I have nginx reverse proxying to apache and if I add "Deny from 111.111.111.111" to my htaccess it still allows them through as nginx doesn't forward the remote_addr ip of the visitor.
Is there a rule or something I can add to htaccess so if an the visitors ip address using "HTTP_X_REAL_IP" I can just redirect them to a static html page?
Something like this should work:
RewriteEngine On
RewriteCond %{HTTP:HTTP_X_REAL_IP} 111.111.111.111
RewriteRule (.*) - [F,L]
That rewrite rule will send them a 403 forbidden response without substituting another url. This should cause your default 403 error page to be shown.
You can specify your 403 error page using this:
ErrorDocument 403 /path-to-file
see: http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewritecond and http://httpd.apache.org/docs/2.0/mod/core.html#errordocument for more info.
Related
I am using htaccess config for allow only my IP:
order deny,allow
deny from all
allow from MY.IP
How can I redirect on 403 to another domain, for example when 403 -> go to www.google.com.
You can't send a 403 and redirect (3xx) in the same request. You do one or the other.
To redirect when the requesting IP is not your own then you would need to use mod_rewrite instead of mod_authz... as you are doing. For example, at the top of your .htaccess file:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !=203.0.113.111
RewriteRule ^ https://example.com/ [R,L]
Where 203.0.113.111 is your IP address and the https://example.com/ is the URL you want to send all other users to.
However, sending a 403 Forbidden is probably the better response.
I found a security related issue in apache 2.4. When i amtrying to hit the below link in the browser url-
http://example.com/aux/
http://example.com/cgi-bin/
http://example.com/com2/
http://example.com/com1/
I am getting:-
Forbidden 403
You don't have permission to access /com2 on this server.
How can i redirect from 403 permission denied to 402 page not found?
One of the many ways:
AliasMatch ^/(aux|cgi-bin|com1|com2)/ /doesnotexist
For Non-SSL (Keep inside httpd.conf and IfModule mod_rewrite.c)
RewriteRule /(com[1-9]|aux|con)/?$ /404 [L,NC]
For SSL (Keep inside httpd-ssl.conf and VirtualHost)
RewriteRule /(com[1-9]|aux|con)/?$ /404 [L,NC]
How do I configure Apache to redirect test.com to test.com/admin ?
I would prefer to use mod_rewrite but it is not required. All the posts I see on Apache redirection seems to focus on redirecting all uri's to a single uri.
With mod_rewrite, you can just do RewriteRule ^$ admin. That will redirect / to /admin.
I'm setting up a development server on one of my subdomains. I'm controlling access to the site using the visitor's IP address. When I see a visitor that is not authorized, I want to 301 redirect them to the main website. I've got a temporary solution using the following .htaccess directive:
ErrorDocument 403 http://www.mymainsite.com/
But my understanding is that's a 302 redirect. I want to do a 301.
In looking for a solution I came across the following:
RewriteCond %{HTTP:Authorization} !=""
RewriteRule ^$ http://www.mymainsite.com [R=301,L]
It does not appear to be working, however. Just for reference, I'm blocking on IP, not a login, so this are my settings:
Order deny,allow
Deny from all
Allow from 12.2.120.233
Anyone know how to get this working as a 301?
I've got a problem with a htaccess redirect.
What I like to do:
I want to redirect the link https://www.example.com/folder to https://www.example.com/folder/subfolder.
So normally I would use:
redirect /folder /folder/subfolder
But I've got the problem, that my browser is redirected to http://www.example.com:443/folder/subfolder. So no https but a nice :443 at the end. And the browser gives me an 404 error.
Does anybody has an idea how I can redirect the url correctly?
Thank you.
Try this instead:
redirect permanent /folder https://www.example.com/folder/subfolder
EDIT: If mod_alias isn't working for you you can try using mod_rewrite based rule like this:
Enable mod_rewrite and .htaccess through httpd.conf and then put this code in your .htaccess under DOCUMENT_ROOT directory:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteRule ^folder/?$ https://www.example.com/folder/subfolder [L,R=301,NC]