriteEngine On
RewriteCond %{REQUEST_URI} foldername
RewriteCond %{REMOTE_ADDR} !^111\.222\.333\.44$
RewriteRule . - [R=404,L]
With this method you need to add your own ip.
Options: instead of the last line being a 404 page not found:
RewriteRule . - [R=404,L]
you can change it to a 403 forbidden:
RewriteRule .*? - [F]
or redirect to your homepage:
RewriteRule . http://www.domain.com/ [R,L]
you need to do two things,first, change the conf of apache to allow override,
second, to change the conf of a hosting to allow override
first
nano /etc/apache2/apache2.conf
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
and change it to;
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Second
cd /etc/apache2/sites-available
nano yourdomain.com.conf
add the following codes into it,
<Directory "/var/www/html/yourdomain.com/public_html">
AllowOverride All
Require all granted
</Directory>
after adding
<VirtualHost *:80>
ServerAdmin support#yourdomain.com
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/html/yourdomain.com/public_html/
<Directory "/var/www/html/yourdomain.com/public_html">
AllowOverride All
Require all granted
</Directory>
Use this:
<Directory /folder_name>
Order Deny,Allow
Deny from all
</Directory>
Its better to add a rule to allow your ip address. You can use allow from your_ip_address for this. Be careful with the ip address as it can be shared. You can check your ip address using http://www.whatismyip.com/
I am a little stuck and am sure that this is a trivial problem, but just can't seem to find the right solution.
I have a local development server running apache2 w/mod_ssl & mod_rewrite.
I created a self-signed cert and added the respective virtual host directive for *:443.
The issue I seem to be having is that now that I have the SSL side of things working properly. And when I say properly, I mean that I can go to the https url of my site (e.g. https://dev.mysite/) without adding index.php and it pulls up the index.php just fine.
But when I go to the regular http url of the site, I have to type in the index.php to see the site. (e.g. http://dev.mysite/index.php)
I tried adding a DirectoryIndex directive to the *:80 block, but this still doesn't appear to work.
Below is the virtual host file contents if that helps at all;
ServerName dev.mysite
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/vhosts/bsah_dev/mysite
<Directory />
DirectoryIndex index.php
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/vhosts/bsah_dev/mysite/>
DirectoryIndex index.html index.htm index.php
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/vhosts/bsah_dev/mysite
SSLEngine On
<Directory /var/www/vhosts/bsah_dev/mysite>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
</IfModule>
</Directory>
SSLOptions +StrictRequire
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
</VirtualHost>
A few comments on your configuration, which may help you fix this problem:
<Directory />
DirectoryIndex index.php
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
That's quite unusual: normally, you wouldn't grant access to anything for the root directory (of your machine, not your document root). See the Directory documentation, which suggests using this:
<Directory />
Order Deny,Allow
Deny from All
</Directory>
This should work as expected in your configuration:
<Directory /var/www/vhosts/bsah_dev/mysite/>
DirectoryIndex index.html index.htm index.php
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
(This being said, index.php will only be used if there's no index.html or index.htm found first.)
The DirectoryIndex documentation says it can be placed in "server config, virtual host, directory, .htaccess" (see "Context"). It also works within the Directory directive (and such values will override the values you'd find at the VirtualHost or server level).
This rule, in the HTTPS section doesn't make sense:
<Directory /var/www/vhosts/bsah_dev/mysite>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !^on$ [NC]
RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L]
</IfModule>
</Directory>
You're using a rewrite rule to redirect to the equivalent https:// URL. However, this rule is in the section where SSL is enabled, so you're redirecting from https:// to https://, not from http://.