I'm writing a script that will alter the roots .htaccess file to block user agents (yandex in this example). I wrote it to use the setenvif command but it wasn't working. Via another post here I was told it was because a redirect prior to the command was causing it to fail due to the .htaccess file being reloaded. I added a rewritecond statement to do the block and it worked. If I place the setenvif statement at the top of the file it also works correctly.
In researching this others have stated that mod_rewrite is handled before mod_alias but I can't find any mention of when mod_setenvif is handled. There also seems to be little information regarding the order of things in the .htaccess file in general. Below is an example of the things in my .htaccess file. Even as a novice I can see it is not ordered well.
But before I deal with that I wanted to see where to properly place the setenvif statement?
And am I correct in assuming that any setenvif, rewritecond and deny statement that causes a block or redirect to another site should be placed at the top?
Options +FollowSymLinks -Indexes
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "WOW32" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "WOW64" [NC]
RewriteRule ^(.*)$ - [F]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
redirect 301 /about_us.php https://example.com/about.html
<Files test.html>
order allow,deny
</Files>
<FilesMatch "\.(inc|tpl|h|ihtml|sql|ini|conf|class|bin|spd|theme|module|exe)$">
</FilesMatch>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
</IfModule>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/javascript
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</IfModule>
ErrorDocument 400 /server_error.php?id=400
order allow,deny
deny from 1.2.3.4/32
allow from all
SetEnvIfNoCase User-Agent "^yandex$" my_block
<IfModule !authz_core_module>
Order Allow,Deny
Allow from ALL
Deny from env=my_block
</IfModule>
RewriteCond %{HTTP_USER_AGENT} ^.*(yandex).*$ [NC,OR]
Related
I have a website that currently has a WordPress blog. I want to move the blog into /blog and make the static page the new "root".
That's easy in terms of FTP, just moving folders along.
However, I'd love to get anything that would normally be 404 to get redirected to the /blog part so content doesn't get lost on the migration.
Is this doable with .hatccess?
Current .htaccess file:
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
# Indexes
Options All -Indexes
# REDIRECT https
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
# BEGIN WordPress
# Dynamically generated by WP
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# BEGIN FileETag MTime Size
<ifmodule mod_expires.c>
<filesmatch "\.(jpg|gif|png|css|js)$">
ExpiresActive on
ExpiresDefault "access plus 1 year"
</filesmatch>
</ifmodule>
# END FileETag MTime Size<!--formatted-->
# Protecting htaccess
<files .htaccess>
order allow,deny
deny from all
</files>
# Protecting wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>%
Assuming the "current .htaccess file" you have posted is the .htaccess file you intend to move to /blog/.htaccess. In which case you will need to change it as follows:
#DirectoryIndex index.php index.html
#Options +FollowSymLinks
# Indexes
Options All -Indexes
# REDIRECT https
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^ https://example.com%{REQUEST_URI} [R=301,L]
# BEGIN WordPress
# Dynamically generated by WP
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
# END WordPress
# BEGIN FileETag MTime Size
<ifmodule mod_expires.c>
<filesmatch "\.(jpg|gif|png|css|js)$">
ExpiresActive on
ExpiresDefault "access plus 1 year"
</filesmatch>
</ifmodule>
# END FileETag MTime Size<!--formatted-->
# Protecting htaccess
<files .htaccess>
order allow,deny
deny from all
</files>
# Protecting wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>
Notable changes:
Changed HTTP to HTTPS redirect to use the REQUEST_URI server variable instead of a backreference. With it being in a subdirectory (blog), the subdirectory would otherwise be omited from the redirect to HTTPS.
Commented out (removed) the RewriteBase directive. This is not required here, but if you did need to set this, it should be set to RewriteBase /blog.
Removed the slash prefix on the RewriteRule substitution string. ie. Changed this RewriteRule . /index.php [L] to this RewriteRule . index.php [L]
Without the RewriteBase defined, this is now relative to the current directory, ie. /blog. Without having to explicitly state the /blog directory.
You had an erroneous % at the end of the file?
I'd love to get anything that would normally be 404 to get redirected to the /blog part so content doesn't get lost on the migration.
This can perhaps be refined if we know the format of your original URLs, however, we basically need to redirect any request for anywhere outside of the /blog subdirectory - that would trigger a 404 - to be redirected to the /blog subdirectory.
You need to create a new .htaccess file in the document root with the following:
RewriteEngine On
# Redirect any 404s back to the "/blog" directory
RewriteRule %{REQUEST_FILENAME} !-f
RewriteRule %{REQUEST_FILENAME} !-d
RewriteRule !^blog/ /blog%{REQUEST_URI} [R=301,L]
The above would redirect a request for /foo to /blog/foo. But a request for /blog/bar would not be touched by this directive and routed through WordPress as normal (probably resulting in a 404 generated by WordPress).
You should first test with a 302 (temporary) redirect to avoid potential caching issues and only change to a 301 (permanent) redirect once you have confirmed it works as intended.
