I Deployed a Laravel web application on a Tumbleweed openSUSE. I can access all routes defined in routes/web.php, but all routes in routes/api.php returned 404 not found.
Here's my apache2 httpd.conf file:
Include /etc/apache2/uid.conf
Include /etc/apache2/server-tuning.conf
<IfDefine !SYSCONFIG>
Include /etc/apache2/loadmodule.conf
</IfDefine>
<IfDefine !SYSCONFIG>
Include /etc/apache2/global.conf
</IfDefine>
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
Include /etc/apache2/mod_reqtimeout.conf
Include /etc/apache2/mod_cgid-timeout.conf
Include /etc/apache2/mod_usertrack.conf
Include /etc/apache2/mod_autoindex-defaults.conf
TypesConfig /etc/apache2/mime.types
Include /etc/apache2/mod_mime-defaults.conf
Include /etc/apache2/errors.conf
Include /etc/apache2/ssl-global.conf
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride All
<IfModule !mod_access_compat.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
allow from all
</IfModule>
</Directory>
<Directory "/srv/www">
AllowOverride All
</Directory>
AccessFileName .htaccess
<Files ~ "^\.ht">
<IfModule !mod_access_compat.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
allow from all
</IfModule>
</Files>
DirectoryIndex index.html index.html.var
Include /etc/apache2/default-server.conf
and this is my .htaccess file I put inside the htdocs folder
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
I hope someone can help me on this. I'm pretty new to linux especially openSUSE. Also, I'm sorry for my bad English.
If you are defining routes inside api.php, then your URL should be called prefix as API:
http://someurl.com/api/get/user
Related
I have a wordpress installation in the root of my server, I wanted to use the "opensourcepos" script in a new directory called "ospos"
If I try to access the link
www.mysite.it/ospos/
I am redirected to
www.mysite.it/public
with 404 error
To access the ospos installation I have to go to
www.mysite.it/ospos/public
only in this way everything works correctly.
Maybe there is some instruction in the ospos folder .htaccess file
which does not redirect correctly.
Code .htaccess wordpress /root
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Code .htaccess root/ospos
# redirect to public page
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^public$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
RewriteRule "^(.*)$" "/public/" [R=301,L]
</IfModule>
# disable directory browsing
# For security reasons, Option all cannot be overridden.
Options +ExecCGI +Includes +IncludesNOEXEC +SymLinksIfOwnerMatch -Indexes
# prevent folder listing
IndexIgnore *
# Apache 2.4
<IfModule authz_core_module>
# secure htaccess file
<Files .htaccess>
Require all denied
</Files>
# prevent access to PHP error log
<Files error_log>
Require all denied
</Files>
# prevent access to LICENSE
<Files LICENSE>
Require all denied
</Files>
# prevent access to csv, txt and md files
<FilesMatch "\.(csv|txt|md|yml|json|lock)$">
Require all denied
</FilesMatch>
</IfModule>
# Apache 2.2
<IfModule !authz_core_module>
# secure htaccess file
<Files .htaccess>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to PHP error log
<Files error_log>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to LICENSE
<Files LICENSE>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to csv, txt and md files
<FilesMatch "\.(csv|txt|md|yml|json|lock)$">
Order allow,deny
Deny from all
Satisfy all
</FilesMatch>
</IfModule>
Code .htaccess root/ospos/public
RewriteEngine On
# To redirect a subdomain to a subdir because of https not supporting wildcards
# replace values between <> with your ones
# RewriteCond %{HTTP_HOST} ^<OSPOS subdomain>\.<my web domain>\.com$ [OR]
# RewriteCond %{HTTP_HOST} ^www\.<OSPOS subdomain>\.<my web domain>\.com$
# RewriteRule ^/?$ "https\:\/\/www\.<my web domain>\.com\/<OSPOS path>" [R=301,L]
# To rewrite "domain.com -> www.domain.com" uncomment the following lines.
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteCond %{HTTP_HOST} (.+)$ [NC]
# RewriteRule ^(.*)$ http://www.%1/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# if in web root
# RewriteRule ^(.*)$ index.php?/$1 [L]
# if in subdir comment above line, uncomment below one and replace <OSPOS path> with your path
RewriteRule ^(.*)$ /ospos/public/index.php?/$1 [L]
