I'm going to enable mod_rewrite (modsecurity ) in Cpanel and here is my htaccess, please advice me how to enable it.
RewriteEngine on
RewriteCond $1 !^(index\.php|images|public|assets|uploads|themes|install|updates|asset|mob|robots\.txt)
RewriteRule ^(.*)$ index.php?/$1 [QSA,L]
<FilesMatch "\.(jpg|jpeg|png|gif|swf|css)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
Thanks in advance
As per your provided .HTACCESS code, mod_rewrite is already enabled..
RewriteEngine on
While Mod_security can not be enabled/disabled from cPanel end. If you have access to server OR WHM panel then you can do it and make sure you have compiled APACHE to enabl mod_security, otherwise contact your hosting provider to do it for you.
You can find APACHE compile for mod_security details from here...
mod_rewrite is not the same thing as mod_security. The first allows you to create custom rewrite rules in an .htaccess file like the ones you have mentioned. Mod_security is a security module for apache (protects your website against php sql injection attacks, xss etc).
mod_rewrite is enabled by default on a fresh cPanel/WHM install.
What is exactly not working on your actual config/setup?
Related
I've been researching about SEO lately and read in some article that if I force all my visitors to use example.com/index.html (using a 301 redirect) and not example.com, risk of tagging my site as duplicate content by search engines would be far less. So how do I do it?
Thank you.
This should work:
RewriteEngine On
RewriteRule ^/?$ index.html [R,L]
This assumes that mod_rewrite is both installed and activated for htaccess files.
If you are not sure, to check if mod_rewrite is installed, look at the list of installed modules in the output of phpinfo();
By default, mod_rewrite is not enabled for htaccess files. If you are managing your own server, open httpd.conf
and make sure that the webroot directory block contains one of these lines: AllowOverride FileInfo or AllowOverride All
I have a problem with one of the url's in my website , it doesn't seem to comply to my .htaccess rules. The problem I'm experiencing is the following.
I access my site using url: http://www.website.com/sitemap
I have the following .htaccess rules:
ReWriteEngine On
php_value include_path ".:/Webserver/blabla/boo"
RewriteCond %{REQUEST_URI} !^/cms[A-Za-z0-9\-_/]*$
ReWriteRule ^([A-Za-z0-9\-_/]*)$ /site/index.php/
ReWriteRule ^$ /site/index.php/
So I would expect this URL call to rewrite to /site/index.php but the point is it never goes there and instead opens sitemap.xml which is in the webroot. It does work for all other URL's in my site. What could be the case here?
I found the culprit. It was due to the MultiViews option set in httpd.conf and each individual site .conf file. I disabled the MultiViews option in the per site .conf file setting it to -MultiViews
Maybe this question fits better in Serverfault. Is there a posibility for me to transfer it?
Im not sure if this is a duplicate, if it is, please accept my apologies in advance. How can I prevent others from leaching/downloading my #font-face fonts (eot, svg, ttf, woff) using .htaccess and only allowing my domain to use them?
Thanks to the guys over at the #httpd channel on IRC. I've finally found the htaccess block of code to prevent people from hotlinking to my fonts.
SetEnvIfNoCase Referer "^https?://([^/]*)?example\.com/" local_ref=1
SetEnvIf Referer ^$ local_ref=1
<FilesMatch "\.(eot|svg|ttf|woff)$">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
Source: Apache Wiki.
For some reason, the code which #joshhendo provided me didn't work for both font file types and images. I'm not sure how .htaccess works, perhaps others with more experience can chime in.
You could prevent hot linking (see http://altlab.com/htaccess_tutorial.html ). This could be changed for font faces), which would allow only pages from your domain to access it. This won't stop people downloading the fonts and uploading them to their own servers, but there's nothing you can do about that.
The following code should work (it's from the URL above, but I've modified it to include the fonts you mentioned. Obviously you will need to change mysite.com to your domain name.
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(eot|svg|ttf|woff)$ - [F]
I want to redirect http://myip/admin to https://myip/admin. I am trying to use .htaccess to do this (want this only for the admin folder).
Contents of .htaccess placed in the relevant folder:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
(apache mod_rewrite is enabled). Both http://myip/admin and https://myip/admin are visible (but the redirection does not work). Server is Ubuntu.
I have tried few variations of the above rules from the internet but no luck :(
Any inputs would be appreciated.
regards,
JP
Solved it and learnt something new. The AllowOverride option in apache's main config file was not set correctly.
Also, if someone faces such issues 2 points:
1) apache reload may sometime not work as expected. Try restart
2) Clear browser cache and / or refresh page.
Greetings!
I have CakePHP based app on shared hosting I wonder if there's a way to clean up the url through .htaccess. What bugs me is that I have to have index.php in it or I get a 404:
project.com/index.php/controller/method
Initially I was getting a 404 error no matter what and my host admin ended up setting RewriteEngine off and this is what it looks like now
<IfModule mod_rewrite.c>
RewriteEngine off
RewriteRule ^$ webroot/ [L]
RewriteRule (.*) webroot/$1 [L]
</IfModule>
Is there fix for this without the .htaccess? As it is right now, does it pose any type of security risk?
Thanks
You need three .htaccess files :
/.htaccess
/app/.htaccess
/app/webroot/.htaccess
If the one you pasted in your question is the one at the root of your website, that's probably where your problem comes from. These directives file would rewrite URLs to project.com/webroot/, which doesn't exist. It should redirect to project.com/app/webroot/, which will in turn rewrite to index.php?url=$1 (relative to project.com/app/webroot/).
I'm not pasting the files here; the three of them are available in the CakePHP releases as well as in the Book: http://book.cakephp.org/2.0/en/installation/url-rewriting.html (check the 3rd item in the page).
Are you sure the mod_rewrite module is enabled on your shared hosting?