Hello there and I apologize if this has been posted already.
I would need some help, I am a novice as you can see.
Here is the Issue:
The web site has been finished and needs now to go "live".
My current website is on a xyz cloud server with the IP 65.61.xxx.xx, which when entered in the browser shows my site correctly etc.
Now I need to change the IP address to the domain name which is hosted via Yahoo.
As been instructed, I would need to create a re-write rule in the htaccess (in the main root folder?), is the below correct and can this be applied to an IP address as the HTTP_host too?
Besides the above change do I need to change any other setting on my server or anywhere else?
RewriteEngine on
RewriteCond %{HTTP_HOST} 65.61.xxx.xx.com [NC]
RewriteRule ^(.*)$ http://www.newyahoodomain.com/$1 [L,R=301]
If I only enter the newyahoodomain.com/ in the web browser it shows "It works! This is the default web page for this server. The web server software is running but no content has been added, yet."
Sorry for this question, and I appreciate your reply!
Thanks, Steve
If you see "It works!", but not the site, then it is possible that your host definition in apache missing ServerName and ServerAlias directives. They tell to Apache to use this configuration when the request of specified domain name comes to your server. E.G:
ServerName http://www.newyahoodomain.com/
Check out this link: http://httpd.apache.org/docs/2.2/mod/core.html#servername
Related
I have a website that I'm dynamically creating URLs for with htaccess rewrites. What I'm looking to do is restrict a URL based on the IP address of those accessing it.
For example, I'm trying to restrict access to any rewrite in the XYZ "sub-folder"
These should all be restricted to a specific IP
www.domain.com/XZY
www.domain.com/XZY/anotherfile.html
www.domain.com/XZY/anotherfolder
But no restriction to any other rewrite
These should all be accessible
www.domain.com/ABC
www.domain.com/greatfile.html
www.domain.com/ABC/greatfolder
The XYZ folder does not actually exist so placing an htaccess file in there isn't an option for me. I appreciate any assistance you can provide.
Using mod_rewrite, respond with a 403 Forbidden for any requested URL that starts /XZY and is not from the stated IP address:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !=203.0.113.111
RewriteRule ^XZY($|/) - [F]
Any blocking directive like this need to go near the top of the .htaccess file, before any existing rewrites.
NB: This assumes the client is connecting directly to your application server. However, if you are using a CDN (eg. Cloudflare), load balancer or front-end caching proxy then you may need to check another element of the request since the client is not connecting directly with your server (the proxy is).
I have a retail application that is hosted at www.emenu.com. My clients have there on websites that are hosted on their server, like www.fastfood.com, www.freshlime.com, etc. There is a button on their website which redirects to www.emenu.com.
www.fastfood.com on a button click redirect to www.emenu.com
www.freshlime.com on a button click redirect to www.emenu.com like that,
Problem is that the client does not want to show my application URL in the address bar after redirecting.
ie, www.fastfood.com will redirect to www.emenu.com but it should show www.fastfood.com in URL.
I am using laravel for the development. Came across many solutions involving .htaccess like
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?emenu\.come$ [NC]
RewriteRule ^ http://www.fastfood.com%{REQUEST_URI} [L,NE,P]
But the solution doesn't work.
The way websites work is like this:
user enters URL into browser (or clicks a link to get there), say www.example.com/foo/bar
the browser/OS looks up the A or AAAA DNS record for www.example.com, this DNS record points to an IP address
the browser sends an HTTP request to that IP address, like:
GET /foo/bar HTTP/1.1
Host: www.example.com
the server at that IP address (hopefully) responds with some HTML
So you see, if the domain www.example.com is already pointed at your client's server, it can't also point at your server. And the URL in the browser's address bar will always show the URL it's currently actually loading, you can't mask that. If you want the contents of your site to appear on your client's domain name, then the server pointed to by the DNS record for that domain actually needs to return the HTML for your site. You pretty much have two options there:
Embed your site in an iframe on your client's page. Say www.example.com/emenu.html contains:
<iframe src="http://www.emenu.com"></iframe>
Then visitors going to www.example.com/emenu.html will see the content of your site (embedded into a site of your client).
Set up the web server for www.example.com to reverse-proxy (some of) your URLs. In Apache that can be done with something like:
ProxyPass "/emenu" "http://www.emenu.com/"
ProxyPassReverse "/emenu" "http://www.emenu.com/"
Any HTTP request for the URL path /emenu to www.example.com would be forwarded by that server to your server, and the response be presented to the visitor as if the www.example.com server had produced it itself.
I have my website example www.example.com... I want that this should open with 2 urls.. Like if i open www.example.com or www.example.com/eu then it should open same page. If my url is www.example.com/products or www.example.com/eu/products then it must open same page...
means i want my website to work same on both base urls www.example.com and www.example.com/eu...
