I need to disable remotely downloading my web pages using curl/wget.
I want to disable curl -vv http://www.example.com
and I need to get a result like this
**
Rebuilt URL to: http://www.example.com/ Trying 12.34.56.78...
TCP_NODELAY set Connected to www.example.com (12.34.56.78) port 80
(#0) GET / HTTP/1.1 Host: www.example.com User-Agent: curl/7.53.1
Accept: / HTTP/1.1 301 Moved Permanently Server: AkamaiGHost
Content-Length: 0 Location: http://www.example.com/ Date: Mon, 13
Nov 2017 05:52:50 GMT Connection: keep-alive Connection #0 to host
www.example.com left intact
**
I am using Apache, Using Cloudflare.
Please help me
You can disable wget and curl with the rules below:
RewriteCond %{HTTP_USER_AGENT} ^pycurl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
Just add them to .htaccess.
Related
I am trying to use htaccess to redirect a site to another site (hosted on the same Virtualmin server)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain1.com$
RewriteRule (.*)$ https://sub.domain2.co.uk$1 [P]
</IfModule>
This code is just giving a 500 Internal Server Error.
In the error logs, I can see:
[Tue Jul 09 18:00:29.276394 2019] [ssl:error] [pid 17001] [remote 104.26.6.131:443] AH01961: SSL Proxy requested for sub.domain2.co.uk:80 but not enabled [Hint: SSLProxyEngine]
[Tue Jul 09 18:00:29.276436 2019] [proxy:error] [pid 17001] AH00961: HTTPS: failed to enable ssl support for 104.26.6.131:443 (sub.domain2.co.uk)
(I've changed the domains above to generic for privacy, but they match the two in my htaccess example)
I've also checked the apache config, and ssl engine is ON
Hard to say what is wrong, but here is a slightly modified version of your attempt that prevents some issues:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain1\.com$
RewriteRule ^/?(.*)$ https://sub.domain2.co.uk/$1 [P]
An alternative would be to use the proxy module directly, without the rewriting module:
ProxyPass / https://sub.domain2.co.uk/
ProxyPassReverse / https://sub.domain2.co.uk/
The entry in the error log file indicates that you have an issue with the ssl certificate on that proxied page... Could it be that the certificate does not match the host name you use in the target of your proxy rule?
I am trying to set up Amazon CloudFront that it works well.
Everything works fine, exept for access-control-allow-origin "*"
I added inside my .htaccess file the following:
<ifModule mod_headers.c>
<FilesMatch \.(eot|ttf|otf|svg|tif|tiff|woff)$>
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</ifModule>
And checking the file direclty on the server, it works fine:
curl -I https://domain.com/fonts/font.woff
I get the result Access-Control-Allow-Origin: *
But when I check it for the Amazon CloudFront url, it does not work. It is not added to the header.
I also added the "Origin" to the whitelist, see:
But it still does not work, it is not added to the header.
EDIT:
When I create a new .woff file and load it over CloudFront Access-Control-Allow-Origin: * is still not edit. So I still miss something, what am I missing?
See my header:
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Content-Length: 0
Connection: keep-alive
Date: Fri, 23 Dec 2016 08:05:32 GMT
Server: Apache/2
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Location: https://domain.com/fonts/font_2.woff
Cache-Control: max-age=2592000
Expires: Sun, 22 Jan 2017 08:05:32 GMT
Age: 21
X-Cache: Hit from cloudfront
Via: 1.1 9635c619f121d7a236fe1312f20e5f1b.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Ygkldos5hh6s5AwolxfL5nzoxsNJPl-vpmeoNZ8fEGSKPVCgzbIFtg==
What am I missing?
EDIT 2:
Looks like it is because of my current https redirect in .htaccess. See:
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
How to solve this?
It read in cache maybe. If you can restart your IIS it can be fixed or wait.
I have a url
api/something/json?callback=abc and I want to redirect it to
dothis.php?strEndPoint=something&callback=abc&format=json
The base htaccess I tried was:
RewriteRule ^api/(.)/(json)?callback=(.) client.php?strEndPoint=$1&callback=$3&format=($2)
Doesn't appear to work : p
tested
using .*
RewriteEngine On
RewriteCond %{QUERY_STRING} callback\=(.*)
RewriteRule /api/(.*)/(json) /client.php?strEndPoint=$1&callback=%1&format=$2 [R=301]
you can remove r=301 just for test
$ curl localhost/api/1111/json?callback=2222 -I
HTTP/1.1 301 Moved Permanently
Date: Fri, 01 Nov 2013 03:16:25 GMT
Server: Apache/2.2.24 (Unix) DAV/2 mod_ssl/2.2.24 OpenSSL/0.9.8y
Location: http://localhost/client.php?strEndPoint=1111&callback=2222&format=json
Hey guys I got a tricky one here, but I believe it will allow me to bypass the need for a PHP controller file for forwarding. I have a url that I hit example.com/ if it has no following sequence, it will route like this
#example.com
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com [NC]
RewriteRule ^$ http://www\.example2\.com/?CampID=dm/DMdefault [R=301,L]
The question is the second redirect. If I want to slice the first two (alphanum) as one part of the forwarding url, and the next five as the second part, would this work?
RewriteMap lc int:tolower
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com [NC]
RewriteRule ^(\w{2})(\w{5})$ http://www\.example2\.com/landing/external-marketing/direct-mail/${lc:$1}?CampId=${lc:$1$2} [R=301,L]
This *should normalize case, and forward http://example.com/BA025JD to
http://www.example2.com/landing/external-marketing/direct-mail/ba?CampId=ba025jd correct?
You can't use the RewriteMap directive inside an htaccess file, you need to define maps in server or vhost config. Unfortunately, apache chooses not to bring that to your attention. If you use a map that hasn't been defined, it just silently does nothing.
However, once that map has been defined, your rules work for me:
my request
GET /A1b2C3d HTTP/1.1
Host: example.com
apache's response, with the lc map defined
HTTP/1.1 301 Moved Permanently
Date: Mon, 15 Oct 2012 18:44:37 GMT
Server: Apache
Location: http://www.example2.com/landing/external-marketing/direct-mail/a1?CampId=a1b2c3d
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1
A request to http://localhost/SAMPLE-CODES/backbone-mysql-reading-json/websites
gets redirected as follows:
> Request URL:http://localhost/SAMPLE-CODES/backbone-mysql-reading-json/websites
> Request Method:GET
> Status Code:301 Moved Permanently
Response headers:
> HTTP/1.1 301 Moved Permanently Date: Thu, 06 Sep 2012 14:32:41 GMT
> Server: Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4
> mod_perl/2.0.4 Perl/v5.10.1 Location:
> http://localhost/SAMPLE-CODES/backbone-mysql-reading-json/websites/
> Content-Length: 417 Keep-Alive: timeout=5, max=100 Connection:
> Keep-Alive Content-Type: text/html; charset=iso-8859-1
I am not sure what causes this redirect.
I have the following .htaccess in folder c:\xampp\htdocs\SAMPLE-CODES\backbone-mysql-reading-json\:
.htaccess
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
This is probably because of the mod_dir and the DirectorySlash directive that's doing the redirect. With it on, when apache looks at a URI and thinks it's accessing a directory, and is missing the trailing slash, it 301 redirects to the URI with the trailing slash. It's always turned on by default because there's an information disclosure security issue if you have it turned off. But if you are routing everything through an index.php script, it may not even matter and you can turn it off by simply adding DirectorySlash Off in your htaccess file (and turn it on for directories that you can access directory, like css or js or images, etc.