# disable directory browsing
# For security reasons, Option all cannot be overridden.
#Options All -Indexes
Options +ExecCGI +Includes +IncludesNOEXEC +SymLinksIfOwnerMatch -Indexes
# prevent folder listing
IndexIgnore *
# Apache 2.4
<IfModule authz_core_module>
# secure htaccess file
<Files .htaccess>
Require all denied
</Files>
# prevent access to PHP error log
<Files error_log>
Require all denied
</Files>
</IfModule>
# Apache 2.2
<IfModule !authz_core_module>
# secure htaccess file
<Files .htaccess>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to PHP error log
<Files error_log>
Order allow,deny
Deny from all
Satisfy all
</Files>
</IfModule>
<IfModule mod_expires.c>
<FilesMatch "\.(jpe?g|png|gif|js|css)$">
ExpiresActive On
ExpiresDefault "access plus 1 week"
</FilesMatch>
</IfModule>
I have read many questions and made many tests, but I still haven't been able to figure out where and what to change to make it redirect correctly.
Anyone have any suggestions on this?
Thank you
PHP version: 7.3.13
MySQL version: 5.6.44-86.0
OS and version: CentOS 7
WebServer is: Apache 2.4
How should I edit:
RewriteCond %{REQUEST_URI} !^public$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
RewriteRule "^(.*)$" "/public/" [R=301,L]
**I'm working on an apache secured web server hosted on an ubuntu-server.16.04
I'm sending on prod my first project on symfony and I did quite well since now. I'm trying to rewrite url so when I want to go on my project dashboard, the url would be "../dashboard/" instead of (actually like this) "../index.php/dashboard/"
But when I try to go on this url, the server redirect me out of the symfony app and throw me a basic apache 404 error, not a symfony handled error.
I think this can be edited in the .htaccess file but I can't find out how to make him perform all url as symfony routes, that's my question.
Tried multiple code found on google
htaccess
DirectoryIndex index.php
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteCond %{HTTP:Authorization} .
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ - [L]
RewriteRule ^ %{ENV:BASE}/index.php [L]
</IfModule>
<IfModule !mod_rewrite.c>
<IfModule mod_alias.c>
RedirectMatch 302 ^/$ /index.php/
</IfModule>
</IfModule>
You need to enable apache rewrite.
Please follow these steps :
In a terminal use the following commands:
$sudo a2enmod rewrite
Change AllowOverride in apache conf file:
$sudo nano /etc/apache2/apache2.conf
Change the AllowOverride from None to All in this block
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
At last, restart apache2
$sudo service apache2 restart
I am trying to restrict access to my Laravel 5.3 app with Apache.
My app is available internally but receives post backs from various external sources. There is a port forward set up with NAT disabled so I can tell internal from external requests.
All URL's should show a 403 except if example.com/api/external/... is the URL. I have the following htaccess (default for Laravel 5.3)
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
my vhost config
<Directory /var/www/mailer/public/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<Location />
Order deny,allow
deny from all
allow from 10.64.1.0/24
allow from 10.64.20.0/24
</Location>
<Location /api/external/smsPost>
Allow from all
</Location>
Whenever I access any URL from an external address I still get the 403 even on the allowed location.
You don't have permission to access /index.php on this server.
I think because it has /index.php even on example.com/api/external/smsPost that it is an issue with htaccess and the location directive not working for this purpose. Is there any way I can achieve what I need with this directive?
Many thanks.
Why don't you use a laravel middleware and bind it to your restricted routes?
public function handle($request, Closure $next)
{
if(Route::getCurrentRoute()->getPath() == "api/external/")
return response('You don't have permission to access /index.php on this server.', 403);
// return the $next closure, so other Middlewares can run
return $next($request);
}
I want to be able to access the directory index view when I hit the URI /client-files - I am using Silverstripe which comes with its own .htaccess out of the box which I have provided at the end.
e.g domain.com/client-files
Sample image of what I am trying to achieve, just with a different folder name...
I have tried the following:
I have tried adding - (This gives me a 500 error):
<Directory "/client-files">
Options +Indexes
</Directory>
and adding this:
RewriteCond %{REQUEST_FILENAME} !-d - This gives me "Forbidden - You don't have permission to access /client-files/ on this server."
