############################################
## new my account page redirect
RewriteCond %{REQUEST_URI} !/customer/account/logout/
RewriteCond %{REQUEST_URI} !/loginPost/
RewriteRule ^customer/account/ https://www.website.com/customer/site_account [R=301,L]
I am curious to know what does the above configuration mean in
.htaccess file ?
What does it direct or do in my magento application ?
I have updated the question & added "RewriteRule". Actually i have a href with href="/customer/account/logout/" when i click on href it requests "POST" request. and when i open the same link in URL(another tab) it shows "GET" request. So, the thing i am trying to get from the above question is i doubt if the above configuration in .htaccess (mentioned in question) making the POST request on href instead of GET.
I have not find valid info on search results.
Feel free to share thoughts.
Thankyou.
This is your rule:
RewriteCond %{REQUEST_URI} !/customer/account/logout/
RewriteCond %{REQUEST_URI} !/loginPost/
RewriteRule ^customer/account/ https://www.website.com/customer/site_account [R=301,L]
This can never make any POST request but might be happening here is this scenario:
Browser sends a POST request to URI /customer/account/logout/
That request skips this rule first time due to your first RewriteCond
Another rule in this .htaccess (since this is Magento) rewrites every non-file, non-directory to index.php
mod_rewrite loops again and second time this rule redirect since REQUEST_URI has become /index.php now.
This rule now redirects with a GET request from browser.
You should make 2 adjustments in this rule:
Skip this redirect for POST requests
Match THE_REQUEST (original request) instead of modifiable REQUEST_URI.
Suggested rule:
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{THE_REQUEST} !/(customer/account/logout|loginPost)/ [NC]
RewriteRule ^customer/account/ /customer/site_account [R=301,L,NC]
PS: Before testing make sure to clear your browser cache.
Related
I want to redirect all content to:
www.example.com/public/...
but prevent direct access to
www.example.com/public/file1/
www.example.com/public/file2/
etc
The final URL should be:
www.example.com/file1/
I've tried this for redirecting and it works - but I dont know how to prevent direct access:
ReWriteCond %{REQUEST_URI} !/public/
RewriteRule ^(.*) public/$1 [L]
After spending an inordinate amount of time trying to solve this problem, I found that the solution lies with the under-documented REDIRECT_STATUS environment variable.
Add this to the beginning of your top-level /.htaccess code, and also to any .htaccess files you have under it (e.g. /public/.htaccess):
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{ENV:REDIRECT_STATUS} !=200
RewriteRule ^ /public%{REQUEST_URI} [L]
</IfModule>
Now, if the user requests example.com/file1 then they are served the file at /public/file1. However, if they request example.com/public/file1 directly then the server will attempt to serve the file at /public/public/file1, which will fail (unless you happen to have a file at that location).
IMPORTANT:
You need to add those lines to all .htaccess files, not just the top-level one in the web root, because if you have any .htaccess files below the web root (e.g. /public/.htaccess) then these will override the top-level .htaccess and users will again be able to access files in /public directly.
Note about variables and redirects:
Performing a redirect (or a rewrite) causes the whole process to start again with the new URI, so any variables that you set before the redirect will no longer be set afterwards. This is done deliberately, because usually you do not want the final result to depend on how you got there (i.e. whether it was via a direct request or via a redirect).
However, for those special occasions where you do want to know how you got to a particular URI, you can use REDIRECT_STATUS. Also, any environment variables set before the redirect (e.g. with SetEnvIf) will still be available after the redirect, but with REDIRECT_ prefixed to the name of the variable (so MY_VAR becomes REDIRECT_MY_VAR).
Maybe you should clarify what's the expected behaviour when user tries to reach the real URL:
www.example.com/public/file1/
If by prevent you mean forbid, you could add a rule to respond with a 403
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !/public/
RewriteRule ^(.*)$ /public/$1 [L]
RewriteCond %{REQUEST_URI} /public/
RewriteRule ^(.*)$ / [R=403,L]
</IfModule>
Update: The solution above doesn't work!
