What do these rewrite rules mean? - apache

I subscribed to voltrank (website for building backlinks) and they told me to modify the .htaccess file with the following text:
RewriteEngine On
RewriteRule ^$ /vr_display_50727b.php?filename=index.html [L,NC]
RewriteRule ^(.*)\.html$ /vr_display_50727b.php?filename=$1.html [L,NC]
RewriteRule ^(.*)\.htm$ /vr_display_50727b.php?filename=$1.htm [L,NC]
My Question is: Is this safe and what does it mean? My main concern is security.
By the way, after modifying the .htaccess file, my stats showed that two offensive IP addresses had accessed my website. I'm not sure if the modification has anything to do with this or it is just coincident.
Thanks

It's a coincidence. What this does is cause all requests to execute vs_display_50727b.php instead.
What you should be concerned about is having your search ranks go down instead of up by using this program. Google does not like services designed to manipulate its rankings.

This is completely safe as it seems that your system is a kind of CMS which takes filenames as parameter to display the corresponding content. All this is redirecting your requests to vr_display_50727b.php page which decides which content will be drawn on page and same time helps you to have fancy URL with secure HTM /HTML filenames.
These rewrite rules increase page ranking

Related

htaccess URL rewriting PHP for posts and offers

i've searched for a long time an answer for my issue, I found a lot of ideas, but I can't figure it out and make it work as I expect..
So, I've a website with
"/index.php"
"/posts.php"
What I want is to rewrite the url in order to :
redirect "/index.php", "/index.php/" and "/index/" to "/"
and also :
redirect "/posts/slug-post-1/" to "offers.php" but still display "/posts/slug-post-1/" in which I would split the url to get the slug of the post.
Thanks
What I've tried is :
## To internally redirect /dir/foo to /dir/foo.php
RewriteCond %{REQUEST_FILENAME}.php -f [NC]
RewriteRule ^ %{REQUEST_URI}.php [L]
It actually display "/offers/" and redirect to "/offers.php"
but when i add a post slug, it doesn't work.
So I've also tried :
RewriteRule ^posts/([^/]*)$ /posts.php?slug=$1 [L]
It works only with ctrl+F5 and not a simple refresh.. I don't understand why. This is the same with different brwoser and computer.
I'll give it a shot :-)
To redirect "/index.php", "/index.php/" and "/index/" to "/".
RewriteRule index(.*)$ / [NC, L]
Edit: I really urge you not to change the default behaviour of a crucial file like index.php in main folder. There will be unforeseen consequences.
And the other one:
RewriteRule posts/slug-post-1(.*)$ offers.php [QSA, NC, L]
In your example:
Your RewriteCond %{REQUEST_FILENAME}.php -f [NC] checks if "requests filename" with .php added is a real existing file.
Use RewriteCond ${REQUEST_FILENAME} !-f to make sure the targeted file is not skipped, although it is existing. !-d would check for directories.
If you want slugs to be added dynamically to the new target, use flag QSA, so [QSA, NC, L] instead of [NC, L], for example. Use the condition before the rule.
This is really a comment - but space is limited.
It looks as if you haven't thought through what you are trying to achieve before trying to implement it.
What I want is to rewrite the url in order to : redirect "/index.php", "/index.php/" and "/index/" to "/"
I think you need to do a lot more searching. Webservers don't serve up directories, they typically have a lot of machinery in place to service up content when presented with a request where the path maps to a directory to change that to a file, a script, or a special handler.
I suspect you want to rewrite /, /index.php/ and /index/ to /index.php
But I suspect there's more to what you are trying to achieve here - that you also want to deal with any string after the pattern you are seeking to match which is implied in your attempts to deal with /posts.
So it looks as if you are trying to implement 2 front controller patterns. Implementing a single front controller pattern appears to be a bit of a stretch for you. Implementing 2 at the same time is unlikely to turn out well and whatever you do finally implement will likely be very fragile. You're going to need a router in /index.php so that is the right place to handle the /posts/ requests.
But this is only PART of the problem you need to solve. Having your PHP code intercepting all requests is rather expensive in terms of CPU and memory (unless you have a really good caching policy implemented on your server and it is sitting behind a caching reverse proxy).

htaccess Remove directory from end of URL in apache

Ok, so I know this is a question that has been asked many times, however, I have not been able to find an answer to my particular case, so please do not shoot me down.
I have a website: http://gmcomputers.co.za.
I am redirecting this URL, using .htaccess file, to a subfolder to load the content:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/$
RewriteRule (.*) /gmcomputers/ [L,DPI,R=301]
Which works perefectly, except when I go to http://gmcomputers.co.za I get http://gmcomputers.co.za/gmcomputers/.
So my question is, how do I modify the above code to remove the /gmcomputers/ from being appended?
Please note I copied the code above from a website as I am not at all experienced in redirect, etc and am still learning. Also, the reason I am using .htaccess to redirect is due to there being other websites in the root directory and I therefore cannot edit any config files for Apache.
Thanking you.
You contradict yourself in your question. On the one hand you write that you want to redirect and that this "works perfectly", but then you write that you do not want that result.
My guess is that you actually do not want to redirect at all, but that instead you want to internally rewrite your requests to point to that server side folder. While the URL visible in the browser's URL bar does not show that folder. Is that what you are trying to ask?
If so take a look at this example:
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/gmcomputers
RewriteRule ^ /gmcomputers%{REQUEST_URI} [END]
You might want to add an actual redirection to direct clients actually using the folder name in their requests:
RewriteEngine on
RewriteRule ^/?gmcomputers/(.*)$ /$1 [R=301,END]
RewriteCond %{REQUEST_URI} !^/gmcomputers
RewriteRule ^ /gmcomputers%{REQUEST_URI} [END]
Best is to implement such rules in the central http server's host configuration. If you do not have access to that you can instead use a distributed configuration file (typically called ".htaccess") located in the DOCUMENT_ROOT folder configured for the http host, if you enabled the consideration of such files in your host configuration . Though that comes with a number of disadvantages. Above implementation works likewise for both approaches.

