i have a simple htaccess with a simple rewrite rule
AddDefaultCharset UTF-8
#
# page.php
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^page/([^.]+)?$ page.php?slug=$1 [L,NC,QSA]
I use this rule to show static pages for a long time.
The last few months this simple rule is not working in some servers (cPanel and VirtualMin) and don't understand where the problem is.
The rule make the match and execute page.php script which is located in public_html but the slug variable is null.
I have found that if i rename the page.php to _page.php its working fine.
To be more clear
if the bold matches i get no slug
page/([^.]+)?$ page.php?slug=$1
if i use
_page/([^.]+)?$ page.php?slug=$1
page/([^.]+)?$ _page.php?slug=$1
page/([^.]+)?$ page99.php?slug=$1
everything works fine.
Of course i have and other rules that are working fine.Only this rule is failed.
Any help appreciated
It looks like MultiViews is probably enabled on these servers where it is not working (ie. the slug URL parameter is missing).
Disable MultiViews at the top of your .htaccess file:
Options -MultiViews
MultiViews is disabled on a default Apache install, however, some shared hosts do enable this in the server config for some reason.
MultiViews basically enables extensionless URLs out of the box. When MultiViews is enabled and you request /page (or /page/<something>) then mod_negotiation looks for a resource that maps to the same basename (ie. page) that would return the appropriate mime-type (ie. text/html). In other words it would look for files of the form page.php or page.html etc. This occurs before mod_rewrite is able to process the request, so the URL parameter (in your mod_rewrite directive) is missing, because the RewriteRule did not get processed (it doesn't match).
I have found that if i rename the page.php to _page.php its working fine.
Yes, because the requested URL page does not map to the basename of a physical file.
Related
Start by explaining what I'm trying to do:
I've got different pages on my website. Some pages have the same templates so I create one page with parameters to adapt my page: Parameters are called pageview and lang the URL looks like this:
http://mywebsite/home/en <- http://mywebsite/index.php?pageview=home&lang=en
http://mywebsite/page2/fr <- http://mywebsite/index.php?pageview=page2&lang=fr
for example. To dot that, I use the famous .htaccess file and it module rewrite_module for Apache.
I've got also a contact page with a different template. It URL looks like this and here there is only one parameter:
http://mywebsite/contact/fr <- http://mywebsite/contact.php?lang=fr
http://mywebsite/contact/en <- http://mywebsite/contact.php?lang=en
Here is my .htaccess code:
RewriteEngine On
RewriteRule ^contact/([a-zA-Z0-9]+)/?$ contact.php?lang=$1
RewriteRule ^([a-zA-Z0-9]+)$ index.php?pageview=$1 [QSA]
RewriteRule ^([a-zA-Z0-9]+)/([a-zA-Z0-9]+)/?$ index.php?pageview=$1&lang=$2 [QSA]
The problem is that .htaccess file work for the index.php but not for contact.php
I can fully access to contact.php but the parameter is not detected
Thanks for your help 😀😀 !
EDIT
If I remove index parts to stay only the contact rewriteRule's the problem stay there.
contact.php and index.php are in the root folder
RewriteRule ^contact/([a-zA-Z0-9]+)/?$ contact.php?lang=$1
It looks like you may have a conflict with MultiViews. If MultiViews is enabled then mod_negotiation will rewrite a request for /contact/fr to /contact.php (without any parameters) before mod_rewrite is able to process the request.
Try disabling MultiViews at the top of your .htaccess file:
Options -MultiViews
I have the following code block in my .htaccess file:
RewriteEngine on
RewriteCond %{REQUEST_URI} !^(.*)2021layout(.*)$
[other directories to omit, like assets and admin]
RewriteRule ^(.*) RESThandler.php
Basically I want certain directories to be processed normally, like 2021layout, while others use the REST handler. In the 2021layout directory, the member area is in the directory 2021layout/myaccount, and all css/js files are in 2021layout/assets/[whatever directory]. Both the assets and myaccount directories have permissions 0755.
On Friday, everything was working fine. Today, having changed nothing, pages in the 2021layout directory are working, and css and js files loaded by those pages are fine, but pages in the 2021layout/myaccount directory are trying to use the REST handler and getting redirected to my 404 page.
