I am trying to block accessing the ssl token via a link to /.well-known/acme-challenge/abc
I tried by putting a re-write in the .htaccess file.
RewriteEngine On
RewriteRule ^\.well-known\/acme-challenge\/ /404.php [R=301,L]
However, instead of doing a redirect on /.well-known/acme-challenge/abc , the ssl certificate is still displayed.
How do I prevent access to /.well-known/acme-challenge/abc ?
Check this post
Something like :
RedirectMatch 403 \/abc$
Btw, why are you trying to hide the SSL certificate?
As it said here,
you don't need to hide the certificate at all. The certificate only contains the public key and additional info of the owner (in this case the server). It shouldn't contain any private information. What you need to do is to store the certificate in such a way that you can trust the origin of the certificate.
Happy coding!
Try:
#turn on mod_rewrite
RewriteEngine On
#see if the url is ...
RewriteCond %{REQUEST_URI} ^\/\.well-known\/acme-challenge\/
# redirect to 404.php
RewriteRule ^ 404.php [R=302,L]
or, if you don't want to externally redirect in the browser:
#turn on mod_rewrite
RewriteEngine On
#see if the url is ...
RewriteCond %{REQUEST_URI} ^\/\.well-known\/acme-challenge\/
# send 404
RewriteRule ^ - [R=404,L]
# change to 403 if don't want 404
Related
I am very new to the idea of .htaccess and thought that it was what you used to do something like turn this:
http://www.domain.com/some/ugly/url/here.html
into this:
http://www.domain.com/niceurl
I was just told by my ISP that in order to get that to happen, no, it's done by putting the document into the web root folder. That .htaccess isn't used at all.
Does anyone know if this is true? I see a lot of examples about what .htaccess DOES but not so much about what it can't do. Somehow I thought this was all that was needed.
Lastly, if someone types in www.domain.com/niceurl what will happen? Don't I need to have that linked (if not by htaccess, how?!) to the location of the actual file?
Thank you for any and all help. I realize that .htaccess questions abound but they're hard to pick through for the layperson and I'm hoping to answer this specific question.
Here's what I believe should be an answer you want, put the block below to your .htaccess
Answer:
## Enabling Apache's Mod_rewrite module.
RewriteEngine On
# Following line is required if your webserver's URL is not directly related to physical file paths (just / for root, e.g. www.domain.com/)
RewriteBase /
# Restricts rewriting URLs only to paths that do not actually exists
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
# Redirect www.domain.com/bar to www.domain.com/foo
Redirect 301 /bar /foo
# Internally load the long URL without changing URL in address bar
RewriteRule ^foo/?$ http://www.domain.com/some/ugly/long/thing/here.html [L,NC]
As a result, www.domain.com/bar will be redirected to www.domain.com/foo and /foo will internally load http://www.domain.com/some/ugly/long/thing/here.html
FYI:
Your website's URL doesn't have to be directly related to physical file paths. Your URL's segment can be served as alias to your URL's parameters. for e.g,
http://www.domain.com/index.php?key1=value1&key2=value2
can be represented as
http://www.domain.com/value1/value2
Note: you need to implement a server side script to be served as a
router to manipulate the URL segments.
For more information about using .htaccess, check this out
Ref: http://htaccess-guide.com/
.htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer. These facilities include basic redirect functionality, for instance if a 404 file not found error occurs, or for more advanced functions such as content password protection or image hot link prevention.
Below is a few examples,
# Custom Error Pages for Better SEO,
# for e.g, to handle 404 file not found error
ErrorDocument 404 http://www.domain.com/404page.html
# Deny visitors by IP address
order allow,deny
deny from 122.248.102.86
deny from 188.40.112.210
allow from all
# Redirects
Redirect 302 /en/my-dir/my-page.html /en/my-path/example.html
# Disallow some silly bots from crawling your sites
RewriteCond %{HTTP_USER_AGENT} (?i)^.*(BlackWidow|Bot\\ mailto:craftbot#yahoo.com|ChinaClaw|Custo|DISCo|Download\\ Demon|eCatch|EirGrabber|EmailSiphon|EmailWolf|Express\\ WebPictures|ExtractorPro|EyeNetIE|FlashGet|GetRight|GetWeb!|Go!Zilla|Go-Ahead-Got-It|GrabNet).*$
RewriteRule .* - [R=403,L]
# Setting server timezone
SetEnv TZ America/Los_Angeles
# trailing slash enforcement,
# e.g, http://www.domain.com/niceurl to http://www.domain.com/niceurl/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !#
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ http://www.domain.com/$1/ [L,R=301]
Enable mod_rewrite and .htaccess through httpd.conf (if not already enabled) and then You can use this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteRule ^niceurl/?$ some/ugly/url/here.html [L,NC]
This will allow you to use http://domain.com/niceurl in your browser and it will internally load http://domain.com/some/ugly/url/here.html without changing URL in browser.
If you also want to force redirection from ugly URL to pretty URL then add this redirect rule just below RewriteEngine On line:
RewriteCond %{THE_REQUEST} \s/+some/ugly/url/here\.html [NC]
RewriteRule ^ /niceurl [R=302,L,NE]
I am attempting to redirect a development site that has been indexed by search engines to a specific category in the new live site.
