I have 2 .js files, in exact same folder/location etc, and I use .htaccess from html5 boilerplate which ensure all asset files are gziped.
Yet one of them gets and other are not gziped.
//gziped correctly (saving 70% of its size !)
https://riadaischool.com/js/app.5.01.js
while
https://riadaischool.com/js/lib.5.2.1.js
is served as is with no compression.
why would such behavior happen both files are in same server/folder and same .htaccess rules should be applying to both?
Related
I'm currently taking a look at the .htaccess file for my company, in order to add several 301 redirects to it, but it appears as though the file's been corrupted with several dozen injections of malware involving rewrites to other URLs, all starting roughly halfway through the document.
I'd like to return this file to a useable state, but i really do not know if there is such a thing as a vanilla flavoured .htaccess doc that i can safely use, or if i will be compromising the site as it currently exists by simply removing all of the entries in the current file so that it exists as a blank slate?
How to prepare .htaccess file to block strange redirect...
When site is created in Cake, and we input address some like this: http://example.com/css, we are redirec to to http://example.com/app/webroot/css (403 Forbidden).
I think is the problem of .htaccess, but maybe no. The better solutions will be redirect to / or listing files if we can.
How solve this?
Cake expects http://example.com/css to redirect to http://example.com/app/webroot/css, which is where you should be keeping all your css files. You'll notice that doing things like echo $this->Html->css('style'); , the standard cake way for linking to a css style, it will create a link to http://example.com/css/style.css even though the file should be actually located in http://example.com/app/webroot/style.css. You do not want people to be able to look at http://example.com/css, since that is your css folder. If they can browse your file structure, they could potentially do bad things. So don't alter your .htacess file. As you said, whatever you're trying to do is most likely better done another way.
As a result of merging several sites together, I have a couple of thousand pages that need to be redirected. I cannot use wildcards as they are specific pages, so they will all be the form of:
Redirect 301 /old_page.html http://www.example.com/new_page.html
Is there a recommendation on how many lines can be in the .htaccess file before it starts to become a performance issue? I'm sure it depends somewhat on the apache configuration, system memory, etc. but I'm trying to get an estimate. Is 2,000 lines too long, or should it be 200, or is 20,000 okay?
I have a couple of thousand pages that need to be redirected. I cannot use wildcards as they are specific pages, so they will all be the form of:
Redirect 301 /old_page.html http://www.site.com/new_page.html
Nope, don't do that.
Redirect everything (expect maybe static ressources like js, css, images, ... that have not changed) for that no current content can be found to a script instead - and have that look up the new URL corresponding to the old one requested, and then does a redirect with a Location header.
I have a simple upload form that allows a file to be uploaded to a folder in the site. I don't want to allow anything but .pdf files to be uploaded. However, I cannot modify the form at all to limit the upload. And I can't use PHP on the back end to limit it either. Javascript is unsecure because a user can turn it off. How can I limit the upload to a .pdf file with .htaccess?
As far as I know, it isn't possible. You could, however, restrict the files being returned, and force their mime type to be application/pdf, so they will be treated like PDFs, even if they aren't. If this was combined with JavaScript, it would help honest users (ex, if someone accidentally selects a .jpg they will get a warning right away), and it will make attacks more difficult.
It seems like the third-party mod_upload might be able to help, though.
To restrict the output types, you could use a .htaccess file similar to this:
# Prevent request to non-.pdf files
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} ! \.pdf$
RewriteRule (.*) $1 [F]
# Tell the browser that this is a PDF
Header set Content-Type application/pdf
# Hint that the browser shouldn't try to auto-detect the content type
Header set X-Content-Type-Options nosniff
(note: I wrote those from memory, so make sure to test them before you trust them…)
I want to include a certain file with every page-call.
For simplicity, assume I have a header which should be pre-pended to every file.
(Eg. a php script which checks all sorts of user agent stuff.)
I could use mod_rewrite to send all requests to this file, and then use PHP to include the requested page into the file, but that could be a headache with paths and whatnot, and I would rather not use mod_rewrite if not needed.
I recall there being a 'include' call in htaccess, but the only thing I can find in a search is ServerSideIncludes - which is not what I need. SSI (I gather) scans the document looking for a call, whereas I need to include this file before going onto the file being called.
Aside from SSI's there's also a PHP-specific option for including header/footer file with every PHP page so this solution may be too limit for you:
In .htaccess:
php_value auto_prepend_file /www/root/header.php
php_value auto_append_file /www/root/footer.php