How to simulate directories with a htacess file (mod_rewrite)?

what I try to do is to simulate directories with the help of a htaccess file.
I have a website with a file like this:
http://www.domain.com/filename.php?t=yeah-a-title-2014
Now, I would like to rewrite the URL above to the following:
http://www.domain.com/directory1/yeah-a-title-2014/
If a visitor enters one of the two URLs, he should see the second one in his address bar but the content of the filename.php?t=yeah-a-title-2014 should be displayed.
I have no idea how to realize this.
Any ideas?
This is better known as SEO-urls (search engine optimized), SEF-urls (search engine friendly), fancy urls and a couple more of those terms. The basic problem with these kind of constructions, is that they cause an infinite loop if not implemented correctly, and therefore usually the THE_REQUEST trick is used, because %{THE_REQUEST} is always equal to the request, even if the url is rewritten, which in turn prevents the external redirect from matching if the internal rewrite matches.
#External redirect
RewriteCond %{THE_REQUEST} ^(GET|POST)\ /filename\.php\?t=(.*)\ HTTP
RewriteRule ^ /directory1/%2/ [R,L]
#Change [R,L] to [R=301,L] after ALL rules do what you want them to do, and before your site goes live
#Internal rewrite
RewriteRule ^directory1/([^/]+)/?$ /filename.php?t=$1 [L]

RewriteRule and php download counter

(1) I have a site that serves up MP3 files:
http://domain/files/1234567890.mp3
(2) I have a php script that tracks file download counts:
http://domain/modules/download_counter.php?file=/files/1234567890.mp3
After download_counter.php records the download, it redirects to the original file:
Header("Location: $FQDN_url");
(3) I'd like all my public links to be presented as the direct file urls from (1). I'm trying to use Apache to redirect the requests to download_counter.php:
RewriteRule ^files/(.+\.mp3)$ /modules/download_counter.php?file=/files/$1 [L]
I'm currently stuck on (3), as it results in a redirect loop, since download_counter.php simply redirects the request back to the original file (rather than streaming the file contents).
I'm also motivated to use download_counter.php as is (without modifying it's redirect behaviour). This is because the script is part of a larger CMS module, and I'd like to avoid complicating my upgrade path.
Perhaps there is no solution to my problem (other than modifying the download_counter script). WDYT?
If this is not about the strongest protection ever (as I can see, it is not), then just have your script to redirect browser not to the file, but to the
http://domain/files/1234567890.mp3/redirected
Ensure your webserver will still serve such request correctly as a file download. If it will, then just add negative RewriteCond that will ensure, that redirection is done if and only if the link is not ending with /redirected
UPDATED ANSWER
i think you are into a lot of troubles because your pseudo url are actually real urls: they lead to the file. So you should change your pseudo url to something like domain.com/downloads/file.mp3 and then just check whether the requested file does not exist, so that the redirect does not loop.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^downloads/(.+\.mp3)$ /modules/download_counter.php?file=/files/$1 [L]
I first thought something that would use the referer would work:
RewriteCond %{HTTP_REFERER} !download_conter\.php
RewriteCond %{HTTP_REFERER} !=""
RewriteRule ^files/(.+\.mp3)$ /modules/download_counter.php?file=/files/$1 [L]
However, the browser does not cooperate. Let's say you click some link in file.html to something.mp3 and then are forwarded to download_counter.php. When the php script does the forward it sets as referer not download_counter.php but file.html.
The only way I see you could do this would be using an external rewriting program that would keep some state -- the first time the user requested the file it would save that information and make the rewrite, the second time it would know it had made the rewrite in the first place and would pass through the request unmodified. See the documentation of RewriteMap.
Put in http://domain/files/ this .htaccess file...
RewriteEngine On
RewriteOptions Inherit
RewriteRule ^(.*).(mp3)$ /modules/download_counter.php?file=$1.$2 [R,L]
This should do the trick...

mod_rewrite and hyperlinks

I'm trying to get my head around mod_rewrite and friendly URLS.
OK, on a very basic level I have the following rule:
RewriteRule ^register$ register.php [L]
This allows me to browse to www.mydomain.com/register
The hyperlink within my pages shows register.php. Do I have to manually change my links to register?
Esentiallly, I do not want the .php extension on any of my links.
Thanks!!
Yes, you must manually change the hyperlinks (or use your favourite search-and-replace tool). mod_rewrite can't do this for you; it can only rewrite incoming requests, not outgoing HTML.
Yes, you'll need to change the URL in your code if that's not what you want to show up in the address bar.
Just an addition:
Note that RewriteRule ^(.*)$ /$1.php rewrites all files for you which saves you typing a lot of rules ;) Offcourse you can add more validation to it by using something like RewriteRule ^(.*)$ /index.php?pageId=$1.