Please help me on this. Any hint or pointers will be appreciated..do i need to do changes in htaccess or some where else to make it work?
I assume this is what you are looking for:
RewriteEngine on
RewriteRule ^/?eu(/.*)?$ /$1 [QSA,END]
You obviously need the rewriting module to be loaded and activated for this to work. And you need to enable the interpretation of distributed configuration files (".htaccess") if you really want to use those instead of placing such rules into the actual http server's host configuration where they belong.
I have a server that I can access in browser through the domain name (secured with SSL) and the server IP address.
I would like to disable access with the server ip address:
http://123.45.678.901/ and https://123.45.678.901/
How can I do that ?
OK found the complete solution here via htaccess file and 2 rules :
RULE 1: Redirect all requests to secure HTTPS access (including ip request http://123.45.678.901 )
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://domain.com/$1 [L,R=301,QSA]
RULE 2: If the domain or subdomain is not exactly domain.com redirect to bare domain (mandatory to catch https://123.45.678.901/any-page for example)
Using redirect all wildcard subdomains to root domain
RewriteCond %{HTTP_HOST} !^domain\.com$ [NC]
RewriteRule (.*) https://domain.com/$1 [L,R=302,QSA]
All tests results here :
http://123.45.678.901/ > now redirect to https://domain.com/
https://123.45.678.901/ > now redirect to https://domain.com/
http://123.45.678.901/any-page > 404 > https://domain.com/index.php?p=any-page
https://123.45.678.901/any-page > 404 > https://domain.com/index.php?p=any-page
What are you trying to accomplish by blocking the IP access to the website? It is really the same thing. We only use nice looking domain names or host names for the benefit of humans. Whether you type in the domain name or IP is the exact same thing as someone can simply ping your hostname and get the IP address anyway.
If you want to enforce SSL simply do it for the host so that all access attempts require SSL. You can use apache mod_rewrite to accomplish this: https://www.sslshopper.com/apache-redirect-http-to-https.html
What you're asking for may not be possible, unless I'm not understanding the problem correctly. It's like saying I want someone to be able to send mail to my house only using my address but not my postal code, when the postal code effectively gives you the address.
Anyway hope this helped.
If you want to make it possible for users to access your site (server) through the domain name while accessing the corresponding IP address is disabled in order to disable the access to phpmyadmin through the IP address, it is impossible and not a good way to achieve what you want.
Roughly speaking, domain name is the human readable and memorable form of IP address, and when we type the domain name (e.g., http://google.com) on the browser, the domain name is converted to corresponding IP address by the DNS (domain name service) server, and the browser tries to connect to the IP address given by DNS. Eventually, trying to connect via domain name and IP address internally works the same way.
To remove the access of phpmyadmin from the other users and attackers, configuring the access control is right way. Try:
Use secure passwords for mysql users
Limit the permission of the mysql users according to the purpose of the mysql users. (Using the root user for all purpose and application is not a good way.)
If you correctly configure the above points, attackers can't access your database even if they know the URL of phpmyadmin.
To make sure that a redirect takes place only when someone is browsing with the ip of the server, I did the following (Ubuntu 20.04 - commands and paths may differ, if you use another OS):
Create a noip.conf file in /etc/apache/conf-available/ folder with this content:
<If "%{HTTP_HOST} =~ /12\.34\.56\.78/">
RewriteEngine on
RewriteRule ^ http://my.domain.com [L,R=301]
</If>
Enable the configuration and restart apache:
a2enconf noip
apachectl restart
The above will not work if someone types in the ip using https. They will get a "Your connection is not private" message. Then if they click "Proceed to 12.34.56.78", they will get the first matching ssl enabled virtual host. Make sure that this host is the one you want it to be.
You should also check if other applications on the server are listening on alternative ports, since someone could type in 12.34.56.78:999.
I have a bunch of scripts on a server running Ubuntu 12.04 and Apache. Currently, I can access the site both ways: via the IP and the domain name, for example: http://example.com and http://1.1.1.1 where example.com has an A record pointing to 1.1.1.1. My question is, is there a way to throw 403 or similar error when the site is accessed by the server IP and not by its domain name?
All I could find about my question is a link to the Apache HOW-TOs, however, there is no information on how to achieve this whatsoever. My assumption is that I have to edit the configuration file of the default vhost, but I don't know what exactly to change. Or perhaps there's a module for it?
Put this rule in your vhost configuration
RewriteEngine on
RewriteCond %{HTTP_HOST} ^1\.1\.1\.1$
RewriteRule ^ - [F]