deny access of php file from url htaccess - .htaccess

Here's the Scenario,
I have a sample link that looks like this
Let's say ProjectName/products.php
I was able to rename the URL in htaccess to make it look like: ProjectName/products
HTACCESS:
RewriteEngine On
RewriteRule ^products?$ products.php
My question is, is it possible to deny access when trying to enter URL ProjectName/products.php ? I'm new in htaccess. I've tried adding deny from all, yes it solved the problem of not accessing that php file but it happens that I also can't access now the cleaned URL, I hope i made my question clear. thanks for the help.

To deny external access to the php file, you can use the following rule :
RewriteEngine on
RewriteCond %{THE_REQUEST} /products\.php [NC]
RewriteRule ^ - [R=403,L]

Related

Rewrite url via htaccess on apache server

I have a url which is
www.domain.com/index.php?route=ticketsystem/generatetickets
I want people who type in the url www.domain.com/contact to be redirected to the page index.php?route=ticketsystem/generatetickets however have the url bar still show /contact is that possible via htaccess and if so how? I tried the below
RewriteEngine On
RewriteBase /
RewriteRule contact /index.php?route=ticketsystem/generatetickets [L,QSA]
For your shown attempts, please try following .htaccess rules file. Make sure your index.php and .htaccess files are present in same directory/folder. Also better to use & rather than using / for query string.
Make sure to clear your browser cache before testing your URLs.
RewriteEngine ON
RewriteRule ^contact/?$ index.php?route=ticketsystem&generatetickets [QSA,NC,L]

.htaccess load index.php but not other .php files

I want to configure the .htaccess file to work the following way:
If the visitor tries to open a url with an existing folder name, redirect to main page (index.html).
I have the following rules for that:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !/index.html$ [NC]
RewriteRule ^data/existing-folder-1$ https://example.com [R=301,NC,L]
RewriteRule ^data/existing-folder-1/$ https://example.com [R=301,NC,L]
RewriteRule ^data/existing-folder-2$ https://example.com [R=301,NC,L]
RewriteRule ^data/existing-folder-2/$ https://example.com [R=301,NC,L]
</IfModule>
And it's working fine.
If the user tries to open a forbidden type of file (like .php), send to 403.
RewriteCond %{HTTP_REFERER} !^https://example.com [NC]
RewriteRule \.(php|log|htaccess)$ - [F,L,NC]
And it's also working fine.
I don't want users to see the contents of the folders, so I have this line:
Options -Indexes
I think that's all the important details to see the background.
I have a /rd folder with a simple index.php file to redirect URLs:
$url=$_GET["url"];
if (empty($url)){
//
} else {
header("Location: " . $url, TRUE, 308);
// later on with special functions
exit();
}
Such a link on my page looks like this:
https://example.com/rd/?url=https%3A%2F%2Ffoo-bar.com%2Fexample
Please note, that index.php is not written after /rd/ and before ?url. But if it's easier to solve this issue, I can modify it.
And now the problem comes here:
When I click on such a link through my website, it works perfectly.
But when I copy this redirect-link, and try to open in a new tab/window, it says 403 Forbidden. I think because #2 rule to disable access to .php files outside my domain.
Since I want to share those redirect links, I want them to be able to open when copy-paste the links.
I also don't want anyone to access any of my .php files - so it's not an option to remove rule #2.
How can I solve this issue? How can I enable to use the redirect links "alone", while keeping the rules to prevent access to files/folders?
Thank you.

htaccess is working but does not replace the url

I'm trying to modify the subdomain name in the URL to make it look nicer. My current URL look something like:
www.mystore.com/productInfo.php?cPath=11_11&productID=222
So, I want to make it nicer by Rewrite in .htaccess in main with this code:
RewriteEngine On
RewriteRule ^productInfo/([0-9_-]+)/([0-9_-]+) productInfo.php?cPath=$1&productID=$2 [NC,L]
When I run and test it on the URL by typing www.mystore.com/productInfo/11_11/222 in the URL it works well. However, when this page is redirected by a different page or is 'refreshed' with a self redirecting a href= link(in which the link is written in php by the previous programmer), the above old link is still visible in the URL instead of the new one.
I am still a beginner while I suspect that I might need to change something in the cPanel/Apache(I think) for this but currently, I am still do not have access to the cPanel control. Is there anything that I might have missed to write in the .htaccess file or I really do need the cPanel control or any other reasons?
Any help is appreciated. Sorry that I could not find similar questions on this.
You can use the following :
RewriteEngine On
RewriteBase /
#redirect /productInfo.php?cPath=foo&productID=bar to /productInfo/foo/bar
RewriteCond %{THE_REQUEST} /productInfo\.php\?cPath=([0-9_-]+)&productID=([0-9_-]) [NC]
RewriteRule ^ productInfo/%1/%2? [L,R=301]
#rewrite new URL to the old one
RewriteRule ^productInfo/([0-9_-]+)/([0-9_-]+) productInfo.php?cPath=$1&productID=$2 [NC,L]

.htaccess - Allow access only if URL matches exactly

I have a file (www.sample.com/sample.json).
I would like the file to be accessed only by the URL (www.sample.com/sample.json?custom-text).
If it's accessed without the custom-text, I want it to redirect to homepage or show a forbidden error.
I do not want to make any changes to my site www.sample.com. I want all the changes only to the file, sample.json (www.sample.com/sample.json)
I'm new to .htaccess, so sorry if the terms I used are wrong. Thanks in Advance.
You can use this rule:
RewriteEngine On
RewriteCond %{QUERY_STRING} !^custom-text$ [NC]
RewriteRule ^sample\.json$ - [F,NC]

htaccess rewrite query string nothing works

THE PROBLEM
After looking at 50+ StackOverflow posts and trying many permutations of my htaccess file, it does nothing still.
WHAT I HAVE TRIED
Using this website to generate my htaccess file: http://www.generateit.net/mod-rewrite/
Setting AllowOverride All in my httpd.conf file and restarting Apache.
MY CURRENT HTACCESS FILE
Lives in the root directory.
RewriteEngine On
RewriteBase /
RewriteRule ^find-a-local-doctor/([^/]*)/([^/]*)$ /find-a-local-doctor/?state=$1&city=$2 [L]
WHAT I WANT TO ACCOMPLISH
Change this URL:
http://www.md1network.com/find-a-local-doctor/?state=FL&city=Tampa
To this:
http://www.md1network.com/find-a-local-doctor/FL/Tampa
ADDITIONALLY
Since the actual file doing the work is: http://www.md1network.com/find-a-local-doctor/index.php, I need to be able to parse the query string with PHP. Hopefully, I will still be able to do this to get the state and city.
Please help.
Thanks.
Your existing rule looks alright but you will need an additional external redirection rule for reverse. Put this rule before your existing rule (just below RewriteBase /).
# external redirect from actual URL to pretty one
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s/+(find-a-local-doctor)/(?:index\.php)?\?state=([^&]+)&city=([^&\s]+) [NC]
RewriteRule ^ /%1/%2/%3? [R=301,L]

Resources