Handle missing value in URL via htaccess - .htaccess

I am trying to find a way to avoid 500 server errors when a URL is broken and therefore either does not match or breaks an htaccess rule
For example,
https://www.acme.com/directory/url/123/123
This is a valid URL - but sometimes it comes through as
https://www.acme.com/directory/url//123
and this breaks and gives a 500 error.
In htaccess the redirect rule for this is
RewriteRule ^url/([0-9]+)/([0-9]+) /directory/url.php?id=$1&request_id=$2 [L]
To try to combat this I have added:
RewriteCond %{REQUEST_URI} ^(.*)/{2,}(.*)$
RewriteRule . /errors/unexpected-error.php?url=%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The weird thing is this works on my local but not on live (on local it redirects to unexpected-error but on live in shows a 500 error) so I am not sure if this is a config thing on live or something I am not spotting in my htaccess.
Of course, we are trying to avoid this in the first place by making sure the email containing the URL can never be sent without both values etc but it relies on setup by the customer so we are getting through all possible scenarios
Is there another way of handling this?

Related

Why htaccess not working for mobile browser?

I have website (mzadkm.com) try to RewriteRule short url to app.php page .
So if user browse "mzadkm.com/app" will show "mzadkm.com/app.php" page
RewriteRule ^/app /app.php [L,R=301]
It's work on Computer , but on mobile browser give me 404 page
Any ideas
That probably is what you are looking for:
RewriteRule ^/?app /app.php [L]
The documentation clearly says, that the pattern in a RewriteRule get's applied to the relative path of the request if the rule is implemented inside a distributed configuration file. That means you actually want to match the path app and not /app here. Which is why your rule did not get applied. The ^/?app is a variant to accept both path notations, relative and absolut, which means the same rule can get implemented in the central configuration or likewise in a distributed configuration file (".htaccess").
I took the liberty to also remove the external redirection you showed ("R=301") since that most likely is not what you want, according to the phrasing of your question. Instead you want an internal rewrite .
You need to take care however that you do not implement a rewriting loop. Which would result in failing requests and an "internal server error" (http status 500).
One approach would be that:
RewriteEngine on
RewriteRule ^/?app$ /app.php [L]
Here another one:
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/?app /app.php [L]
Why things looked fine on your computer, but not on a mobile browser is unclear. Since the same rules get applied and the requests look the same there has to be another reason for that. I suspect you looked at a cached result of a previous attempt somewhere. Remember to always use a fresh anonymous browser window when testing. And to check the response you receive back inside your browsers network console.

Block specific url with ? with htacess

Firstly, I can't get the correct code looking at other post here, not working for me hahahaha.
I would like to block this specific url: /2017/06/wonder-womannuestra-princesa-feminista.html?m=1 (Related to an old blogger url)
Don't know why but different ips, without referrer and user agent, are spamming (not a real visit cause after a redirection to the new one on WordPress they visit all the links in the url) my site always entering by this url and I would like to block ONLY this one.
I've tried to redirect this one with Redirection plugin but I have a redirection to all "?m=(*)" and this one is the one working, not the one related to the specific url.
I just used : RewriteCond %{REQUEST_URI} ^/2017/06/wonder-womannuestra-princesa-feminista.html?m=1 but it doesn't work.
Could you help, I think the problem is that I'm not witting the correct code due to the "?" character. Many thanks.
With your shown samples, attempts considering that you need to block url(mentioned in comments/question), if this is the case then try following. This rule will forbid this specific url from being accessed.
Please these rules at top of your .htaccess file. Make sure to clear your browser cache before testing your URLs.
RewriteEngine ON
RewriteCond %{THE_REQUEST} \s/2017/06/wonder-womannuestra-princesa-feminista\.html\?m=1 [NC]
RewriteRule ^ - [F,L]

htaccess: act as if files were in another directory, but RewriteRules seem to be mutually exclusive

