I google on the net and found two approaches to redirect incoming requests to apache in Ubuntu OS: 1) using httpd.conf and 2) using .htaccess.
I am confused. What are the differences between them?
Please share if you know how.
Thank you!
The .htaccess-file is meant to be used on shared servers where you don't have access to the primary Apache config files. It is generally a better idea to use httpd.conf or your site config rather than .htaccess if you can as this has a lower processing overhead (as far as I know, the .htaccess-file is parsed on each request), but both ways work fine.
Related
I have the following very simple htaccess file:
RewriteEngine On
RewriteRule a.jpg b.jpg
RewriteRule c.php d.php
All four resources are in the root folder.
The PHP rule works as expected, however, the JPG rule is just ignored as if it were not there. The image a.jpg continues to display.
I am completely clueless on why that would happen.
The only explanation I could think of is that Apache is somehow configured not to INVOKE htaccess at all if the requested resource is an image. Is that even possible?
I found out the reason and I am posting my answer in case anyone faces the same issue.
It appears that both Nginx and Apache are configured on the server. Nginx is internet facing and Apache is internal.
It appears that the web hosting company has done so to benefit from Nginx's better performance and to provide compatibility to anyone coming from Apache environment at the same time.
When Nginx receives a PHP request from the internet it allows the request to pass through and reach Apache but when the resource is a static resource (image, css, js) Nginx delivers the resource itself for optimum performance.
The htaccess image rule above is not processed because the request is not even reaching Apache.
I temporarily solved the problem by not allowing Nginx to handle the images itself and allowing them to proceed to Apache.
The better solution of course is to remove htaccess dependency and handle everything within Nginx configuration file, which I will be doing soon.
The best solution of course is to remove Apache completely but it is a shared server and I don't have full control.
I've just reset my Ubuntu 14.04 LAMP server hosted with digital ocean. Could someone tell me the 'proper' way to do server configuration. My goal is to do everything as clean as possible (and hopefully well structured).
I intend on using the server mainly for programming and data analytics, however I do plan on hosting my website in /var/www/html. I also plan on using letsencrypt/certbot to get an easy SSL. With this in mind, these are the main goals I would like to accomplish:
1) Redirect the website to ALWAYS be served through https AND www.
2) Enable HSTS for the entire website.
3) Enable clean url's (remove .php extensions and what not).
Since I would like all of these properties to be used across the entire website, should the configuration be done inside of the /etc/apache2/ folder? Or should it be done inside of .htaccess?
And if it should be done inside of apache2 configuration, which file should I add it to? And finally, how exactly should it be added? (for example vhost 80/443, inside of a mod_something section, etc).
Thank you in advance, I would appreciate and consider any advice about Apache and htaccess!
I have a few web sites that are hosted in a VPS.
Today, I found that when visiting "http://api.rsywx.com", it forces me to visit "https://api.rsywx.com", and the redirects me to "https://rsywx.net" (which is SSL enabled).
I checked my virtual host files, and did not find out anything forcing this redirect.
Anyone can point me some direction on how this can happen?
Redirects can be done on different ways and levels. Most elegant ways in descending order (my opinion):
Apache conf (mostly in /etc/apache2/apache2.conf)
.htaccess - file
in the index.php or the used backend script/code
(- could be even done in the frontend with javascript files but for that the page must be loaded and then will be redirected.. So nothing somebody should use)
Problem solved. I added one line in my Silex application's entry index.php to require HTTPS access, which is meant to be locally tested only.
I am currently migrating my website from Apache to nginx, but my .htaccess file is not working. My website is inside the /usr/share/nginx/html/mywebsite folder. How can I use .htaccess in my nginx server?
This is my .htaccess file:
RewriteEngine on
RewriteRule video/watch/([a-zA-Z0-9_#$*-]+)/?$ "videos-single.php?id=$1" [NC]
Nginx doesn't support .htaccess (see here: "You can’t do this. You shouldn’t. If you need .htaccess, you’re probably doing it wrong.").
You've two choices (as I know):
import your .htaccess to nginx.conf (maybe the htaccess to nginx converter helps you)
use authd-htpasswd (I didn't try it)
Disclosure: I am the author of htaccess for nginx, which is now open source software.
Over the past years, I created a plugin which implements htaccess behaviour into nginx, especially things like RewriteRule, Allow and Deny, which can be crucial for web security. The plugin is used in my own productive environments without a problem.
I totally share the point of efficiency and speed in nginx, and why they didn't implement htaccess.
However, think about it. You cannot make it worse if you're using nginx plus htaccess. You still keep the great performance of nginx, plus you can drive your legacy appliances effortlessly on one webserver.
This is not supported officially in nginx. If you need this kind of functionality you will need to use Apache or some other http server which supports it.
That said, the official nginx reasoning is flawed because it conflates what users want to do with the way it is done. For example, nginx could easily check the directories only every 10 seconds / minute or so, or it could use inotify and similar mechanisms. This would avoid the need to check it on every request... But knowing that doesn't help you. :)
You could get around this limitation by writing a script that would wait for nginx config files to appear and then copy them to /etc/nginx/conf.d/. However there might be some security implications - as there is no native support for .htaccess in nginx, there is also no support for limiting allowed configuration directives in config files. YMMV.
Using the config file is one option, but the cool thing about the .htaccess file is that it provided a way for a web developer to have some control over server settings without having root access to the server. There doesn't seem to be anything like this on nginx which is a real bummer.
I understand how the way it's setup on apache slows down response times, but hoped there could be an nginx way to do the same thing without the performance hit... At least a way to do rewrites with regex on urls if nothing else.
"Is there no nginx way to do bulk redirects using regular expressions that doesn't slow down response times."
Just edit your database with myphpmyadmin.
Open myphpmyadmin select your database then find your "yourprefix_Posts" table.
Open it then click the "Search" tab, then "Find and Replace".
Select "post_content" in the dropdown
In the "Find" field, type URL you want to change: "website.com/oldURL".
In the "Replace" field, type the new URL: "website.com/newURL".
(To use regular expression, tick the "Regular Expression" box.)
NOTE: You can test this out by simply leaving the "Replace" field blank.
ALWAYS BACKUP database before making changes. This might sound scary but its really not. Its super simple and can be used to quickly replace just about anbything.
I want to know if my Apache server uses .htaccess files or not. If it uses them, then why and how?
How can I know if my Apache server is using .htaccess or not?
Thank you.
As for why, it's a convenient way for shared-hosting providers to give some access to users who would like to set some configuration options. You obviously wouldn't want everyone to have access to the main configuration file for security purposes. It's also useful for development purposes since you can set different options for different directories.
As for how Apache uses the file, I recommend reading the documentation.
As for how to know if Apache is using .htaccess files, it most likely is. I've yet to meet a shared hosting provider that doesn't. And if you are running your own server, I assume you would know how you set it up. Worst case scenario, you could follow this advice from the docs:
A good test for this is to put garbage in your .htaccess file and reload the page. If a server error is not generated, then you almost certainly have AllowOverride None in effect.