I realized my previous solution always throws the 403 so it's worthless. Actually, this is kinda tricky because the redirection itself really contains /public/ in the URL.
The solution that really worked for me is to append a secret query string to the redirection and check for this value on URL's containing /public/:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !/public/
RewriteRule ^(.*)$ /public/$1?token=SECRET_TOKEN [L]
RewriteCond %{REQUEST_URI} /public/
RewriteCond %{QUERY_STRING} !token=SECRET_TOKEN
RewriteRule ^(.*)$ / [R=403,NC,L]
</IfModule>
This way www.example.com/file1/ will show file1, but www.example.com/public/file1/ will throw a 403 Forbidden error response.
Concerns about security of this SECRET_TOKEN are discussed here: How secure is to append a secret token as query string in a htaccess rewrite rule?
If your URL's are expected to have it's own query string, like www.example.com/file1/?param=value be sure to add the flag QSA.
RewriteRule ^(.*)$ /public/$1?token=SECRET_TOKEN [QSA,L]
Currently I have the following htaccess redirect rule that detects any path that looks like
mysite.com/node/xxx and redirects it to a .php script that, in turn, finds the URL of the page and redirects the user to it (e.g. mysite.com/page/page.html)
RewriteCond %{QUERY_STRING} ^(page=(31|1))?$ [NC]
RewriteRule ^node/?$ /? [L,NC,R=301]
RewriteRule ^(../)?node/([0-9]+)$ noderedirect.php?nid=$2 [L]
What I want, however, is that also when user accesses
mysite.com/node
or
mysite.com/node?page=xxx
they get redirected to the main page
BUT
when they access
mysite.com/node/xxx/edit
the rule doesn't get activated.
I tried several options (stopping at the one above) and so far I have this, but it still enables users to access mysite.com/node?page=xxx (all the other conditions are working fine.
Can somebody help?
I just want it to go to that page, and not to do anything. but when it's /node/xxx or /node or /node?page=xxx i want it to redirect to noderedirect.php
If you want it to always go to the noderedirect, then try:
RewriteCond %{THE_REQUEST} \ /+node\?page=([0-9]+)
RewriteRule ^ /node/%1? [L,R=301]
RewriteRule ^node/?$ /noderedirect.php [L]
RewriteRUle ^node/([0-9]+)/? /noderedirect.php?nid=$1 [L]
Let's say I have the following url:
http://example.com/?param
how should I remove the question mark from the URL, ie. rewrite
http://example.com/param
to something like this:
http://example.com/index.php?param
Here is my code, that doesn't work:
RewriteEngine On
RewriteRule ^(.*)$ /index.php?$1 [P]
Two completely different things need to happen. First you need to externally redirect the browser to show something different in the URL address bar. Second when the browser resends the 2nd request, the server internally rewrites the query string back. You can't arbitrarily add or remove things in URLs in the wild, as they are locators. You can create a new locator, tell the browser to use this new one instead of the old one, then internally on the server change the new one back to the old one.
See the top part of this answer for an explanation
To make the browser go to the new URL:
RewriteEngine On
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(index\.php)?\?([^&\ ]+)
RewriteRule ^ /%1? [L,R=301]
This takes a request for the URL: http://example.com/?something and redirects the browser to the URL: http://example.com/something
Then you need to internally rewrite it back:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?$1 [L]
When the request is made for http://example.com/something, the server rewrites the URI to /index.php?something. This is internal to the server so the browser knows nothing about it and will continue to display the URL http://example.com/something while the server processes the URI /index.php?something.
I need to be able to redirect a single page from standard http to https. For example, I want to go from http://domain.com/quote.php to https://domain.com/quote.php.
So far I'm using this code in my .htaccess file, and it's working for the initial redirect.