For files in several subdirectories of /data/, I would like to treat them (and the files inside them) as if they were in the root directory.
So,
1) a request to
/data/foobar/file.png
should redirect the browser to
/foobar/file.png
2) any requests to
/foobar/file.png
should respectively deliver the file /data/foobar/file.png, but without redirection.
For 1) I got the following rule working
:
RewriteCond %{REQUEST_URI} ^(.*)?data/((foobar|and|some|other|subdirs)/.*)$
RewriteRule .* %1%2 [R=301,L,qsappend]
(I took this approach usind a RewriteCond with %x references in order to be subdirectory-agnostic, as in my dev environment the page is located in a subdirectory as opposed to the live system where it's in the root of the domain.)
And for 2) the following rule does the trick:
RewriteRule ^((foobar|and|some|other|subdirs)/.*)$ data/$1 [L,qsappend]
However, these rules only work if I enable one at a time. If I enable both of them at the same time, the browser will abort the request with a "too many redirects" error. The redirect from /data/* to /* will work, but then end in the aborted request just the same as calling the URL without /data/*.
I'm having a hard time understanding why this is happening. It would be totally logical if both rules actually triggered a redirect. But as far as my understanding of htacccess goes (and the Network tab of the dev console seems to confirm that conception), the client shouldn't even know for case 2) that the file is not actually there. So why does this apparently still count towards the redirection limit?
Is there something fundamental I'm missing? And how can I achieve what I'm trying to achieve?
This is because you first redirect and then rewrite the same Uri . Your second rule is conflicting with with the first one.
You need to match against %{THE_REQUEST} instead of %{REQUEST_URI} to avoid the redirect loop
RewriteCond %{THE_REQUEST} \s(.*)?data/((foobar|and|some|other|subdirs)/.*)\s
RewriteRule .* %1%2 [R=301,L,qsappend]
RewriteRule ^((foobar|and|some|other|subdirs)/.*)$ data/$1 [L,qsappend]

Preserve Requested Protocol in Sub-Directory with .htaccess

We have a http > https redirect on our 'top' level:
example.com/top/
Now for a sub-directory of /top/:
example.com/top/sub/
I want to preserve whatever protocol is requested there.
So if it's http://example.com/top/sub/this.php I want it to stay as 'http'
And if it's https://example.com/top/sub/this.php I want it to stay as 'https'
Currently I have an .htaccess file in the /top/sub/ directory with:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,END]
Which is doing exactly what I need it to be doing, so in terms of all the requests being sent to the sub-directory it's perfect.
The issue is I'm getting an error message in the error_log reporting this:
[REWRITE] detected external loop redirection with target URL: http://example.com/top/sub/this.php, skip.
I understand why I'm getting this message, because every time a HTTP request is made it's matching this condition, I just don't know how to stop it. I tried using the 'END' parameter to force only one redirect - but this doesn't seem to be working, or at least not working the way I expected it to.
All I want is for the protocol to remain the same as requested for /top/sub/ - the issue is the /top/ redirect sending everything to HTTPS.
Is this possible?
I would be interested to know if there is actually a way to preserve a protocol without creating a loop, however I was able to achieve what I was after by just adjusting the redirect in /top/ to only redirect pages that didn't match /top/sub/ - I really should have thought of that as a solution earlier.
Hope that can help someone.

Redirects not working as expected

I have an .htaccess file with several lines. It does not work as expected. Mod_rewrite is enabled. RewriteLogLevel is set to 9.
The first two rules are there to forbid uris with a length more then 80 characters:
RewriteCond %{REQUEST_URI} ^.{80}
RewriteRule .* - [F]
It does not seem to get evaluated as every test url passes through and it does not generate an error either.
I also tried:
RewriteRule .{80} - [F]
But that did not do the trick either. The process ends with a 404, not a 403.
This next rule is not working either. It used to work.
RewriteRule ^(\/)?([\w]+)$ /index.php [L]
The URI /Contact was always handled by this index.php.
Whatever URL I type I get a 404. I should get a 403 or a 200. Not a 404. What am I missing?
Apache has on all directories the permission to read, write and execute and on all files the permission to read and write.
The two urls for testing are:
127.0.0.4/asssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssddddddddddddddddddddd?p=s&s=psv
and
127.0.0.4/Contact
The alias for 127.0.0.4 used is considerate.lb.
Try this rule instead:
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/+\S{80}
RewriteRule ^ - [F]
Using THE_REQUEST instead of REQUEST_URI as that variable might get overwritten due to presence of other rules in your .htaccess
Finally I have found a solution. The problem was not in the coding of the .htaccess. I replaced the file with a previous version, added the new lines to test the request and it worked all fine.
It is not a satisfactory solution, because it can happen again and I do not have any clue what caused the error. If someone knows the error, I would love to hear what might have been the exact cause and how to solve that properly. I would like to change the tags of the question as the current tags might be misleading (although other people might experience the same problem how apache handles a .htaccess file), but I do not know which tags I should use.

Resources