I have PHP script which collects the current DHCP address of a certain domain which is written to a file.
I need to read the IP address from that file (or collect it directly from within the .htaccess file) into a section of my .htaccess to allow only that certain IP address to be able to login to my account.
I used to use:
RewriteCond %{REMOTE_HOST} ^example\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php$
RewriteRule ^(.*)$ blackhole.html [L,R]
I am now hosted on a LiteSpeed server which does not do reverse DNS lookups so I am unable to use any hostname lookups.
An easy solution required please.
RewriteCond %{REMOTE_HOST} ^example\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php$
RewriteRule ^(.*)$ blackhole.html [L,R]
Aside: This code would effectively block that specific user, not "allow" them. You would have needed to negate the first condition. ie. !^example\.com$
However, whether the server is configured to perform hostname lookups isn't necessarily a problem of LiteSpeed itself. It's probably just how the server is configured. Many shared hosts disable this feature for performance reasons.
Unfortunately though, your problem is still LiteSpeed with regards to reading a value from an external file in .htaccess.
You can do something like the following using an Apache expression on Apache 2.4+ to read an IP address from an external file and compare it to the REMOTE_ADDR server variable:
RewriteCond expr "file('%{DOCUMENT_ROOT}/ip-address.txt') != %{REMOTE_ADDR}"
RewriteRule ^wp-login\.php$ /blackhole.html [R,L]
Where ip-address.txt is a file in the document root that contains only an IP address (and no newlines).
HOWEVER, on LiteSpeed this simply does not work unfortunately. It just fails silently (the LiteSpeed way).
Aside:
Although, instead of redirecting to blackhole.html it would be preferable to just serve a 404 or 403 Forbidden. For example:
RewriteRule ^wp-login\.php$ - [R=404]
Related
I have a domain with two versions and I need to redirect 1 of the versions
test.example.ca
test.example.ca/en
test.example.ca/fr
I need the first domain test.example.com to redirect to test.example.ca/en anytime someone hits it. but i don't want test.example.ca/fr to redirect to test.example.com/en/fr
this is what I've been trying with no success.
RewriteCond %{HTTP_HOST} =test.example.ca
RewriteCond %{HTTP_HOST} !=test.example.ca/fr
RewriteRule ^(.*)$ https://%{HTTP_HOST}/en/$1 [R=301,L]
I understand the question such that you simply to not want requests to https://test.example.com/fr... to get redirected. So you want an exception.
I'd say this roughly is what you are looking for:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^test\.example\.com$
RewriteCond %{REQUEST_URI} !^/fr
RewriteRule ^ https://test.example.ca/en%{REQUEST_URI} [R=301,L]
Chances are that your question was wrong in a few details, to me it reads as if you were not really precise with your host names. But above should be the correct answer to what you actually asked.
You should implement such rules in the http server's host configuration. If you do not have access to that you can also use a distributed configuration file (".htaccess"). That file should be located in the DOCUMENT_ROOT folder defined for your http host. And you need to make sure that the interpretation of such files is enabled at all (see the documentation for the AllowOverride directive for that).
It is a good idea to start out using a R=302 temporary redirection first. And to only change that to a R=301 permanent redirection once everything works as desired. That prevents nasty caching issues on the client side.
Our website is allowing any prefix/subdomain before the domain.
So if our site is www.domain.com, then the server is allowing;
www.anything.domain.com, where 'anything' can be literally anything, and it displays whatever is on the page that actually exists.
So, www.anything.domain.com/something.php displays the content that should only be accessible via www.domain.com/something.php.
Is there any way using .htaccess to stop this from happening, or redirect it to the version that does actually exist?
Or does this need to be done on the server?
Does anyone know why this is being allowed?
Ideally, this should be configured in server configuration files (also, you can configure DNS to simply not resolve unwanted hostnames, but that is for another question probably).
