can not access directory without specify index.php - apache

I want to make my app root directory can be accessed without specify index.php like
www.domainname.com/dev/
My .htaccess now is
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
In my localhost it works, but in my hosting, when i access, it says "directory access is forbidden"
What should i change?
regards

Maybe this will solve the problem.
Add something like this in your .htaccess file at root directory:
DirectoryIndex index.php index.html
The first file found, from left to right, will be loaded by default. You can add more files or remove index.html as appropriate. This is just an example.

Related

point root to sub-directory with .htaccess

i have the rule to redirect all request to https and point to index.php
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:CF-Visitor} !{"scheme":"https"}
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Protocols h2 http/1.1
the root directory is htdocs, but i need change it to point to htdocs/public because some framework implement public folder has root. the problem is that i fin that example:
RewriteRule ^subfolder/$ /yourfile.php [L]
It's not clear to me how to implement it.
update:
my .htaccess file is in the root directory: htdocs, then index.php is located in htdocs/public, in this subdirectory I don't have the .htaccess
finally what I am looking for is that when entering a url like:
https://your-example.com/
https://www.your-example.com/
https://www.your-example.com/test-foo/
https://www.your-example.com/test-foo?data=data&foo=foo
all these requests point to index.php in the subdirectory:
htdocs/public/index.php
update 2:
my current routing in /public/.htaccess:
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
the root directory is htdocs, but i need change it to point to htdocs/public because some framework implement public folder has root.
Ordinarily, if you have access to the server config then you would "simply" change the DocumentRoot in the server config to point to the /public subdirectory. Alternatively, if you have access to the directory above the document root (as you appear to) then move the file structure "up" a level, so that the files in the /public subdirectory are moved to the document root (ie. htdocs/) and the framework/system files are in a directory above the document root, outside of the public HTML space (as they should be).
However, if you don't have access to the server config and/or are unable to move the files, and you have a /public subdirectory off the document root then proceed as follows...
I assume your current HTTP to HTTPS rule/redirect is working OK for you (since this is specific to Cloudflare)? However, the rule you posted does not route anything to index.php as you appear to suggest and the Protocols directive is not permitted in .htaccess (and should be triggering an error) - so not sure what that is doing there?
You need to add a rewrite to the root .htaccess file (ie. /htdocs/.htaccess) that rewrites all requests to the /public subdirectory. And create an additional .htaccess at /htdocs/public/.htaccess that routes all requests to public/index.php (your front-controller).
For example, try it like this:
# htdocs/.htaccess
RewriteEngine On
# Redirect HTTP to HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteCond %{HTTP:CF-Visitor} !{"scheme":"https"}
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Rewrite all requests to the "/public" subdirectory
# You could do this unconditionally, depending on your requirements.
# ie. You don't necessarily need to check for existing files
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*) public/$1 [L]
Also consider canonicalising the www vs non-www hostname (ie. redirect one to the other). This would go in the root .htaccess file before or after the HTTP to HTTPS redirect (depending on requirements, ie. are you implementing HSTS?).
Create a second .htaccess file at htdocs/public/.htaccess with the following:
# htdocs/public/.htaccess
DirectoryIndex index.php
Options +FollowSymLinks -MultiViews -Indexes
RewriteEngine On
# Route all requests to "index.php" (front-controller)
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule . index.php [L]
UPDATE:
I quick analysis of your existing rules, but as I mentioned in comments, the version I described above is preferable.
my current routing in /public/.htaccess:
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
The RewriteBase / directive here is incorrect and will break the rules when located in the /public subdirectory. This would need to be either set to RewriteBase /public or removed altogether (preferable).
The QSA flag is not required since you are not including a query string in the substitution.
^(.*)$ - the capturing group is less efficient and not required (you are not making use of any backreferences here).
The <IfModule> wrapper is not required and should be removed. This would only be required if these directives are optional (they are not) and you are moving these directives to multiple servers where mod_rewrite might not be enabled.
The filesystem checks to make sure the request does not map to a directory (!-d) and is not a symbolic link (!-l) are generally not required (and consequently is an unnecessary overhead if they are not reqd). These should be removed, unless you specifically need to access filesystem directories (or symbolic links) directly (which is rare).

.htaccess to VueJS in non-root directory

I have a problem with .htaccess for VueJS. I'm using the example available in the official documentation.
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
It turns out that this example works perfectly in the root folder, but my front-end is in another folder, because on the root folder is the site's home page, which was not developed with VueJs. So I'm creating inside the /admin folder. The directory hierarchy looks something like this:
/
|_ /index.php
|_ /.htaccess (to full site)
|_ /admin
|_ /.htaccess (to vue)
|_ /index.html (vue page)
The problem is that if I access the browser https://example.com/admin works perfectly, but https://example.com/admin/user works only by clicking on the link contained in site body, which leads to this URI, but it does not work with direct browser access. Only the index.html page accepts direct access from the browser. Does anyone have a suggestion on how to solve this problem? Try putting the .htaccess in the root folder and not in /admin folder, but it didn't work. I also tried replacing the RewriteBase / line to RewriteBase /admin but it didn't work.
The .htaccess file in root folder:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
Basically removes the .php extension.
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
If this .htaccess file is located inside the /admin subdirectory and /admin is part of the URL then it should be written as follows, otherwise, it will try to rewrite the request to /index.html in the document root, which presumably does not exist.
DirectoryIndex index.html
RewriteEngine On
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.html [L]
The changes made:
Remove the RewriteBase directive entirely.
Remove the slash prefix from the RewriteRule substitution string. ie. /index.html becomes index.html. Rewriting to a relative path. This is a file-path relative to the directory that contains the .htaccess file.
The DirectoryIndex directive may not be required, depending on how this is configured in the server config.
Note that this will completely override the .htaccess file in the parent/root directory.
I also tried replacing the RewriteBase / line to RewriteBase /admin but it didn't work.
That didn't work because of the slash prefix on /index.html (the RewriteRule substitution string. The RewriteBase only applies to relative path substitutions.
Try putting the .htaccess in the root folder and not in /admin folder, but it didn't work.
You could do something like that, but you will need to modify the directives accordingly (it won't work as written). However, you could get conflicts, you might as well keep the sites/config separate.

htaccess - subfolder as DocumentRoot for CSS files?

