Develop Reference

If is not localhost statement htaccess

i'm currently forcing visitors to access all my websites (mostly Wordpress) over https, witch i do with the following code:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Now i was wondering if i can use an if is not statement, so if i work on my local environment, this won't work. For example:
<If "%{HTTP_HOST} != 'http://localhost:8888'">
# live configuration
</If>
<Else>
# local configuration
</Else>
What's the best way to do this?
Thanks is advance!

http:// is not part of match in {HTTP_HOST} variable .You need to use !='localhost' If you are testing the on a local host or !='example.com' If testing this on example.com .
Full code
<If "%{HTTP_HOST} != 'localhost'">
# live configuration
</If>
<Else>
# local configuration
</Else>

.htaccess issues- need to extract a new rewritebase and make a filename substitution into a variable

I have 3 possible locations for a site to be viewed-
http://localhost/mysite
http://myhost.com/webs/mysite (for demos prior to publishing)
http://clienturl.com
The files use a simple PHP templating system so that normally, the full URL for any given content would be-
http://localhost/mysite/?pg=contact
However, what I wish to do is have
http://localhost/mysite/contact.html resolve so that the word "contact" gets placed within the variable "pg".
This works fine with this .htaccess directive-
RewriteRule (.*)\.html index.php?pg=$1 [QSA] #
It works fine locally, and at my myhost.com.
However, when placed at clienturl.com, any page other than the root:
clienturl.com
causes a server error, similar to "cannot find the file."
So I discovered that I could specify an environment variable.
.htaccess
#0 http://stackoverflow.com/questions/869092/how-to-enable-mod-rewrite-for-apache-2-2 0#
# Tell PHP that the mod_rewrite module is ENABLED.
#0 --------------------------------------------- 0#
SetEnv HTTP_MOD_REWRITE On
#0 --------------------------------------------- 0#
# Determine REWRITEBASE #
#1 http://stackoverflow.com/questions/2045897/with-mod-rewrite-can-i-specify-a-rewritebase-within-a-rewritecond 1#
#1 https://www.webmasterworld.com/apache/3522649.htm 1#
#1 --------------------------------------------- 1#
# Activation of the URL Rewriting
Options +FollowSymlinks
RewriteEngine On
# RewriteBase equivalent - NOT portal2web.biz or local
RewriteCond %{HTTP_HOST} !^portal2web.biz$ [OR]
RewriteCond %{HTTP_HOST} !^localhost$
RewriteRule . - [E=REWRITEBASE:/]
# RewriteBase equivalent - portal2web.biz or local
RewriteCond %{HTTP_HOST} ^portal2web.biz$ [OR]
RewriteCond %{HTTP_HOST} ^localhost$
RewriteRule . - [E=REWRITEBASE:]
#1 --------------------------------------------- 1#
# The rest of your rewrite rules here
# rules should be written most complicated to least complicated, structurally
RewriteRule (.*)\.html %{ENV:REWRITEBASE}index.php?pg=$1 [QSA] #
It turns out the clienturl.com requires "/" to be specified for the REWRITEBASE despite, as far as I know, the .htaccess supposedly allows for relative URLs and shouldn't need this to be specified explicitly.
This works at all locales except for my webserver, until I put a WWW in front of the URL, because, I think, of a directive handling WWW from my own server's root folder.
So I tried this-
.htaccess
# http://stackoverflow.com/questions/869092/how-to-enable-mod-rewrite-for-apache-2-2 #
# Tell PHP that the mod_rewrite module is ENABLED.
# --------------------------------------------- #
SetEnv HTTP_MOD_REWRITE On
# --------------------------------------------- #
# Determine REWRITEBASE #
# http://stackoverflow.com/questions/2045897/with-mod-rewrite-can-i-specify-a-rewritebase-within-a-rewritecond #
# https://www.webmasterworld.com/apache/3522649.htm #
# Activation of the URL Rewriting
Options +FollowSymlinks
RewriteEngine On
# check for http:// or https:// and set environment variable HTTP #
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ - [E=HTTP:http://]
RewriteCond %{HTTPS}:s on:(s)
RewriteRule ^(.*)$ - [E=HTTP:https://]
# define environment variable REWRITEBASE #
RewriteCond %{REQUEST_URI}::$1 ^(.*?/)(.*)::\2$
RewriteRule ^(.*)$ - [E=REWRITEBASE:%{ENV:HTTP}%{HTTP_HOST}%1]
# rewrite to get proper variable format for index #
# rules should be written most complicated to least complicated, structurally
RewriteRule (.*)\.html index.php?pg=$1 [QSA] #
This works locally, and at my webserver, meaning that contact.html is shown in the URL bar as contact.html, (even with a WWW in front of the URL) but at the clienturl.com, the url reverts back to index.php?pg=contact.
I'm confused, and I would really appreciate some help understanding what I'm doing wrong.
Thank you all for your help!

