My website has a file: www.mydomain.com/contact.php
If I request any of the following (which do not exist), apache serves the contact.php page.
www.mydomain.com/contact
www.mydomain.com/contact/
www.mydomain.com/contact/anything/else/here
How can I determine what part of the apache config to change to disallow this?
The apache server is running on a CentOS 5 box if that makes any difference.
This is called MultiViews.
A .htaccess file or modifying your httpd.conf with Options -MultiViews should do the trick.
Related
I'm using Joomla 2.5 and Apache and I have followed this steps:
1- mod_rewrite module is eneabled? YES
2- htaccess.txt renamed to .htaccess
3- set "Use URL Rewriting" to YES.
And this is what I get:
Not Found
The requested URL /about-us was not found on this server.
The web is located in /var/www/
The .htaccess is located in /var/www/
And this is my .htaccess: http://pastebin.com/dq1TYs1t
Thanks for the help.
Since you said allowoverride was set to none, your .htaccess file will be ignored. You need to set allowoverride to all the other option is leave allowoverride at none, and take the contents of the .htaccess file and incorporate it into your apache configuration file. This has the benefit of being slightly faster as apache doesn't need to look in directory tree for .htaccess files (they are really good to allow users that don't have access to the configs the ability to override the base settings, but if you have access to /var/www you should also have access to make changes to the config files.
There is no need to enable any mod_rewrite module.
Need to enable URL rewriting option in global configuration. Also need to rename htaccess.txt file to .htaccess.
please check there is no any third party component of security like admin tools are enable or installed which is blocking this mod rewrite option.
I'm in the unfortunate position of having an Apache staging server combined with a Zeus web server. (Not my choice).
I'd like to be able to include a Zeus-specific directive in the .htaccess file (e.g. ContentCompressionEnabled) and, if possible, include the Apache equivalent (AddOutputFilterByType DEFLATE) in the same file too.
Is there a way of doing this which doesn't involve separate .htaccess files for Zeus and Apache?
Only in 2.4, where there is an Nonfatal option to AllowOverride.
If I understood correctly, you can use httpd.conf file do this configuration for all requests. .htaccess file configurations effect only requests to where the file located.
You could put any Apache only directives into either Apache's main httpd.conf file, or the sites vhost config file - along with AllowOverride None.
This would mean that Apache would get all it's config info from there and ignore any .htaccess files completely.
You could then place anything you wanted in the .htaccess files, including all the Zeus config you need - and Zeus would be configured only from there - thus separating the two configs.
I am a beginner to Zend framework and I want to know more about the .htaccess file and its uses. Can somebody help me?
I found an example like this:
.htacess file
AuthName "Member's Area Name"
AuthUserFile /path/to/password/file/.htpasswd
AuthType Basic
require valid-user
ErrorDocument 401 /error_pages/401.html
AddHandler server-parsed .html
It's not part of PHP; it's part of Apache.
http://httpd.apache.org/docs/2.2/howto/htaccess.html
.htaccess files provide a way to make configuration changes on a per-directory basis.
Essentially, it allows you to take directives that would normally be put in Apache's main configuration files, and put them in a directory-specific configuration file instead. They're mostly used in cases where you don't have access to the main configuration files (e.g. a shared host).
.htaccess is a configuration file for use on web servers running the
Apache Web Server software.
When a .htaccess file is placed in a directory which is in turn 'loaded via the Apache Web Server', then the .htaccess file is detected and executed by the Apache Web Server software.
These .htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer.
These facilities include basic redirect functionality, for instance if a 404 file not found error occurs, or for more advanced functions such as content password protection or image hot link prevention.
Whenever any request is sent to the server it always passes through .htaccess file. There are some rules are defined to instruct the working.
Below are some usage of htaccess files in server:
1) AUTHORIZATION, AUTHENTICATION: .htaccess files are often used to specify the security restrictions for the particular directory, hence the filename "access". The .htaccess file is often accompanied by an .htpasswd file which stores valid usernames and their passwords.
2) CUSTOMIZED ERROR RESPONSES: Changing the page that is shown when a server-side error occurs, for example HTTP 404 Not Found.
Example : ErrorDocument 404 /notfound.html
3) REWRITING URLS: Servers often use .htaccess to rewrite "ugly" URLs to shorter and prettier ones.
4) CACHE CONTROL: .htaccess files allow a server to control User agent caching used by web browsers to reduce bandwidth usage, server load, and perceived lag.
More info : http://en.wikipedia.org/wiki/Htaccess
You are allow to use php_value to change php setting in .htaccess file. Same like how php.ini did.
Example:
php_value date.timezone Asia/Kuala_Lumpur
For other php setting, please read http://www.php.net/manual/en/ini.list.php
Htaccess is a configuration file of apache which is used to make changes in the configuration on a directory basis.
Htaccess file is used to do changes in functions and features of the apache server.
Htaccess is used to rewrite the URL.
It is used to make site address protected.
