I have .htaccess:
Options +FollowSymLinks
RewriteEngine on
RewriteRule cache/ - [F]
Options -Indexes
RewriteCond %{HTTP_HOST} ^www.domains.eu [NC]
RewriteRule ^(.*)$ https://domains.eu/$1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^([a-zA-Z0-9\-\_\/]*)$ index.php?p=$1
# Blokada hotlinking czyli kradzieży obrazków
RewriteCond %{HTTP_REFERER} !^https://(.+\.)?domains.pl/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !yahoo\. [NC]
#RewriteRule .*\.(jpe?g|jpg|gif|bmp|png|jpeg)$ - [F]
#AuthType Basic
#AuthName "Password Protected Area"
#AuthUserFile /home/webplay/domains/domains.eu/public_html/.htpasswd
#Require valid-user
# Prevent viewing of htaccess file.
<Files .htaccess>
order allow,deny
deny from all
</Files>
RedirectMatch 403 ^.*/apps/(.*).php(.*)$
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl|map)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
I need the following redirection::
redirect from http ://domains .pl, http ://www.domains .pl, https ://www.domains .pl, https ://domains .pl to https ://domains .eu
redirect from https ://www.domains .eu, http ://www.domains .pl, http ://domains .eu, to https ://domains .eu
Could I ask for help from my .htaccess made into these redirects?
will you please add below code and test it?
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://domains.eu/$1 [L,R=301]
I received a call from Go Daddy indicating that my site had been hacked and the .htaccess file is now an issue.
The code in my .htaccess file is as follows
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} (google|yahoo|msn|aol|bing) [OR]
RewriteCond %{HTTP_REFERER} (google|yahoo|msn|aol|bing)
RewriteRule ^([^/]*)/$ /help-insideit.php?p=$1 [L]
AddType application/octet-stream .gdb .gpx
Could someone advise me as to what could be corrupted?
Thanks
Howard
imgslink.biz is my site when i upload any image and try to open it it give me 404 error imgslink.biz/img-53fc4f024b830.html . here is my .htaccess file code
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?imgslink\.biz/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ nohotlink.gif [L]
<Files ~ "\.(php|sql|php3|php4|phtml|pl|py|jsp|asp|htm|shtml|sh|cgi)$">
order allow,deny
deny from all
</Files>
Thanks
My htaccess code:
RewriteBase /mysite/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (/[^.]*|\.)$ [NC]
RewriteRule .* index.php [L]
In nginx config I've tried this but it didn't work
location /mysite{
try_files $uri $uri/ /mysite/index.php$is_args$args;
}
Anyone can help me, tks so much.
p/s: I've tried http://www.anilcetin.com/convert-apache-htaccess-to-nginx/ and http://winginx.com/htaccess, but both of them can't help
I have a website where I wrapped phpbb3 inside wordpress. It works pretty well, although when I added this security recommendation to my .htaccess:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} tag\= [NC,OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR]
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare).* [NC]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteRule ^(.*)$ - [F,L]
</IfModule>
it is causing 403 errors when users try to use the search form on some of the forum pages. This is the way the search is presented (as an example):
<div class="search-box">
<form method="post" id="forum-search" action="./search.php?fid[]=5">
<fieldset>
<input class="inputbox search tiny" type="text" name="keywords" id="search_keywords" size="20" value="Search this forum…" onclick="if (this.value == 'Search this forum…') this.value = '';" onblur="if (this.value == '') this.value = 'Search this forum…';" />
<input class="button2" type="submit" value="Search" />
<input type="hidden" value="5" name="fid[]" />
</fieldset>
</form>
</div>
Comes back as "forbidden". When I take out that section of .htaccess, it works fine. I know the very basics about .htaccess and can't figure out why that code is causing a 403 on that section of HTML/PHP.
Any ideas would be appreciated...thanks...
It is causing a 403 because you are returning 403 in your htaccess, the F flag in your rewrite rules is going this.
There's probably a reason why you'd want to do this. The first rule blocks requests via HEAD, TRACE, DELETE, and TRACK methods. The second rule blocks requests with a bunch of possible query strings and *if you are missing the wordpress_logged_in cookie*. So if you don't have a cookie named wordpress_logged_in_, then you'll get a 403.