Try using the ErrorDocument directive
ErrorDocument 404 /blog
Cant seem to get a redirect to work. Please consider the following:
/poles/foobar.html
/poles/foobar/doodaa.html
/poles/foobar.html?qparam=123
/poles/foobar/doodaa.html?qparam=123
/poles/foobar.html?qparam=123&cat=444
/poles/foobar/doodaa.html?qparam=123&cat=444
My current rule (i know it wont catch all the above...but I cant even get it to catch any of them)
RewriteCond %{THE_REQUEST} ^/poles
RewriteCond %{THE_REQUEST} ^\.html$
RewriteRule (.*) /poles/ [R=301,L]
How could I catch all possible url scenarios? They would all start with /poles/ and end in .html ...or .html?queryparams
UPDATE, MY .HTACCESS FILE CONTENTS, MAGENTO2 SITE:
############################################
## overrides deployment configuration mode value
## use command bin/magento deploy:mode:set to switch modes
# SetEnv MAGE_MODE developer
############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
# Options -MultiViews
## you might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini
############################################
## this line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## default index file
DirectoryIndex index.php
<IfModule mod_php5.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_php7.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
## disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level
## SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
AddType 'text/html; charset=UTF-8' html
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
</IfModule>
###########################################
## Deny access to root files to hide sensitive application information
RedirectMatch 403 /\.git
<Files composer.json>
order allow,deny
deny from all
</Files>
<Files composer.lock>
order allow,deny
deny from all
</Files>
<Files .gitignore>
order allow,deny
deny from all
</Files>
<Files .htaccess>
order allow,deny
deny from all
</Files>
<Files .htaccess.sample>
order allow,deny
deny from all
</Files>
<Files .php_cs>
order allow,deny
deny from all
</Files>
<Files .travis.yml>
order allow,deny
deny from all
</Files>
<Files CHANGELOG.md>
order allow,deny
deny from all
</Files>
<Files CONTRIBUTING.md>
order allow,deny
deny from all
</Files>
<Files COPYING.txt>
order allow,deny
deny from all
</Files>
<Files Gruntfile.js>
order allow,deny
deny from all
</Files>
<Files LICENSE.txt>
order allow,deny
deny from all
</Files>
<Files LICENSE_AFL.txt>
order allow,deny
deny from all
</Files>
<Files nginx.conf.sample>
order allow,deny
deny from all
</Files>
<Files package.json>
order allow,deny
deny from all
</Files>
<Files php.ini.sample>
order allow,deny
deny from all
</Files>
<Files README.md>
order allow,deny
deny from all
</Files>
<Files magento_umask>
order allow,deny
deny from all
</Files>
# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php
################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
# ######################################################################
# # INTERNET EXPLORER #
# ######################################################################
# ----------------------------------------------------------------------
# | Document modes |
# ----------------------------------------------------------------------
# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
#
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
# HTML documents and not for the other resources.
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
# CUSTOM 301 REDIRECTS
# --------------------------------------------------------- ##
# Custom eyelets category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/eyelets-3.html?(.*)
RewriteCond %{query_string} ^cat=233
RewriteRule (.*) /eyelets/plastic-eyelets/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/eyelets-3.html?(.*)
RewriteCond %{query_string} ^cat=234
RewriteRule (.*) /eyelets/metal-eyelets/? [R=301,L]
# Custom poles category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/poles.html?(.*)
RewriteCond %{query_string} ^range=251
RewriteRule (.*) /poles/? [R=301,L]
# Custom track category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=104
RewriteRule (.*) /tracks/plastic-track/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=951
RewriteRule (.*) /tracks/metal-track/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=95&range=5391
RewriteRule (.*) /tracks/metal-track/vogue/? [R=301,L]
# Category url redirects
# -------------------------------------------------
Redirect 301 /poles.html /poles
Redirect 301 /track.html /tracks
Redirect 301 /curtrain-track.html /tracks
Redirect 301 /net-suspension-products.html /net-suspension
Redirect 301 /tiebacks-and-trimmings.html /tiebacks
Redirect 301 /brassware-1.html /brassware
Redirect 301 /eyelets-3.html /eyelets
Redirect 301 /blinds.html /blinds/retail-blinds
Redirect 301 /roman-blind-systems.html /blinds/roman-blind-systems
Redirect 301 /shower-rail-products.html /net-suspension/shower-rail-products
Redirect 301 /accessories-and-sundries.html /accessories
Redirect 301 /panel-track.html /tracks/metal-track/panel-track
Redirect 301 /valance-track.html /tracks/metal-track/aluminium-valance-rail
# Subcategory url redirects - DOES NOT WORK
# -------------------------------------------------
# eg: /poles/foobar.html
# eg: /poles/foobar/doodaa.html
# eg: /poles/foobar.html?cat=4
# eg: /poles/foobar/doodaa.html?cat=4
RewriteCond %{THE_REQUEST} ^/poles
RewriteCond %{THE_REQUEST} ^\.html$
RewriteRule (.*) /poles/? [R=301,L]
# Page/Section url redirects
# -------------------------------------------------
Redirect 301 /downloads /resources
Redirect 301 /about-us /about-us.html
Redirect 301 /specialoffers /blog
Redirect 301 /testimonials /blog
Redirect 301 /contact-us /contact
This seems to be what you're trying to achieve:
RewriteCond %{REQUEST_URI} ^/poles/.*\.html$
RewriteRule ^ /poles/? [R=301,L]
You nearly had it. The caret (^) means the start of the string, so needed removing on your second condition. They could also be combined. The query string isn't part of the match in REQUEST_URI so any query string will match. The question mark in the RewriteRule removes any query string.