My .htaccess (Default)
### SILVERSTRIPE START ###
# Deny access to templates (but allow from localhost)
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Order deny,allow
Deny from all
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files *.yml>
Order allow,deny
Deny from all
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_rewrite.c>
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
<IfModule mod_dir.c>
DirectoryIndex disabled
</IfModule>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
RewriteBase '/'
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
# Process through SilverStripe if no file with the requested name exists.
# Pass through the original path as a query parameter, and retain the existing parameters.
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* framework/main.php?url=%1 [QSA]
</IfModule>
### SILVERSTRIPE END ###
I ended up getting it to work by using what #munomono said but slightly different.
I ended up having my own .htaccess file in the /client-files directory and putting this in it:
.htaccess
RewriteCond %{REQUEST_FILENAME} !-d
Options +Indexes
I have installed phpbb 3.1.4 newly.. Currently my web urls are like this http:// mydomain.com/viewtopic.php?f=6&p=6#p6
How can i force it to use
http:// mydomain.com/mytopics.html
I have tried editing .htaccess but still its hope less..
My default htaccess
<IfModule mod_rewrite.c>
RewriteEngine on
#
# Uncomment the statement below if you want to make use of
# HTTP authentication and it does not already work.
# This could be required if you are for example using PHP via Apache CGI.
#
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
# The following 3 lines will rewrite URLs passed through the front controller
# to not require app.php in the actual URL. In other words, a controller is
# by default accessed at /app.php/my/controller, but can also be accessed at
# /my/controller
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ app.php [QSA,L]
#
# If symbolic links are not already being followed,
# uncomment the line below.
# http://anothersysadmin.wordpress.com/2008/06/10/mod_rewrite-forbidden-403-with-apache-228/
#
#Options +FollowSymLinks
</IfModule>
# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
# module mod_authz_host to a new module called mod_access_compat (which may be
# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
# We could just conditionally provide both versions, but unfortunately Apache
# does not explicitly tell us its version if the module mod_version is not
# available. In this case, we check for the availability of module
# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
<IfModule mod_version.c>
<IfVersion < 2.4>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
</IfVersion>
<IfVersion >= 2.4>
<Files "config.php">
Require all denied
</Files>
<Files "common.php">
Require all denied
</Files>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
<IfModule !mod_authz_core.c>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
</IfModule>
<IfModule mod_authz_core.c>
<Files "config.php">
Require all denied
</Files>
<Files "common.php">
Require all denied
</Files>
</IfModule>
</IfModule>
Please guide me, how to fix this?
Update : I have tried adding below in my htaccess .. No difference
RewriteEngine On
RewriteCond %{REQUEST_URI} !\.[a-zA-Z0-9]{3,4}
RewriteCond %{REQUEST_URI} !/$
RewriteRule ^(.*)$ $1.html
Above codes copy pasted from From ReWrite rule to add .html extension
And also tried adding
RewriteCond %{REQUEST_URI} !^.*.php$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ $1.html [L,R=301]
and also tried adding (Source)
RewriteBase /
RewriteRule ^(.*)-f([0-9]*)/(.*)-t([0-9]*)-s([0-9]*).html viewtopic.php?f=$2&t=$4&start=$5&%{QUERY_STRING} [L]
RewriteRule ^(.*)-f([0-9]*)/(.*)-t([0-9]*).html viewtopic.php?f=$2&t=$4&%{QUERY_STRING} [L]
RewriteRule global/(.*)-t([0-9]*).html ./viewtopic.php?f=1&t=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-f([0-9]*)/index-s([0-9]*).html viewforum.php?f=$2&start=$3&%{QUERY_STRING} [L]
RewriteRule ^(.*)-f([0-9]*)/ viewforum.php?f=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-f([0-9]*) viewforum.php?f=$2&%{QUERY_STRING} [L]
RewriteRule ^forum.html index.php?%{QUERY_STRING} [L]
Just wish to share this.. Looks like there is no way to do this using htaccess.. It was confirmed by KevC - Support Team Member Phpbb
https://www.phpbb.com/community/viewtopic.php?f=466&t=2319241