We are trying to protect our admin url /admin/ with a ip block in the htacces. So that we can only approach the admin url from a single ip adres and other people cannot get there. We found the following code that makes it work in http so without ssl, but our site has ssl (https) and with the following code it does not work there:
RewriteCond %{REQUEST_URI} ^/(index.php/)?admin/ [NC]
RewriteCond %{REMOTE_ADDR} !^1.1.1.1
RewriteRule ^(.*)$ http:// %{HTTP_HOST}/ [R=302,L]
I am no expert in setting up rewrite rules and things in htacces. Is there anyone that knows how to change this code to block the admin url for a https shop?
It is still not really clear what your specific issues is, but I will try a guess to answer this. It might be that your issue is not solved by this. If so, then the issue is something else which you still did not address. I asked above in the comments what you actually mean by "This does not work". A precise description of the issue is important to ge precise answers.
Anyway, I don't see a reason why you have to deal with protocol and host name in an explicit manner. Just rewrite everything in a relative manner and all should be fine:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/(index.php/)?admin/ [NC]
RewriteCond %{REMOTE_ADDR} !^1\.1\.1\.1$
RewriteRule ^ / [R=302,L]
Note: instead of a specific IP address you probably want to specify an address range. So some prefix maybe like ^1\.1.
And a general hint: you should always prefer to place such rules inside the http servers host configuration instead of using .htaccess style files. Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).
Related
I have .htaccess file for seo friendly url. My standard url is;
index.php?p=user
And I can access this url by typing;
www.mydomain.com/user
Everything is fine until here. What I also want to do is to crate a seo url for the following url;
index.php?p=user&username=john
and the seo url should be as follows;
www.mydoamin.com/user/john
I have tried the following and it keeps throwing 404 error.
RewriteRule ^user/([^/]*)$ /index.php?p=user&username=$1 [L]
Can anybody tell me what is wrong here?
Here is the current .htaccess code
RewriteEngine On
RewriteRule ^(.+)$ index.php?p=$1 [L,QSA]
RewriteRule ^user/([^/]*)$ /index.php?p=user&username=$1 [L]
Considering the current configuration you added to the question the issue might be that you need to reverse the order of those directives:
RewriteEngine On
RewriteRule ^user/([^/]*)$ /index.php?p=user&username=$1 [L]
RewriteRule ^(.+)$ index.php?p=$1 [L,QSA]
The reason is that the directives get processed from top to bottom. That means that you need to implement more specific rules, so exceptions earlier, so further up in the file. Because the pattern ^(.+)$ will match all requests.
There are some additional modifications I would suggest. But you will have to test that, since I have only a very limited insight into your setup:
RewriteEngine On
RewriteRule ^/?user/([^/]+)/?$ /index.php?p=user&username=$1 [END]
RewriteRule ^/?([^/]+)/?$ /index.php?p=$1 [END,QSA]
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
This implementation will work likewise in the http servers host configuration or inside a distributed configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a distributed configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using distributed configuration files (".htaccess"). Those distributed configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
I am trying to achieve the following redirect but for the life of me cannot figure it out:
domain.com/[anythingatall]
Redirects to:
domain.com/page.php?path=anythingatalldata
So essentially take [anythingatall] and auto redirect it to the second URL and put it where it says anythingatalldata.
Any suggestions? Currently I've got it semi working but it's adding the redirected code, specifically page.php to the anythingatalldata field instead of what I enter at /[anythingatall].
This probably is what you are looking for:
RewriteEngine on
RewriteCond %{QUERY_STRING} (?:^|&)path=(.*)(?:&|$)
RewriteRule ^/?page\.php$ /%1 [R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^/?(.*)/?$ /page.php?path=$1 [END]
It is a good idea to start out with a 302 temporary redirection and only change that to a 301 permanent redirection later, once you are certain everything is correctly set up. That prevents caching issues while trying things out...
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
This rule will work likewise in the http servers host configuration or inside a dynamic configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a dynamic configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
I am a web developer. I have developed a news portal for my client. But the URLs of the articles are dynamic and I need to redirect it to a static URL for SEO purpose.
The current URL : https://example.com/single-post.php?id=1&category=news&title=this-is-a-title
Desired URL : https://example.com/news/this-is-a-title
Someone please help me.
I have wrote this :
RewriteCond %{QUERY_STRING} (?:^|&)id=(\d+)(?:&|$)
RewriteCond %{QUERY_STRING} (?:^|&)title=([^&]+)(?:&|$)
RewriteRule ^/?single-post\.php$ /%2/%1 [R=301]
RewriteRule ^/?(.*)/(\d+)$ single-post.php?title=$1&id=$2 [END]
But the URL output is not what I expected. It is like :
https://example.com/this-is-title/?id=1&title=this-is-title
The only title came first without the id and then the old format came again after the slash. I can't understand what is going on here.