I have a cPanel hosting account at Godaddy with an SSL for an addon domain. I need to rewrite http to https. The problem is that all methods of rewrite are loading from the webroot, not the folder containing the index or even the htaccess that has the rewrite rule. I know there are topics on this already on this forum but I have tried those suggested solution, that's how I have what you see in the code quote, and they did not work. Please do not arbitrarily close this thread.
webroot (loading this content / not desired)
|
target_directory (htaccess & SSL in question)
The following is the complete htaccess at the time of this post
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
#RewriteRule (.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteRule (.*)$ https://emeraldcoast\.rocks/$1 [R,L]
RewriteRule ^([a-zA-Z0-9\-_]+)$ index.php?page=$1
RewriteRule ^([a-zA-Z0-9\-_]+)/$ index.php?page=$1
<filesMatch ".(xml|txt|html|js|css)$">
ExpiresDefault A7200
Header append Cache-Control "max-age=290304000, public"
</filesMatch>
<filesMatch ".(xml|txt|html|php)$">
AddDefaultCharset utf-8
</filesMatch>
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</ifmodule>
Using a control panel especially cpanel takes control of the server and configures things a lot differently than a standard setup. Anyway, you might need add a rewritebase to your addon domain. Inside .htaccess for the addon domain change the rewritebase to your addon folder.
RewriteBase /target_directory
Here are all my rules with comments:
<Directory /home/*/public_html>
# prevent directory browsing
Options All -Indexes
# prevent access to htaccess files anywhere on the site
<Files .htaccess>
order allow,deny
deny from all
</Files>
# prevent DIRECT access to the /inc/ directory and its PHP files
<Files ~ "\.inc$">
order allow,deny
deny from all
</Files>
# custom error documents
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 500 /error/500.html
# security requirement of the rewrite engine
Options +FollowSymLinks
# turn on rewrite engine
RewriteEngine On
# remove PHP extension
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
</Directory>
and
<Directory /home/*/public_html/images>
# caching
<IfModule mod_expires.c>
ExpiresActive On
<FilesMatch "\.(jpg|jpeg)$">
ExpiresDefault "modification plus 1 year"
Header set Cache-Control: "public, max-age=31536000"
Header unset Last-Modified
</FilesMatch>
</IfModule>
# turn on rewrite engine
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
# if file cannot be found
RewriteRule ^.*$ /empty.jpg [NC,L]
</Directory>
Can I add these rules as they are to the bottom of my httpd.cnf? Or are there any mistakes? Or anything else I need to pay attention to? I don't want to screw anything up, even tho I'm just running my code on my localhost.
Any help would be appreciated. Thanks.
you can put them in httpd.cnf file! and they will work! The only thing you should pay attention is that to put them in right place(e.g in right site)
I am trying to make partners readable on the website i.e. http://domain.com/partners. but the pinnaclecart doesn't allow it to be readable or accessable on the browser. i created the directory partners so i could write the whole different files from the pinnaclecart.
inside .htaccess: you can see "partners" at the end.
EDIT II
RewriteEngine ON
RewriteRule ^homepage.html$ index.php
RewriteRule ^home.html$ index.php
<IfModule mod_headers.c>
Header unset ETag
FileETag None
<FilesMatch "(?i)^.*\.(ico|flv|jpg|jpeg|png|gif|js|css)$">
Header unset Last-Modified
Header set Expires "Fri, 21 Dec 2020 00:00:00 GMT"
Header set Cache-Control "public, no-transform"
</FilesMatch>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} ^$
RewriteRule ^((.)?)$ index.php?p=home [L]
RewriteCond $1 /var/www
RewriteRule ^(.+)$ / [L]
RewriteCond $1 !^(\#(.)*|\?(.)*|admin\.php(.)*|ses\/(.)*|ecc\/(.)*|index\.php(.)*|login\.php(.)*|\.htaccess(.)*|images\/(.)*|\.htaccess\.back(.)*|3cc4da-pinnacle_zend_3\.7\.7_sdk\.zip(.)*|dump\.sql(.)*|content\/(.)*|download\.php(.)*|readme\.txt(.)*|in_case_of_install\/(.)*|robots\.txt(.)*|images\.zip(.)*|partners\/(.)*)
RewriteRule ^(.+)$ index.php?url=$1&%{QUERY_STRING} [L]
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "\.(js|css|ico|flv|jpg|jpeg|png|gif)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
Why is it not accessable on the browser?
EDIT
is there no answer to this for solutions?
As people mentioned you may wish to post more of your .htaccess file to help debugging, but I couldn't help but notice that the last part of your regex reads:
partners\/(.)
This seems odd as it will only match single letter items in that directory. So I am not 100% sure its your problem but I suspect you intended that to read:
partners\/(.)*