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^quote.php https://domain.com/quote.php [R=301,L]
My problem, is that once I have visited the quote.php page and get redirected to the https version, all the other site pages I navigate to continue using the https protocol. This is a potential duplicate content issue, as I now have the same content accessible via http and https.
So what I want to do, is be able to do the above redirect, and then somehow do the same thing in reverse for all pages except quote.php. So if you attempted to access them via https, it would redirect to the default http version.
I use relative URLs throughout the site, so I can't simply hard-code in the https/http prefix. I need to be able to do this via .htacess, if possible.
Any help is greatly appreciated.
RewriteCond %{HTTPS} off
RewriteRule ^quote.php$ https://domain.com/quote.php [R=301,L,QSA]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/quote.php
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L,QSA]
answer to comment:
for adding new page to conndtions just put them parenthesis.like:
RewriteCond %{HTTPS} off
RewriteRule ^(quote|contact).php$ https://domain.com/$1.php [R=301,L,QSA]
question 2: QSA flag add current query string to new URL. it happens by default except in case you change query string. You can delete them now safely but if you have added query string, and wanted to have old one too, put that back.
Edit 2:
code above has a little security issue :(, actually it's more than a little :-D.
when you are using https to transfer html codes and page is using relative paths, so that's fine. but when you put these codes in .htaccess they turn into http and that's the problem:-). put the code below to sove the problem:):
RewriteCond %{HTTPS} off
RewriteRule ^(quote|contact).php$ https://domain.com/$1.php [R=301,L,QSA]
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/(quote|contact).php
RewriteCond %{REQUEST_URI} !^/(.*)\.(css|png|js|jpe?g|gif|bmp)$
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L,QSA]
Now, all images,scripts,.. that you are using on secure pages, are transferring securely.
How to redirect a first time user to a special landing page using htaccess based on referrer? I mean if they came from another domain then they are the first time visitor?
I am really noob at url rewriting and explanation would be great .
Note: the landing page is nothing but a php script that detects browser. On that page I will use cookie, but need to redirect the user if the referrer is empty or its from another domain.
I suggest this :
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^(www\.)?(https?://)?example\.com[NC]
RewriteCond %{REQUEST_URI} !^/welcome.html [NC]
Rewriterule ^(.*)$ http://example.com/welcome.html [r=307,L]
The first RewriteCond check if referer contains your domain name, and the second check if you are not just redirected by the RewriteRule.
The RewriteRule brings you to the welcome page as a [L]ast rule.
How about redirect the use if his referer is not your domain ?
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^(www\.)?(https?://)?(?!example\.com) [NC]
Rewriterule ^(.*)$ http://example.com/welcome.html [r=307,NC]
That means that the user will be redirected to welcome.html if he writes example.com in the address bar or comes from a link in another site. Once on your site it won't be redirected anymore if he load another page in your site.
P.S. AFAIK you can use cookies in PHP that generates a plain html page see here
Edit: Update tested code
Excuse my reheating the old steak once more.. I would still be interested in knowing if anyone knows the solution to this problem - without using cookies or HTML5 features...
I have read here that the HTTP_REFERER might be blank. Is that why this method of redirecting is not good for this application? I have experimented with this on my server but the closest result working result was being always redirected to my landing page index.htm, which is not desired..
Could this rule interfere with other rewrite rules?
Also, there is an error in the former snippet:
And I think the NC flag in the latter snippet does not make sense. Should it not be L?
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^(www\.)?(https?://)?example\.com[NC]
#missing space after .com and before [----------------here----^
RewriteCond %{REQUEST_URI} !^/welcome.html [NC]
Rewriterule ^(.*)$ http://example.com/welcome.html [r=307,L]
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^(www\.)?(https?://)?(?!example\.com) [NC]
Rewriterule ^(.*)$ http://example.com/welcome.html [r=307,NC]
#Should this flag not be L? ------------------------------^