I'm working on Ionic prject using nodeJS and woocommerce as backend. When I try to modify a user using below code, I get 403 forbidden error! (user_id 143 exist in my woocommerce)
this.WooCommerce = WC({
url: "https://mmarket.ir",
consumerKey: "ck_bd5########################fa",
consumerSecret: "cs_b9######################c7",
wpAPI: true,
version: 'wc/v3'
});
var data = {
first_name: 'James'
};
this.WooCommerce.put('customers/143', data, function(err, data, res) {
console.log(res);
});
result:
PUT https://mmarket.ir/wp-json/wc/v3/customers/143 403 (Forbidden)
passwordreset.ts:152 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /wp-json/wc/v3/customers/143
on this server.<br />
</p>
</body></html>
my .htaccess file content:
Header add Access-Control-Allow-Origin: "*"
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "Content-Type"
# BEGIN WordPress
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
# END WordPress
Any idea?
I edit my .htaccess using this code:
<Limit GET POST PUT OPTIONS>
Require all granted
</Limit>
<LimitExcept GET POST PUT OPTIONS>
Require all denied
</LimitExcept>
And 403 error goes away in put request.
PUT request 403 Forbidden
Related
From the server logs i have recently noticed that googlebot getting http status 200 response for non existing URI
https://turkishclassified.com/?KKId=3914
https://turkishclassified.com/?KKId=4031
https://turkishclassified.com/?KKId=2890
However non-existent other URI without the /? returns the http status 404 and is correct response.
https://turkishclassified.com/KKId=3914
https://turkishclassified.com/KKId=4031
https://turkishclassified.com/KKId=2890
I am running Plesk that has htaccess file. I also have the following htaccess in public folder by theme developers
# Handle Front Controller...
RewriteEngine On
<IfModule mod_headers.c>
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
How can we give correct http status response for existing and non-existing URI. Thks for any replies.
I have added the following to https://example.com/robots.txt that google follows
Disallow: /?KKId=
Disallow: /?bid=
Disallow: /?Ino=
Disallow: /en/search?KKId=
Disallow: /search?KKId=
This has worked so far for the crawling part.
I have the following structure:
- root
- css
- test.css
- index.php
Is there a way to throw a 404 error when I try to open anything in CSS folder in my browser as:
http://localhost:1993/css
http://localhost:1993/css/test.css
but still accessible from the browser? I want CSS to load normally, but to throw a 404 error when someone opens this path. Or turn off the directory listing for everything in the directory (with all files inside)? Or something like that? Its possible?
You can try mod_access,
<FilesMatch "\.css$">
order deny,allow
deny from all
allow from 127.0.0.1
allow from localhost
</FilesMatch>
With mod_rewrite
RewriteEngine On
RewriteCond %{HTTP_HOST} ^!localhost
RewriteCond %{REQUEST_URI} ^/css [OR]
RewriteCond %{REQUEST_FILENAME} \.css$
RewriteRule ^ - [R=404]
I want to block out user agents and tell them that the file doesn't even exist (Status Code: 404)
My current htaccess (Status Code: 403):
RewriteEngine on
SetEnvIfNoCase User-Agent UpdaterV* updater
Order Deny,Allow
Deny from All
Allow from env=updater
How can I fix this?
You can use mod-rewrite to get 404 status code :
RewriteEngine on
#--if user agent is not UpdaterV--#
RewriteCond %{HTTP_USER_AGENT} !UpdaterV [NC]
#--404 the request--#
RewriteRule ^ - [R=404,L]
I am using the following code in .htaccess file to sort out canonical redirects in Apache server. This works very well and redirects example.com, example.com/index.html and www.example.com/index.html ALL to www.example.com :-
#Redirect to www location
#Redirect example.com to www.example.com
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,NC]
RewriteRule ^index\.(php|html?)$ http://www.example.com/ [L,R=301]
The above code works perfectly in .htaccess
I ALSO would like to have a ErrorDocument 404 rule to send visitors who arrive at non-existent pages to a specially designed page, namely: http://example.com/404/404.html
HOWEVER, when I add the following line to my .htaccess file, it does nothing. Ie navigating to a non-existent page (for example entering url www.example.com/asidhaskudhsadh just returns a standard 404 error page). The code I am trying to use is:
ErrorDocument 404 http://www.example.com/404/404.html
(Ps. this is not an absolute url address issue as is often the case, because I have tried it with
ErrorDocument 404 http://www.google.com
and it still doesn't work. Whether I include the ErrorDocument line or not, the canonical redirects continue to work. The ErrorDocument line basically seems to have no effect at all.
