Recently I have encounter a strange issue , my website www.xyz.com is being pointed by some one on the web domain let suppose www.abc.com.
Though the whole website is on www.xyz.com but the other domain display every single content and directory path structure by their domain...e.g. the real path is www.xyz.com/somepage/id/etc can be work by www.abc.com/somepage/id/etc with same directory paths....
This other website is just redirecting everything to my website and I want to stop this domain to use my directory structure. This www.abc.com is also being crawled by Google crawler and added its link in Google search engine.
This is a very new issue to me I have one solution to restrict every single request and check if its from my own website or not.
Second solution is to restrict them through htaccess but I don't find perfect solution using htaccess.
I saw on the web it stop all the referrer, but doing that I am afraid if it will stop users coming from other website to my website ...I just need to restrict other domains to use my whole website as theirs using redirection...i have taken this issue on go daddy and they said they also don't know why the other website is pointing to my ip address ... so clueless I need expert advice to secure my website from future issues like this ...kindly advice...
My htaccess is
Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule . index.php
and i am using YII...
You can place this rule just below RewriteEngine On line:
RewriteEngine On
RewriteCond %{REMOTE_HOST} abc\.com$ [NC,OR]
RewriteCond %{HTTP_REFERER} abc\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} !xyz\.(com|net)$ [NC]
RewriteRule ^ - [F]
In your .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.xyz\.com$
RewriteCond %{HTTP_HOST} !^subdomain\.xyz\.com$
RewriteRule .* - [F]
Related
I tried redirecting my traffic so if anyone visits mydomain.com/directory, it will be the same as visiting mydomain.com:8080. Here's my .htaccess so far:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mydomain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.mydomain.com$
RewriteRule ^directory "http\:\/\/mydomain\.com\:8080%{REQUEST_URI}" [P,QSA,L]
However it doesn't seem to work. Most likely I'm missing something important here.
If .htaccess can't do such things, can I achieve that by messing with config located in /etc/apache2/?
Also, is there a way to find said web ui file directory, so I can move it to mydomain.com/directory physically?
Try:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com$
RewriteRule ^directory(?:\/|$) http://example.com:8080%{REQUEST_URI} [P,QSA,L]
One issue that might be causing this is that you are escaping a non-regex string, "http\:\/\/mydomain\.com\:8080%{REQUEST_URI}".
I have added (?:\/|$) after ^directory because the original will also pass directoryxyz to the backend server.
I've set up a dummy website to test MediaWiki at https://wiki.rehman.website/
I want to redirect all direct external traffic to files and folders located after wiki.rehman.website/ to wiki.rehman.website/index.php. So for example:
These should redirect to wiki.rehman.website/index.php:
wiki.rehman.website/extensions/
wiki.rehman.website/docs/contenthandler.txt
wiki.rehman.website/NonExistantFileOrFolder
But obviously these should not be redirected (to prevent circular redirects):
wiki.rehman.website/
wiki.rehman.website/index.php
How do I do that please?
What I'm trying to achieve here is to prevent anonymous users (i.e. non-MediaWiki logged in users) accessing any part of the web directory or files.
This is my first time setting up a website, and my first time installing a private instance of MediaWiki. If you spot any other loophole or issue, it would be most helpful if you could let me know.
Many thanks in advance!
You can setup a .htaccess file in your root folder to accomplish that.
RewriteCond %{REQUEST_URI} !index\.php$ [NC]
RewriteRule ^(.*)$ http://www.example.com/index.php [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA]
See this other question for more information:
How to Redirect All urls to a new domain in apache, except one
I have been stuck on this problem for hours and cannot find a suitable solution. I am running an ecommerce CMS from a directory eg. mywebsite.com/store/
/ has an .htaccess file which doesn't seem to change anything in /store/
/store/ has its own .htaccess file which i have been adding changes too
I have been trying to restrict access to the admin panel using the following rule to only 2 IP addresses.
RewriteCond %{REQUEST_URI} !^/store/?(index.php/)?admin123/ [NC]
RewriteCond %{REMOTE_ADDR} !^185.66.7.254$ [OR]
RewriteCond %{REMOTE_ADDR} !^217.41.62.40$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/ [R=302,L]
However the major problem is that this redirects all users going to any URL not containing /admin123/ to /, otherwise it works as expected in restricting admin panel. How do I fix this?
UPDATE 08/02: As of yet I still have not found a workable solution to this issue, at best I can blacklist ISP IPs to the whole /store/ folder using "deny from"
Try to define the base path:
RewriteEngine On
RewriteBase /store/
I am not a friend of htaccess and have bumped into a problem I can't seem to google a solution for. So here is hoping that you guys can help.
I have a multisite instalation where I am trying to redirect all trafic to mydomain.com/anothersite (and all sub folders and query strings) to anothersite.com and at the same time have all requests to anothersite.com rewrite to requesting the server to look up the anothersite folder.
Basically the server folder setup is as follows:
in the root we have a website
in the root we have a folder "anothersite" that contains another site
So all requests to mydomain.com should show the root folder while all requests to anothersite.com should get rewritten.
Hope that made sence
Here is what I have (it almost works but not quite)
RewriteEngine on
RewriteBase /
RewriteRule ^mydomain\.com/anothersite(.*)$ http://anothersite.com/$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^(www.)?anothersite.com$
RewriteRule !^anothersite/ anothersite%{REQUEST_URI} [L]
problems are that requests to mydomain.com/anothersite/someFolderOrQuerystring isn't redirected, while mydomain.com/anothersite/ is
Hope it made sence
(btw: if someone can point me in the direction of a book, that will make me a master of the mysteries of the htaccess file that would be a sweet bonus
Have this rule in site root .htaccess:
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?mydomain\.com$ [NC]
RewriteRule ^anothersite(/.*)?$ http://anothersite.com%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTP_HOST} ^(www\.)?anothersite\.com$ [NC]
RewriteRule !^anothersite/ anothersite%{REQUEST_URI} [L,NC]
Make sure you don't have any .htaccess under anothersite/ folder.
I've searched for solutions and not finding a clear answer - It's a little out of my field but I need to find an answer in a pinch.
I use an .htaccess to verify and allow access to certain webpages from outside links.
here's a sample of what I use:
AuthUserFile /dev/null
AuthGroupFile /dev/null
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.website_abc.com/
RewriteCond %{HTTP_REFERER} !^http://www.website_xyz.com/
RewriteRule /* http://www.mysite.com/denied_message.php [R,L]
this works as I want it to - I list the sites that I want to access and park .htaccess in a root directory.
My problem is when someone is linking from HTTPS it block's them even if they are in the list (and I tried putting https in the list as well).
I found various answers but none that I fully understood or that did the trick.
one was using :
RewriteCond %{HTTPS} on
but that allowed anyone in from any location.
Can someone spell this out for me?
apache / LAMP
Thanks!
RewriteCond %{HTTPS} on
This adds a condition that the actual request for your site is through HTTPS. You only want to match the referer. I'm not sure what you've tried as far as adding https:// versions of what you have in your referer checks, but this works when I put them in a blank htaccess file:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://www.website_abc.com/
RewriteCond %{HTTP_REFERER} !^http://www.website_xyz.com/
RewriteCond %{HTTP_REFERER} !^https://www.website_abc.com/
RewriteCond %{HTTP_REFERER} !^https://www.website_xyz.com/
RewriteRule /* http://www.mysite.com/denied_message.php [R,L]