If you don't have access to server configuration, you can do it in .htaccess:
# to block access if any domain except example.com or www.example.com was used
RewriteEngine On
RewriteCond %{HTTP_HOST} !=www.example.com
RewriteCond %{HTTP_HOST} !=example.com
RewriteRule ^ - [F]
or
# if any domain except example.com or www.example.com was used,
# redirect the request to www.example
RewriteEngine On
RewriteCond %{HTTP_HOST} !=www.example.com
RewriteCond %{HTTP_HOST} !=example.com
RewriteRule ^ http://www.example.com%{REQUEST_URI} [R=301]
In the Apache 2.4 docs on dynamic virtual hosts, it says:
Mass virtual hosts with mod_rewrite
Mass virtual hosting may also be accomplished using mod_rewrite, either using simple RewriteRule directives, or using more complicated techniques such as storing the vhost definitions externally and accessing them via RewriteMap. These techniques are discussed in the rewrite documentation.
I'm attempting to use mod_rewrite instead of mod_vhost_alias because I want it both ways: localhost/project and project.dev should point to the same folder, but either URL should work.
Here's my latest attempt (currently in an .htaccess), which gets me a lovely 500 error.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(.*)\.dev$ [NC]
RewriteRule ^(.*)$ /%1/$1 [L,QSA]
If I do
...
RewriteRule ^(.*)$ http://localhost/%1/$1 [L,QSA]
I can access the files, but the URL changes (not what I want). I've tried a variety of permutations with and without slashes, RewriteBase, etc.
To be clear, I want project.dev/index.php and localhost/project/index.php to both be valid non-redirected references to /var/www/html/project/index.php. And I'd like to do this in a dynamic way, so I don't need to enter a new set of rules for every folder.
I'm not fixated on doing this with .htaccess - virtualhosts are ok too as long as they're dynamic and I can still access my sites using the localhost/ scheme and the other machines on the network can connect to the sample sites in the usual way (192.168.1.22/project/index.php).
Try this rule:
RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{HTTP_HOST} ^(.+)\.dev$ [NC]
RewriteRule ^(.*)$ /%1/$1 [L]
I would like to use two separate url's, pointing to two separate websites, using one hosting and one backend.
So far there's only one website (I'll name it domain1.com).
And there's already some mod-rewriting used.
redirecting www.domain1.com to domain1.com
RewriteEngine On
RewriteCond %{http_host} ^www.domain1.com$
RewriteRule ^(.*)$ http://domain1.com/$1 [R=301,L]
using nice urls, so domain1.com/news/item points to domain1.com/index.php?/news/item
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond $1 !^(index.php)
RewriteRule ^(.*)$ index.php?/$1 [L]
What I would like to achieve are the following things
domain1.com/specific_folder_name/123456789 should point to domain2.com/123456789 just for cosmetics
domain2.com/123456789 should run /index.php?/specific_folder_name/123456789
It should result in this:
when surfing to domain1.com/param1/param2, the server gives you index.php?/param1/param2
whan surfing to domain1.com/specific_folder_name/123456789 you get redirected to domain2.com/123456789 and the server gives you /index.php?/specific_folder_name/123456789
I hope this is clear enough...
I believe you can get this done via ProxyPass Directive
This directive allows remote servers to be mapped into the space of
the local server; the local server does not act as a proxy in the
conventional sense, but appears to be a mirror of the remote server.
The local server is often called a reverse proxy or gateway. The path
is the name of a local virtual path; url is a partial URL for the
remote server and cannot include a query string.
more details
I am trying to force HTTPS on a domain. It must be done using a method that works by domain name and not port number (due to host structure/setup).
My closest attempt was:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mydomain.com$
RewriteRule ^.*$ https://www.mydomain.com/$1 [R=301,L]
This works when typing "mydomain.com" into the address bar, automatically redirecting to "https://mydomain.com" but when I type "www.mydomain.com" it does not work. I assume it is a syntax issue as I am very new to htaccess and have spent about 4 hours trying to create a solution from other's code.
Any chance of a pointer?
To make the setup a little more understandable.
/public_html/ - All files in this folder relate to www.mydomain.com
/public_html/subfolder - These folders contain files also relating to mydomain.com
/public_html/subdomain - These folders contain files relating to www.myotherdomain.com
My other domains are subdomains of mydomain.com for to be listed in the cpanel on the host. For example: subdomain.mydomain.com is the same as www.myotherdomain.com.
Hopefully that clears up the structure.
Your redirect happens whenever a request is made to the exact domain mydomain.com (that's what the RewriteCond is testing for). It doesn't apply to any other domains and doesn't detect HTTPS. Use this instead:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?mydomain.com$
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]