Any ideas? My whole .htaccess file code is reproduced below. The strange line at the bottom was put in by an external mobile website development team to check whether visitors are on mobile devices and should go to the mobile version of the website (namely, http://www.example.com/m). The index.php file that it refers to is also included below.
.htaccess file
AddType x-mapp-php5 .php
ErrorDocument 404 http://www.example.com/404/404.html
#Redirect example.com to www.example.com
#Redirect to www location
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,NC]
RewriteRule ^index\.(php|html?)$ http://www.example.com/ [L,R=301]
##### Speed Up Loading With Caching of Files #####
<IfModule mod_headers.c>
# YEAR
<FilesMatch "\.(ico|gif|jpg|jpeg|png|flv|pdf)$">
Header set Cache-Control "max-age=2419200"
</FilesMatch>
# WEEK
<FilesMatch "\.(js|css|swf)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
# 45 MIN
<FilesMatch "\.(html|htm|txt)$">
Header set Cache-Control "max-age=2700"
</FilesMatch>
</IfModule>
###### DO NOT REMOVE THIS LINE!!! ######
DirectoryIndex index.php
###### DO NOT REMOVE THIS LINE!!! ######
The desktop website loads using index.html
The index.php file code which is referenced in the last line of .htaccess file is as below:
<?php
ob_start( 'ob_gzhandler' );
$iphone = strpos($_SERVER['HTTP_USER_AGENT'],"iPhone");
$android = strpos($_SERVER['HTTP_USER_AGENT'],"Android");
$palmpre = strpos($_SERVER['HTTP_USER_AGENT'],"webOS");
$berry = strpos($_SERVER['HTTP_USER_AGENT'],"BlackBerry");
$ipod = strpos($_SERVER['HTTP_USER_AGENT'],"iPod");
/* recomment in for mobile activation */
//echo #file_get_contents("index.html");
if(isset($_GET["m"]) && $_GET["m"] == "off"){
$expire = time() + 60 * 60 * 24;
setcookie("mobile", "off", $expire);
echo #file_get_contents("index.html");
} else if (isset($_COOKIE["mobile"]) && $_COOKIE["mobile"] == "off"){
echo #file_get_contents("index.html");
} else if ($iphone || $android || $palmpre || $ipod || $berry == true){
header("Location: http://www.example.com/m/home.php");
} else {
echo #file_get_contents("index.html");
}
?>
I've set my document root as follows:
c:/wamp/www/laravel/public
When I test localhost on the browser I get the "You have arrived" page.
However when I try localhost/page0, I get a 404.
In my routes.php file I have this:
Route::get('/', function()
{
return View::make('hello');
});
Route::get('page0', function() {
return 'Test Helloworld! 0';
});
My .htaccess file looks like this:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes...
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
It looks like everything should work. Why doesn't this work?
You might want to check if mod_rewrite is enabled by doing:
phpinfo();
You can issue this in your routes.php.
It is also possible to start a webserver in php like so from the terminal or command prompt depending on your OS:
php -S localhost:8080 -t public/
Do this from your project root. Then you can go to:
localhost:8080
And your site should be up and running. You can still use the MySQL server that is running from XAMPP or WAMPP.
Use
c:/wamp/www/laravel/public/page0
This should work.
For production and/or development you can set the document root to the "public" folder, to get rid of the "/public/" in your url:
#see https://stackoverflow.com/a/15469480/1854296 (for example)