I have tried renaming both the 2021layout and myaccount directories, which didn't work. I have tried adding !^(.*)2021layout/myaccount(.*)$ as a RewriteCond, and that didn't work.
Why would this one specific directory suddenly stop obeying my htaccess instructions? Can I fix this?
Again, to reiterate: I didn't change anything to make this happen. It worked one day, and the next day it didn't, seemingly on its own.
EDIT: I have gotten the directory to work again by renaming the newly-created file settings.php to mysettings.php. So apparently the mere existence of settings.php within the directory was preventing it from loading correctly. Does anyone have any insight into this?
You may try this rule with THE_REQUEST:
RewriteCond %{THE_REQUEST} !\s/2021layout/ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ RESThandler.php [L]
THE_REQUEST variable represents original request received by Apache from your browser and it doesn't get overwritten after execution of other rewrite directives. Example value of this variable is GET /index.php?id=123 HTTP/1.1
Make sure to clear your browser cache before testing this change.
So apparently the mere existence of settings.php within the directory was preventing it from loading correctly. Does anyone have any insight into this
I am guessing that you have option MultiViews turned on in your Apache config. To turn it off use this directive at top of your .htaccess:
Option -MultiViews
Option MultiViews (see http://httpd.apache.org/docs/2.4/content-negotiation.html) is used by Apache's content negotiation module that runs before mod_rewrite and makes Apache server match extensions of files. So if /file is the URL then Apache will serve /file.html.
I have a PHP page like example.com/new/info.php?title=example. The .htaccess is in folder /new/. I tried it in the main directory also. My .htaccess looks like this:
ErrorDocument 404 /404.php
RewriteEngine On
RewriteRule ^([a-zA-Z0-9_-]+)$ page.php?title=$1 [QSA,L,NC]
RewriteRule ^info/([a-zA-Z0-9_-]+)/$ info.php?title=$1 [QSA,L,NC]
The first Rule is working, but the second sends no GET['title'] to the server. The site info.php loads but without the variable. I have tested it on my localhost and it's working. I load it on my webspace and the second rule is not working.
I tried it also without new directory example.com/info.php?title=example and same not work.
What is my mistake?
It sounds like you have MultiViews enabled (possibly in the server config). You need to disable MultiViews for this to work. Add the following at the top of your .htaccess file:
Options -MultiViews
With MultiViews enabled, mod_negotiation will issue an internal subrequest for info.php when making a request for /info/example/ - before your mod_rewrite rule is processed, so no parameters are passed.
I am very new to the idea of .htaccess and thought that it was what you used to do something like turn this:
http://www.domain.com/some/ugly/url/here.html
into this:
http://www.domain.com/niceurl
I was just told by my ISP that in order to get that to happen, no, it's done by putting the document into the web root folder. That .htaccess isn't used at all.
Does anyone know if this is true? I see a lot of examples about what .htaccess DOES but not so much about what it can't do. Somehow I thought this was all that was needed.
Lastly, if someone types in www.domain.com/niceurl what will happen? Don't I need to have that linked (if not by htaccess, how?!) to the location of the actual file?
Thank you for any and all help. I realize that .htaccess questions abound but they're hard to pick through for the layperson and I'm hoping to answer this specific question.
Here's what I believe should be an answer you want, put the block below to your .htaccess
Answer:
## Enabling Apache's Mod_rewrite module.
RewriteEngine On
# Following line is required if your webserver's URL is not directly related to physical file paths (just / for root, e.g. www.domain.com/)
RewriteBase /
# Restricts rewriting URLs only to paths that do not actually exists
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
# Redirect www.domain.com/bar to www.domain.com/foo
Redirect 301 /bar /foo
# Internally load the long URL without changing URL in address bar
RewriteRule ^foo/?$ http://www.domain.com/some/ugly/long/thing/here.html [L,NC]
As a result, www.domain.com/bar will be redirected to www.domain.com/foo and /foo will internally load http://www.domain.com/some/ugly/long/thing/here.html
FYI:
Your website's URL doesn't have to be directly related to physical file paths. Your URL's segment can be served as alias to your URL's parameters. for e.g,
http://www.domain.com/index.php?key1=value1&key2=value2
can be represented as
http://www.domain.com/value1/value2
Note: you need to implement a server side script to be served as a
router to manipulate the URL segments.