The development site URL was:
http://staging.mydomain.com.au/
There are multiple page url's after the domain so I'd like to redirect all of these to the same new URL.
E.g.
http://staging.mydomain.com.au/essential_grid/
http://staging.mydomain.com.au/feed/
The new url is, where "/portfolio/" is where I need the old URLs redirected to:
http:www.mydomain.com.au/portfolio/
While I'm not receiving any error messages, staging.mydomain.com.au is
not redirecting to www.mydomain.com.au/portfolio/
This is a snippet of what I have in my .htaccess file at present:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^staging.mydomain.com.au$
RewriteRule ^(.*)$ http://www.mydomain.com.au/portfolio [R=301,L]
</IfModule>
Any help would be greatly appreciated.
UPDATE: It seems (from comments) that staging. no longer exists - that's the problem! staging. needs to exist (ie. the DNS must resolve) so that the request gets to your server in order to do the redirect. If staging. does not exist then the initial request will simply fail (the browser will fail to lookup the domain and you'll get a DNS error).
You need to recreate the staging subdomain (even with no files) and then implement the redirect below.
Your RewriteRule actually looks OK - assuming you are wanting to redirect all those URLs to the single /portfolio URL. However, the order should perhaps be changed to have the redirect before the internal rewrite. RewriteEngine only needs to be included once and you don't need RewriteBase in the code you have posted. So, this should be rewritten as:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_HOST} ^staging\.mydomain\.com\.au$
RewriteRule ^ http://www.mydomain.com.au/portfolio [R=301,L]
^(.*)$ is reduced to simply ^ since you don't need to capture the URL for a backreference in the substitution.
I've also removed the other RewriteRule as it doesn't appear to be doing anything?
Also note that 301 redirects are cached by the browser, so make sure that you clear your browser cache between failed attempts. It can be easier to test with 302 temporary redirects for this reason.
I am running Apache/2.2.15 on Centos 6.6 and am using a free certificate from StartCom. My home page file is /var/www/index.php so I create a file /var/www/.htaccess with the following content, as suggested here.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
However, entering
myWebSite.com
in the URL box brings up my site in http protocol. If I enter
https://myWebSite.com
instead, I get my site in https protocol. My goal is to get my site in https protocol by simply entering
myWebSite.com
and I cannot see why the .htaccess file is not effecting that.
It doesn't appear that your .htaccess file is being read. So make sure you have AllowOverride All in your config.
Also for your rules, I wouldn't use SERVER_NAME, that isn't always set and sometimes is not correct. I would either use HTTP_HOST variable or your actual domain name. You also should specificy 301 for your redirect because without it 302 is default. You want this to be a permanent redirect.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !^on [OR]
# This checks to make sure the connection is not already HTTPS
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^/?(.*)$ https://example.com/$1 [R=301,L]
I also made it where it would remove the www since you don't show your are using it.
I've been trying to limit access to a specific subdomain via the server port, e.g. it can only be accessed from subdomain.domain.com:8443 and no other ports.
I'm currently using hostgator for my webhost, and it's already been setup such that subdomain.domain.com points to the correct subdirectory.
Now in the htaccess file, I'm currently trying this:
Options +FollowSymLinks
RewriteEngine on
RewriteBase /subdomain
RewriteCond %{SERVER_PORT} !^8443$
RewriteRule ^ - [F]
RewriteCond %{SERVER_PORT} ^8443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/subdomain/$1 [R=301,L]
As far as the blocking of other ports goes, it seems to work since accessing either subdomain.domain.com or www.domain.com/subdomain, I get a 403 forbidden page. But I can't get it to load the normal content correctly when I do access it via subdomain.domain.com:8443 or www.domain.com:8443/subdomain. Am I doing the rewrite conditions and rules correctly?
Thanks!
The R=301 tells the server to do a redirect, not a (silent) rewrite. So, when you load via 8443, the user is redirected to http://%{HTTP_HOST}/subdomain/$1 without the port 8443 specification and they are then blocked by the first rule. If you do a curl -I on subdomain.domain.com:8443 you should see the 301 redirect code rather than 200.
Remove the R=301 and remove the full domain specification in the final RewriteRule to leave:
RewriteRule ^(.*)$ subdomain/$1 [L]
This should do a silent rewrite of the content.
Can't find this for the life of me. We have the indexes protected so if someone goes to CDNdomain.com/1/ they won't see anything unless they do CDNdomain.com/1/something.jpg. When they visit /1/ they are presented with a 403 Forbidden error. What I would like to do is when they are shown a 403 Forbidden error to instead redirect them to ourRealdomain.com.
Any ideas?
You can try something like this in the htaccess file in the document root of CDNdomain.com:
RewriteEngine On
# make sure this is the right host
RewriteCond %{HTTP_HOST} cdndomain.com$ [NC]
# make sure this is a request for an existing directory
RewriteCond %{REQUEST_FILENAME} -d
# redirect
RewriteRule ^(.*)$ http://ourRealdomain.com/ [L,R=301]
Note that this will also redirect /: http://CDNdomain.com/ to http://ourRealdomain.com/. If you want to avoid that, change the regex match from ^(.*)$ to ^(.+)$. If you want to put these rules in the vhost config for the CDNdomain.com, add a slash after the ^: ^/(.+)$.