I have the following structure on my project
assets
css
js
img
........
caches
x-cache
y-cache
........
resources
config.php
libraries
pages
........
index.php
.htaccess
Basically, I use assets and resources/pages to display pages. And I don't want other files such as config.php as accessible from a user. So, I'm asking how can I make these files/folders available only by PHP code? How can I redirect users to the index page?
Create a php file in each of the folders and call it index.php
put d following code inside the index.php file
<?php
header('Location:../');
?>
if any user try to visit www.sitename.com/assets they will be redirected to the super folder index.php file. Same as the /resources folder.
For folders inside folders use
<?php
header('Location:../../');
?>
Now, for files like config.php use a php session on each of the files
<?php session_start();
if(!isset(mySessionValue)){
header('Location:sitenam.com/index.php');
}?>
At the top of the .htaccess file in the document root you can block (or redirect) any direct access to certain directories/files using mod_rewrite. For example:
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/resources
RewriteRule ^ - [F]
The above would send a 403 Forbidden for any URLs (ie. direct requests from the user) that start /resources.
Sending a 403 would be the preferred response, however, if you wanted to redirect the user to the index page, change the above RewriteRule to read:
RewriteRule ^ / [R,L]
Related
I have a site https://sitename.com/web (example). So, full path to page is sitename.com/web/index.php. On ftp server there is folder /web which also contain second page file - index-2.php. How to avoid creating /web-2/ folder and redirect index-2.php to sitename.com/web-2 ?
Easy, create an .htaccess file inside the root folder of your site, then add the following lines to it:
RewriteEngine On
RewriteRule ^web-2$ index-2.php [QSA,L,NC]
This site might help you with htaccess:
https://www.htaccessredirect.net/
A nice tutorial on .htaccess files also below:
https://www.digitalocean.com/community/tutorials/how-to-use-the-htaccess-file
First what I want to note it for you is
I use appserv.
I create the .htaccess file in direct file, so .htaccess file is in the folder /web.
All I want is use RewriteRule for all web links except (.css)-(.js)-(all types of images and .txt)-(and all files name).
I use this code:
RewriteEngine On
RewriteRule ^content/([0-9]+)/$ content.php?pid=$1 [L]
but when I open this page as web/content/2, the css, js, images are not loaded.
I do not know what's the problem :(
I am working on a new website and I want the following url /newsite/products to redirect to /newsite/products/product.php.
My .htaccess file is as follows:
RewriteEngine On
RewriteRule ^newsite/products$ /newsite/products/product.php
My problem is that there is already a folder called products within newsite and when requesting newsite/products it tries to open that folder rather than go to the php file.
I get:
Forbidden
You don't have permission to access /newsite/products/ on this server.
Is there any way to make this work?
EDIT: Requested url is: http://example.com/newsite/products and location of .htaccess is in root.
You need to turn off the directory slash to rewrite your file :
Try :
DirectorySlash off
RewriteEngine On
RewriteRule ^newsite/products$ /newsite/products/product.php [NC,L]
Don't add a trailing slash in rule pattern
/newsite/products
will rewrite to
/newsite/products/product.php
and
/newsite/products/
will open your "products" directory
Note- this is not a safe solution, if you remove the rule and DirectorySlash is off, Your index file will be ignored ,all directories will start listing files and folders.
Current URL
http://www.example.com/admin/data/img/gallery/myimages.jpg
http://www.example.com/admin/data/content/mycontents.html
So
Current SCRIPTS / HTMLS / FILES OF WEBPAGE CONTAIN and shows in browser source code
<img src="/admin/data/img/gallery/myimage.jpg">
<?php include("/admin/data/content/mycontents.html"); ?>
This is "CMS system" in a folder named "admin"
What i want to do is Hide the admin folder from every script /php/html output to browser.
So no body can see or search engines can't capture this area (Security concern)
So when the browser output the content or script it will rewrite the above urls to this
Removing the admin
http://www.example.com/data/img/gallery/myimages.jpg
http://www.example.com/data/content/mycontents.html
Inside browser source code
<img src="/data/img/gallery/myimage.jpg">
or
removing the data too
http://www.example.com/img/gallery/myimages.jpg
http://www.example.com/content/mycontents.html
Kindly help also it must work for www.example.com as well as example.com
Solution through htaccess and mod_rewrite
i do not have access to httpd.conf
Also i do not want to move the folder a lots of scripts are there in the folder so have to write a lot.
Also tell me where should i place it in the root or in the admin folder
Thank you
You could try adding this to the .htaccess file in your document root (where the "admin" folder is in):
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/admin/data/%{REQUEST_URI} -f [OR]
RewriteCond %{DOCUMENT_ROOT}/admin/data/%{REQUEST_URI} -d
RewriteRule ^(.*)$ /admin/data/$1 [L]
The conditions check that if the request URI gets prepended with "/admin/data/", if it points to an existing file or directory. If it does, then rewrite the URI so that there's an "/admin/data/" in front of the request. If you don't want to be able to map directories into /admin/data, then remove the second condition (the one with -d) and remove the [OR] flag from the first.
Basically I have a CDN setup.
/public_html/
index.html
/files/
image/
video/
video2/video2
I want to redirect ALL sub folders and directories to the main folder - except file extensions, so if someone loads a file, I want that to load, just so people cant view directories. (I dont want to see a 404 or forbidden message, just want the directory to go to the main page)
It would save me from uploading index.php redirects. Can this be done with .htaccess?
# don't show any files in the folder
IndexIgnore *
ErrorDocument 403 /
ErrorDocument 404 /
RewriteEngine On
# disabled user to access directly to the files folder.
RewriteRule ^files(\/?)$ - [F]
# images
RewriteRule ^image/(.*)\.(jpg|png|jpeg|gif)$ /files/$1.$2 [L]
# video
RewriteRule ^video/(.*)\.(flv|avi|mov)$ /files/$1.$2 [L]
#etc...
If you have sub folders, the (.*) will automatically use it. Example:
http://www.domain.com/image/i.png => /files/i.png
http://www.domain.com/image/sub1/sub2/i.png => /files/sub1/sub2/i.png
Here some links that will help you:
http://www.javascriptkit.com/howto/htaccess.shtml
http://www.htaccess-guide.com/
http://net.tutsplus.com/tutorials/other/the-ultimate-guide-to-htaccess-files/
http://www.bloghash.com/2006/11/beginners-guide-to-htaccess-file-with-examples/