How do I use the .htaccess file to set a custom DocumentRoot for CSS files? All CSS files are within a folder named "assets", and I'd like to omit the "assets" folder when loading in the CSS files for an HTML page.
This is the current code I am using:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain-name.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.domain-name.com$
RewriteCond %{REQUEST_URI} !assets/
RewriteRule (.*) /assets/$1 [L]
This code makes links relative to the assets folder, but it doesn't apply to CSS files for some reason, as I still need to use href="assets/styles.css" in order to load a CSS file from /assets. I'd like to simply use href="styles.css".
I would create only one .htaccess file to solve all your problems. Please put this into your /root folder and delete the other .htaccess files.
# This first part should be done by the webserver,
# if not than thing about to change you hoster but I put it here:
# Preventing direct access to any .ht file (.htaccess, .htpasswd, etc.)
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
Options +FollowSymlinks
Options -Indexes
# Start to Rewrite
RewriteEngine On
# For all URL starting with /css, /fonts, /img or /js
RewriteCond %{REQUEST_URI} ^/?(css|fonts|img|js)(/.*)?$ [NC]
RewriteRule ^.*$ /site/public/%1%2 [L]
# Redirect all to the Application if not done already
RewriteCond %{REQUEST_URI} !^/?site/public/index\.php [NC]
# but not if the URL starts with css, fonts, img or js
RewriteCond %{REQUEST_URI} !^/?(css|fonts|img|js)(/.*)?$ [NC]
# or if request is a real file
RewriteCond %{REQUEST_FILENAME} !-f
# or if request is a real directory but not the root directory
RewriteCond %{REQUEST_URI} ^/?$ [OR]
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite the rest to the index.php file in your public folder
RewriteRule ^.*$ /site/public/index.php [NC,L]
It worked... I just refreshed my browser cache, and the CSS files was included properly.

Remove index.php from URL of Laravel

I am using Laravel 5.5.12 in Linux Mint.I am using LAMP stack. I would like to remove index.php from URL. My mod_rewrite apache module enabled.
My .htaccess file located in public folder and it contains following code.
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
Options +FollowSymLinks
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
I renamed the server.php in the Laravel root folder to index.php and copy the .htaccess file from /public directory to Laravel root folder. But it is not working.
I placed below code in .htaccess file
<IfModule mod_rewrite.c>
# Turn Off mod_dir Redirect For Existing Directories
DirectorySlash Off
# Rewrite For Public Folder
RewriteEngine on
RewriteRule ^(.*)$ public/$1 [L]
</IfModule>
But this not working.
Could anyone help me in this regard ?
Reset anything you have changed back to the default.
In your apache virtual host configuration, ensure you have the DocumentRoot correct (it will be something like /var/www/html/laravelproject/public).
You should not need to make any changes to the .htaccess file in the public folder as this handles rewriting the url to remove index.php. However, in some environments, I have had to add
RewriteBase /laravelproject
to the .htaccess in the public folder.
I found the answer here:
https://ma.ttias.be/remove-index-php-from-the-url-in-laravel/
To summarise, I added the following to the .htaccess file, directly below the existing index.php entry:
RewriteRule ^index.php/(.+) /$1 [R=301,L]
Go to httpd.conf file, search for the line DocumentRoot and change it to where ever your index.php is. For example:
DocumentRoot "C:/xampp/htdocs/myappfolder/public"

htaccess prevent direct acces for all subdirectories

Im developing an MVC pattern based CMS.
I wnat to prevent the direct access to my subfolders and files
I have this .htaccess file in the root folder:
php_flag display_errors On
php_value error_reproting 9999
<IfModule mod_rewrite.c>
RewriteEngine on
SetEnv HTTP_MOD_REWRITE On
RewriteBase /lmvc_trunk/
Options -Indexes
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]
</IfModule>
The page requests looks like: http://mydoamin.com/pages/details/15 . This will load the "pages" controller and call it's method called "details" and passes the 15 as a parameter (pages_controller->details(15))
The "Options -Indexes" will prevent users from listing for example the /library directory. But if I type http://mydoamin.com/library/Bootstrap.php in the browser it will load the php script. I know if I add an .htaccess file with "deny from all" to a subfolder that will solve this problem, but isn't there any nicer solution than placing this htaccess file to ALL my subfolders? Can I somehow prevent the direct access to subfolders and files from the htaccess in the root?
It would be better if i could redirect direct file and folder requests to index/404 so the user wont even know if there is a folder called e.g /library
Im new to htacces and rewrite. Any solutions?
Place this rule as your first rule:
RewriteCond %{THE_REQUEST} \s/+[^/]+/\S+
RewriteRule ^ - [F,L]