For more information about using .htaccess, check this out
Ref: http://htaccess-guide.com/
.htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer. These facilities include basic redirect functionality, for instance if a 404 file not found error occurs, or for more advanced functions such as content password protection or image hot link prevention.
Below is a few examples,
# Custom Error Pages for Better SEO,
# for e.g, to handle 404 file not found error
ErrorDocument 404 http://www.domain.com/404page.html
# Deny visitors by IP address
order allow,deny
deny from 122.248.102.86
deny from 188.40.112.210
allow from all
# Redirects
Redirect 302 /en/my-dir/my-page.html /en/my-path/example.html
# Disallow some silly bots from crawling your sites
RewriteCond %{HTTP_USER_AGENT} (?i)^.*(BlackWidow|Bot\\ mailto:craftbot#yahoo.com|ChinaClaw|Custo|DISCo|Download\\ Demon|eCatch|EirGrabber|EmailSiphon|EmailWolf|Express\\ WebPictures|ExtractorPro|EyeNetIE|FlashGet|GetRight|GetWeb!|Go!Zilla|Go-Ahead-Got-It|GrabNet).*$
RewriteRule .* - [R=403,L]
# Setting server timezone
SetEnv TZ America/Los_Angeles
# trailing slash enforcement,
# e.g, http://www.domain.com/niceurl to http://www.domain.com/niceurl/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !#
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ http://www.domain.com/$1/ [L,R=301]
Enable mod_rewrite and .htaccess through httpd.conf (if not already enabled) and then You can use this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteRule ^niceurl/?$ some/ugly/url/here.html [L,NC]
This will allow you to use http://domain.com/niceurl in your browser and it will internally load http://domain.com/some/ugly/url/here.html without changing URL in browser.
If you also want to force redirection from ugly URL to pretty URL then add this redirect rule just below RewriteEngine On line:
RewriteCond %{THE_REQUEST} \s/+some/ugly/url/here\.html [NC]
RewriteRule ^ /niceurl [R=302,L,NE]
I know very little about .htaccess files and mod-rewrite rules. Looking at my statcounter information today, I noticed that a visitor to my site entered a url as follows:
http://mywebsite.com/index.php/contact-us
Since there is no such folder or file on the website and no broken links on the site, I'm assuming this was a penetration attempt. What was displayed to the visitor was the output of the index.php file, but without benefit of the associated CSS layout.
I need to create a rewrite rule that will either remove the information after index.php (or any .php file), or perhaps more appropriately, insert a question mark (after the .php filename), so that any following garbage will be treated like a parameter (and will be gracefully ignored if no parameters are required).
Thank you for any assistance.
If you're only expecting real directories and real files that do exist, then you can add this to an .htaccess file. What it does is it takes a non-existent file or directory request and gives the user the index.php page with the original request as a query string. [QSA] appends any existing query string.
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php?$1 [PT,QSA]
I found a solution, using information provided by AbsoluteZero as well as other threads that popped up on the right side of the screen as the solution came closer.
Here's the code that worked for me...
Options -Multiviews -Indexes +FollowSymLinks
RewriteEngine On
RewriteBase /
DirectorySlash Off
# remove trailing slash
RewriteRule ^(.*)\/(\?.*)?$ $1$2 [R=301,L]
# translate PATH_INFO information into a parameter
RewriteRule ^(.*)\.php(\/)(.*) $1.php?$3 [R=301,L]
# rewrite /dir/file?query to /dir/file.php?query
RewriteRule ^([\w\/-]+)(\?.*)?$ $1.php$2 [L,T=application/x-httpd-php]
I got the removal of trailing slash from another post on StackOverflow. However, even after removing the trailing slash, the rewrite rule did not account for someone appending what looks to be valid information after the .php file
(For example: mysite.com/index.php/somethingelse)
My goal was to either remove the "/somethingelse", or render it harmless. The PATH_INFO rule locates a "/" after the .php file, and turns everything else from that point forward into a query string (which will usually be ignored by the PHP file).