Also to restrict IP addresses so on particular IP address site will not be opened
You can think it like php.ini files sub files.. php.ini file stores most of the configuration about php like curl enable disable. Where .htaccess makes this setting only for perticular directory and php.ini file store settings for its server' all directory...
It is not so easy to give out specific addresses to people say for a conference or a specific project or product.
It could be more secure to prevent hacking such as SQL injection attacks etc.
.htaccess file create in directory /var/www/html/.htaccess
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
</IfModule>
What
A settings file for the server
Cannot be accessed by end-user
There is no need to reboot the server, changes work immediately
It might serve as a bridge between your code and server
We can do
URL rewriting
Custom error pages
Caching
Redirections
Blocking ip's
I had mod_rewrite set on my server to rewrite a url like the following
http://www.example.com/1
to
http://www.example.com/index.php?show=1
In order words a URL shortern. Everything was working fine when the system was running under a sub-domain on my development site, but now it just generates a Not Found error, although if I manually enter the url /index.php?show=1 it works fine.
So the only changes is the urls switching from
http://www.site.example.com
to
http://www.site.com
however it's still running on the same server and the same sub-folder inside public_html on the server just the new domain name has been pointed to that folder.
The folder it's stored in is /public_html/paste
The full .htaccess file running in the directory is
# Set Default File
DirectoryIndex index.php
# Turn ReWrite Engine On
RewriteEngine on
# Create Rule To Write URLs To Shorter Versions
RewriteRule /([a-z0-9]+) /index.php?show=$1
I can't enable RewriteLog as the hosting doesn't allow it for some reason.
It sounds like the AllowOverride directive is not properly set for that folder. In your Apache configuration, you should make sure that the Directory or Vhost you're using for the primary domain has the AllowOverride set to All
http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride
You probably need to specify the RewriteBase directive.
http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
I'll also note that Options +FollowSymlinks would be good to have in there too in case you ever turn it off further up the config chain (rewrite wont work without it).
I just installed a fresh copy of Drupal 6.19 to get to speed on how to write modules. But for some reason the rewrite module isn't working for Drupal.
What I have checked:
$ apachectl -M >> it is installed
php_info() on current server >> says rewrite is installed also
I also double-checked the .htaccess file in my Drupal root folder
UPDATE: checked httpd.conf for AllowOverride All
I'm out options here. Looked everywhere but the Drupal settings aren't letting me to enable the settings and their test is simply visiting a site that should work if the rewrite module was there.
My specs:
Mac OS X 10.6 Snow Leopard
Using built-in Apache with PHP5
Thanks!
Last but not least, you must authorize your virtual host or directory to use .htaccess.
AllowOverride All
Update:
I can't figure out your exact problem but it's always worth testing that Apache is actually parsing your .htaccess file. Make a syntax error on purpose and see if you get a 500 Internal Server Error message. Also, test mod_rewrite with a simple redirection rule that doesn't involve Drupal.
Two more things to check:
Verify that your .htaccess is readable for your apache processes (Yes, I read that you double checked it, but did that include the file permissions?)
Enable rewrite logging - this might give you some hints on where it fails. Start with a log level of 5 and increase/decrease as needed. (Don't forget to turn it off again later, as it is a huge performance hog ;)
Also, I'd try to simplify the test scenario - start with a simple rewrite directive in a vhost configuration. Once that works, move it to a .htaccess in the top-level of the vhosts document root, then to sub directories (if needed/used).
Make sure that if the install is in a sub-directory that the username is part of the rewriteBase
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
RewriteBase /~username/drupal**
If you running your Drupal installation in a sub-folder like: example.com/drupal, then enable "RewriteBase /" in your .htaccess file, it might help you.
A clean url could be something like www.example.com/fisherman instead of www.example.com/data/pages/fisherman.php
Some installations of apache have clean URL functionality out of the box. There are 2 steps that need to be configured correctly for it to work.
Enable rewrite module
Allow .htaccess file overrides
Both steps require SSH root access to your server. So if you are on shared host this probably won't work for you. Open your terminal:
Enable rewrite module
To enable the rewrite module, you can type the following command
sudo a2enmod rewrite
Now type
sudo service apache2 restart
to enable the changes. You can check if it’s working by typing
sudo apache2ctl –M
A list will appear. Look for “rewrite_module”.
http://codeontrack.com/enable-clean-urls-apache/
Look for this Line in your httpd.conf file
#LoadModule rewrite_module modules/mod_rewrite.so
If commented
Just uncomment it restart apache server then try enabling in drupal administer Clean URL Section
I added the following to my .htaccess file and it was solved. My problem was specifically hapening with Rackspace / CentOS image
Options -MultiViews
As Álvaro G. Vicario mentioned, the first thing to do is at the top of the .htaccess file add something like ghfdiddfdjf which should throw an internal error. If it doesn't, you know the .htaccess file isn't being read. Mine wasn't, and I found the following fix:
In the etc/apache2/sites-enabled folder, there was a file called default-000. It was in this file that I changed AllowOverride All in 2 places in the file.