What you ask actually is not possible. There is no way for the rewriting module to somehow magically guess the numerical ID of that object you request. What you can actually do is publish URL in the style of https://example.com/news/1/this-is-a-title. Notice the ID in there, that is what is usally done. For that his should point you into the right direction:
RewriteEngine on
RewriteRule ^/?news/(\d+)/(.*)/?$ /single-post.php?id=$1&category=news&title=$2 [END]
Typically your application logic will only need the numerical ID of the requested object to fetch it from your database. So you typically can silently drop the title in the internal rewriting which makes things even more simple:
RewriteEngine on
RewriteRule ^/?news/(\d+) /single-post.php?id=$1&category=news [END]
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
This rule will work likewise in the http servers host configuration or inside a dynamic configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a dynamic configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
UPDATE:
in your comment to this answer you suggest to also do an explit redirection in case the target URL is used on the client side. Here is a variant of version 2 above which adds that redirection:
RewriteEngine on
RewriteCond %{QUERY_STRING} (?:^|&)id=(\d+)(?:&|$)
RewriteRule ^/?single-post\.php$ /news/%1 [R=301]
RewriteRule ^/?news/(\d+) /single-post.php?id=$1&category=news [END]
A variant of version 1 would look similar:
RewriteEngine on
RewriteCond %{QUERY_STRING} (?:^|&)id=(\d+)(?:&|$)
RewriteCond %{QUERY_STRING} (?:^|&)title=([^&]+)(?:&|$)
RewriteRule ^/?single-post\.php$ /news/%1/%2 [R=301]
RewriteRule ^/?news/(\d+) /single-post.php?id=$1&category=news [END]
Is is a good idea to start with a 302 redirection first. And only change that to a 301 redirection once everything works fine. That saves you from hassles with client side caching while you are still trying things out.
I'm trying to redirect a URL with whatever folder is on the end to a new URL and I can't get the rewritecond figured out.
I'm trying to take URL like this:
http://www.example1.com/feature/this-folder-name/whatever1/whatever2
to
http://www.example2.com/whatever1/whatever2
The folder whatever1 can change as can whatever2.
I've tried:
RewriteCond %{HTTP_HOST} ^www\.example1\.com/feature/this-folder-name$
RewriteRule ^(.*)$ https://www.example2.com/$?&%{QUERY_STRING}
And
RewriteCond %{HTTP_HOST} ^www\.example1\.com/feature/this-folder-name$ [NC]
RewriteRule ^(.*)$ https://www.example2.com/$1 [R=301,L]
There are a number of issues here, so I took the liberty to clean things up a bit...
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example1\.com/$
RewriteRule ^/?feature/this-folder-name/(.*)$ https://www.example2.com/$1 [R=301,END,QSA]
In case you want to be more precise and really only redirect if two separate folders are specified as you explained this might point you into the right direction:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.example1\.com/$
RewriteRule ^/?feature/this-folder-name/([^/]+)/([^/]+)/? https://www.example2.com/$1/$2/ [R=301,END,QSA]
It is a good idea to start out with a 302 temporary redirection and only change that to a 301 permanent redirection later, once you are certain everything is correctly set up. That prevents caching issues while trying things out...
In case you receive an internal server error (http status 500) using the rule above then chances are that you operate a very old version of the apache http server. You will see a definite hint to an unsupported [END] flag in your http servers error log file in that case. You can either try to upgrade or use the older [L] flag, it probably will work the same in this situation, though that depends a bit on your setup.
These rules will work likewise in the http servers host configuration or inside a dynamic configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a dynamic configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
<VirtualHost *:80>
ServerName example1.com
redirect / http://example2.com
</VirtualHost>
<VirtualHost*:80>
ServerName example2.com
</VirtualHost>
Then let example2.com do what it does in its own virtual host settings. The assumption here is example2 knows where it’s own files are, independent of example1.
I am using following htaccess rewrite for clean URL:
RewriteRule ^([^/]+)/?$ category.php?cat=$1 [L,QSA]
RewriteRule ^([^/]+)/([^/]+)/?$ subcategory.php?cat=$1&subcat=$2 [L,QSA]
RewriteRule ^([^/]+)/([^/]+)/([^/]+)/?$ item.php?cat=$1&subcat=$2&item=$3 [L,QSA]
And I get clean URL like:- domain.com/SHOE/MEN/ITEM-NAME
Now I want change URL to be:- 1. domain.com/BOOTS/MEN/ITEM-NAME
and similar changes at parent level like: 2. domain.com/BOOTS/MEN and 3. domain.com/BOOTS
I tried with one additional line
RewriteRule ^SHOE/.*$ /BOOTS/$1 [L,R]
But still not working. Sorry If I made it complex. Thank you for help in advance.
Your question is not really clear, but I assume you want to redirect incoming browser requests to URLs using BOOTS instead of SHOE, whilst keeping the rest of the requested URL as it is...
For that try something like that:
RewriteEngine on
RewriteRule ^/?SHOE(.*)$ /BOOTS$1 [R=301,END]
That rule should be placed at the beginning of a possible series of rewrite rules. If you are using an old apache http server you might have to use the L flag instead of END. That also means you might have to take additional measures to prevent an endless rewriting loop.
And a general hint: you should always prefer to place such rules inside the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).