.htaccess prevent folder access that are subdomains - apache

in my webhost every time I create a new subdomain it creates a public-access folder in my html_public folder, and I want to block the access to those folders with a fake 404 error (using the default one if it's possible, I'm using this to set the default 404 error: ErrorDocument 404 /404.php) but allowing to access if it is the subdomain.
For example:
http://www.mydomain.com/blog/ -> Should show a 404 Not found error
http://blog.mydomain.com -> Should allow the user to access
Both of them are the same folder html_public/blog
I tried to add a .htaccess file in blog folder with this code:
order deny,allow
deny from all
But it does not allow the access (logic), it does not matters if it is folder or subdomain.
And this one:
RewriteRule ^blog/* /404.php
But like other, it redirects all to a 404 error, instead of only the direct access to the folder and allowing the access to the subdomain.
Note: I saw other questions that redirects from folder to subdomain, I need to show a 404 error.
Can someone help me?
Thanks in advanced.

Try:
RewriteCond %{HTTP_HOST} ^(www\.)?mydomain\.com$ [NC]
RewriteRule ^blog/ /404.php [L,R=404]

Related

.htaccess issue when including custom 404 error page

This is my first time using .htaccess and currently my .htaccess file is redirecting to my custom 404 page. This is being handled with the following line in my .htaccess file:
ErrorDocument 404 /404.html
On top of this, I need to rewrite a few urls so that /addition/ points to /includes/addition.html (this is one example). So I add the following:
RewriteEngine On
RewriteRule /addition/ /includes/addition.html
But this then serves me a 500 error when Is hold be getting 404 error. On top of this, when I point to mysite.com/addition/ the browser isn't fetching addition.html from my includes folder.
Would someone please explain to me how to have these two rules working without effecting the other, and correct my secondary rewrite rule?
Danke.
Have it this way in your site root .htaccess:
ErrorDocument 404 /404.html
RewriteEngine On
RewriteRule ^/?([a-z]+)/?$ /includes/$1.html [L,NC]

Want empty folder to return 404 instead of 403

I use the following code in my httpd.conf file to block unwanted bots and visitors (e.g. hitting non existing wp-login pages):
SetEnvIf User-Agent BadBot GoAway=1
Order allow,deny
Allow from all
Deny from env=GoAway
This will give them a 403 Forbidden error. On my custom 403 page I save the IP's to a database for permanent blocking / disabling them from using contact forms etc.
This is working very well. However I noticed that some users are being blocked because they visited an empty folder. This is unwanted.
Using Options -Indexes I have prevented directory viewing but this will also output a 403 Forbidden error.
Question: How to serve and display a 404 error when visiting an empty folder instead of a 403?
Since you appear to have access to httpd.conf then you can do something like the following in a server config or virtualhost context:
RewriteEngine On
RewriteCond %{LA-U:REQUEST_FILENAME} -d
RewriteRule /. - [R=404]
Alternatively, near the top of your .htaccess file (since you've tagged your question .htaccess), include the following (this will also work in a directory context):
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . - [R=404]
The purpose of the pattern /. (or .) is to prevent a 404 being served for the document root.
Depending on where you define your custom ErrorDocument, you may get a different 404 response for each method.
Alternatively, in your custom 403, perform the same check for the "BadBot" and only log the entry if there is a match. Or, only log the entry when the request does not map to a directory.