Run multiple Drupal sites from subfolder in root, using multilingual urls

I have a (Drupal) website running in a subfolder, with another (Drupal) website running in the root. The website in the subfolder is a multilingual website. I need the subfolder name to change, depending on the language the site is being displayed in, but I'm not able to find or create a working rewrite rule for it.
The scenario is as follows:
The website is located in folder with the different languages showing urls like folder/folder, folder/dossier and folder/map. The language tags are handled by Drupal. The end result I desire is:
folder/folder >> folder/
folder/map >> map/
folder/dossier >> dossier/
This means that the subfolder is removed from the URL, and only the language urls remain.
Any idea how to solve this problem, using htaccess, prefably without redirects, and without having a negative influence on the root website?
Below is the Drupal htaccess being used. The same htaccess is used in the root, but then with the RewriteBase still commented.
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)(|~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig\.save)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_environment_initialize() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
# Do not allow PHP scripts to be cached unless they explicitly send cache
# headers themselves. Otherwise all scripts would have to overwrite the
# headers set by mod_expires if they want another caching behavior. This may
# fail if an error occurs early in the bootstrap process, and it may cause
# problems if a non-Drupal PHP file is installed in a subdirectory.
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
# Set "protossl" to "s" if we were accessed via https://. This is used later
# if you enable "www." stripping or enforcement, in order to ensure that
# you don't bounce between http and https.
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
# Block access to "hidden" directories whose names begin with a period. This
# includes directories used by version control systems such as Subversion or
# Git to store control files. Files whose names begin with a period, as well
# as the control files used by CVS, are protected by the FilesMatch directive
# above.
#
# NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
# not possible to block access to entire directories from .htaccess, because
# <DirectoryMatch> is not allowed here.
#
# If you do not have mod_rewrite installed, you should remove these
# directories from your webroot or otherwise protect them from being
# downloaded.
RewriteRule "(^|/)\." - [F]
# If your site can be accessed both with and without the 'www.' prefix, you
# can use one of the following settings to redirect users to your preferred
# URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
#
# To redirect all users to access the site WITH the 'www.' prefix,
# (http://example.com/... will be redirected to http://www.example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} .
# RewriteCond %{HTTP_HOST} !^www\. [NC]
# RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
#
# To redirect all users to access the site WITHOUT the 'www.' prefix,
# (http://www.example.com/... will be redirected to http://example.com/...)
# uncomment the following:
# RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
# RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]
# Modify the RewriteBase if you are using Drupal in a subdirectory or in a
# VirtualDocumentRoot and the rewrite rules are not working properly.
# For example if your site is at http://example.com/drupal uncomment and
# modify the following line:
# RewriteBase /drupal
#
# If your site is running in a VirtualDocumentRoot at http://example.com/,
# uncomment the following line:
RewriteBase /folder/
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>

1 - Use this rule in your DOCUMENT_ROOT/.htaccess file as first rule:
RewriteEngine On
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^(map|dossier)(/|$) /folder%{REQUEST_URI} [L,NC]
2 - Use this rule in your DOCUMENT_ROOT/folder/.htaccess file as first rule:
RewriteEngine On
RewriteBase /folder/
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule !^(map|dossier|folder)(/|$) folder%{REQUEST_URI} [L,NC]

Clear URL with .htaccess

I am pretty new to webdesign and haven't been able to figure this one out..
I am using HTML5Boilerplate as a template for my new website. The .htaccess file that ships with the template rewrites "www.example.com -> example.com". This is fine with me.
Now I would like to rewrite all my /index.html -> root folder and clear the slash at the end.
E.g.: when someone types or a link directs to "www.mysite.com/subfolder/index.html" (or .htm) this would get rewritten as "mysite.com/subfolder".
The code is at the moment:
# ----------------------------------------------------------------------
# Start rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and
# features. FollowSymLinks must be enabled for this to work.
# Some cloud hosting services require RewriteBase to be set: goo.gl/HOcPN
# If using the h5bp in a subdirectory, use `RewriteBase /foo` instead where
# 'foo' is your directory.
# If your web host doesn't allow the FollowSymlinks option, you may need to
# comment it out and use `Options +SymLinksIfOwnerMatch`, but be aware of the
# performance impact: http://goo.gl/Mluzd
<IfModule mod_rewrite.c>
Options +FollowSymlinks
# Options +SymLinksIfOwnerMatch
RewriteEngine On
# RewriteBase /
</IfModule>
# ----------------------------------------------------------------------
# Suppress or force the "www." at the beginning of URLs
# ----------------------------------------------------------------------
# The same content should never be available under two different URLs -
# especially not with and without "www." at the beginning, since this can cause
# SEO problems (duplicate content). That's why you should choose one of the
# alternatives and redirect the other one.
# By default option 1 (no "www.") is activated.
# no-www.org/faq.php?q=class_b
# If you'd prefer to use option 2, just comment out all option 1 lines
# and uncomment option 2.
# IMPORTANT: NEVER USE BOTH RULES AT THE SAME TIME!
# ----------------------------------------------------------------------
# Option 1:
# Rewrite "www.example.com -> example.com".
<IfModule mod_rewrite.c>
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
</IfModule>
# ----------------------------------------------------------------------
# Option 2:
# Rewrite "example.com -> www.example.com".
# Be aware that the following rule might not be a good idea if you use "real"
# subdomains for certain parts of your website.
# <IfModule mod_rewrite.c>
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteRule ^ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# </IfModule>