Apache - Use a unique index.php with existing folders

I want to redirect all the pages of my website (non existing files and folders) to a unique index.php. It's simple, this is my .htaccess into the root of my website:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php
ErrorDocument 400 /index.php?er=400
ErrorDocument 401 /index.php?er=401
ErrorDocument 403 /index.php?er=403
ErrorDocument 404 /index.php?er=404
ErrorDocument 406 /index.php?er=406
ErrorDocument 408 /index.php?er=408
ErrorDocument 411 /index.php?er=411
ErrorDocument 500 /index.php?er=500
It works fine for non existing files and folders BUT I need to keep some real folders to store files and I get a 403 Forbiden error when I call "site.com/folder/"
For example if folderA doesn't exists, every call to "site.com/folderA/..." works and I have a 200 OK response for the folder, subfolders and files.
But if folderB exists, I get 404 for all non-existing files and 403 for non-existing subfolders instead of the redirection to my main index.php.
What solutions Do I have to keep thoses folders and redirect all non existing urls to my index ?
Thank you
If you do not only want all non-existing folders to be routed to your index.php (which your rewrite rules will achieve), but the existing ones as well, instead of getting a 403 for those, you can simply use the DirectoryIndex directive like this:
DirectoryIndex /index.php
DirectoryIndex does not only accept a file name, but a local URL as well – and the leading slash makes it relative to the domain root.
So for all your existing folders, your index.php located at the domain root will now be served as the index document.
This could of course be achieved by other means as well – but using mod_rewrite for this would involve more checks, and using ErrorDocument 403 would still write an entry into the server’s error log for every existing folder you request.

Redirect all except local IPs to different directory, htaccess

I would like any 192.168.0.* address to be able to access my webserver as usual, which will give it the www directory. This already works, but unfortunately it will also allow outside IP's to access the same directory.
I want to redirect anyone not on a local IP address to be directed to the AGCS directory and be allowed to browser through it, as it is a normal website.
Example:
192.168.0.1 tries to access 192.168.0.2, sees the directory it now shows
Bill at 1.3.3.7 tries to access, and is redirected to the working website in the AGCS directory and does not know he has been redirected
Thanks to assistance, I am currently seeing partial success. My .htaccess file in the www directory looks as such:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^192.168.0
RewriteRule ^ /AGCS/ [L,R]
And my .htaccess file in the AGCS directory looks as such:
Order allow,deny
Allow from all
Unfortunately I am currently researching how to write a conditional where if the user is accessing something in the AGCS directory or lower, they do not get redirected but do not know how as of yet. The current solution states that I have a redirect loop.
In the htaccess file in your www directory:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^192\.168\.0
RewriteRule ^ /AGCS/ [L,R]
(or wherever the AGCS directory is)
in the htaccess file in your AGCS directory
Order Allow,Deny
Allow from All

.htaccess or cPanel redirects. Redirect pagename in folder to subdomain/pagename (all folder contents)

I am trying to get a redirect set up for my site. I have three subdomains which I use
1) (www.)mysite.com
2) sub.mysite.com
3) anothersub.mysite.com
I initially didn't use subdomains and had all my pages in a www.mysite.com/*.php format.
I am trying to add a redirect to make all the pages under the /myfolder/ folder redirect to sub.mysite.Com/ (NB sub is the same name on my site as the myfolder folder)
I have tried setting up a redirect through cPanel but all the combinations have resulted in 404 errors when I try them. I have also tried various things in .htaccess which resulted in many 404 errors.
I added a simple redirect in cPanel and get the following
e.g.
www.mysite.com/myfolder/myfolder_mypagename.php
should redirect to
sub.mysite.Com/myfolder_mypagename.php
but instead it redirects to
sub.mysite.com/_mypagename.php (missing out the "myfolder" part of the pagename)
Can you assist me in this please? It's driving me bonkers and my hosting company said it wasn't possible (which I find hard to believe!)
This answer is assuming your are facing the issue that, when creating a subdomain through cpanel and pointing it to the desired directory, some part of the urls get striped.
Create you subdomain through cpanel, and make it point to the root directory (just like www.mysite.com), then use this in your htaccess :
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?mysite\.com$
RewriteRule ^myfolder/(.*)$ http://sub.mysite.com/$1 [L,QSA,R=301]
RewriteCond %{HTTP_HOST} ^sub\.mysite\.com$
RewriteRule ^(.*)$ myfolder/$1 [L,QSA]