If you're serious about working with HTAccess, there is a very solid reference that will solve all the little thngs that might come up. It's not free - but will pay for itself.
http://htaccessbook.com

I think you can try this code:
RewriteEngine on
RewriteCond %{THE_REQUEST} ^.*\/index\.html?\ HTTP/
RewriteRule ^(.*)index\.html?$ "/$1" [R=301,L]
To remove the end slash add this code:
# remove trailing slash
RewriteRule ^(.*)\/(\?.*)?$ $1$2 [R=301,L]

how to ban crawler 360Spider with robots.txt or .htaccess?

I've got a problems because of 360Spider: this bot makes too many requests per second to my VPS and slows it down (the CPU-usage becomes 10-70%, but usually i have 1-2%). I looked into httpd logs and saw there such lines:
182.118.25.209 - - [06/Sep/2012:19:39:08 +0300] "GET /slovar/znachenie-slova/42957-polovity.html HTTP/1.1" 200 96809 "http://www.hrinchenko.com/slovar/znachenie-slova/42957-polovity.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.8.0.11) Gecko/20070312 Firefox/1.5.0.11; 360Spider
182.118.25.208 - - [06/Sep/2012:19:39:08 +0300] "GET /slovar/znachenie-slova/52614-rospryskaty.html HTTP/1.1" 200 100239 "http://www.hrinchenko.com/slovar/znachenie-slova/52614-rospryskaty.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.8.0.11) Gecko/20070312 Firefox/1.5.0.11; 360Spider
etc.
How can I block this spider completely via robots.txt? Now my robots.txt looks like this:
User-agent: *
Disallow: /cgi-bin/
Disallow: /tmp/
User-agent: YoudaoBot
Disallow: /
User-agent: sogou spider
Disallow: /
I've added lines:
User-agent: 360Spider
Disallow: /
but that does not seem to work. How to block this angry bot?
If you offer to block it via .htaccess, so mind that it looks now like this:
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /
SetEnvIfNoCase Referer ^360Spider$ block_them
Deny from env=block_them
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]
And, in spite of presence of
SetEnvIfNoCase Referer ^360Spider$ block_them
Deny from env=block_them
this bot still tries to kill my VPS and is logged in access logs.

In your .htaccess file simply add the following :
RewriteCond %{REMOTE_ADDR} ^(182\.118\.2)
RewriteRule ^.*$ http://182.118.25.209/take_a_hike_moron [R=301,L]
This will catch ALL the bots being launched from the 182.118.2xx.xxx range and send them back to themself...
The crappy 360 bot is being fired from servers in China... so as long as you don't mind saying bye bye to crappy Chinese traffic from that IP range, this will guaranteed make those puppies disappear from reaching any files on your web site.
The following two lines in your .htaccess file will also pick it off simply by it being stupid enough to proudly put 360spider in its user agent string. This could be handy for when they use other IP ranges then the 182.118.2xx.xxx
RewriteCond %{HTTP_USER_AGENT} .*(360Spider) [NC]
RewriteRule ^.*$ http://182.118.25.209/take_a_hike_moron [R=301,L]
And yes... I hate them too !

Your robots.txt seems right. Some bots just ignore it (malicious bots crawl from any IP address from any botnet of hundreds to millions of infected devices from all around the globe), in this case you can limit the number of requests per second using mod_security module for apache 2.X
Config example here: http://blog.cherouvim.com/simple-dos-protection-with-mod_security/
[EDIT] On linux, iptables also allows restricting tcp:port connections per (x) second(s) per ip, providing conntrack capabilities are enabled on your kernel. See: https://serverfault.com/questions/378357/iptables-dos-limit-for-all-ports

You can put following rules into your .htaccess file
RewriteEngine On
RewriteBase /
SetEnvIfNoCase Referer 360Spider$ block_them
Deny from env=block_them
Note: Apache module mod_setenvif should be enabled in your server configuration

The person running the crawler might be ignoring robots.txt. You could block them via IP
order deny, allow
deny from 216.86.192.196
in .htaccess

SetEnvIfNoCase User-agent 360Spider blocked

I have lines in my .htaccess file like this to block bad bots:
RewriteEngine On
RewriteCond %{ENV:bad} 1
RewriteCond %{REQUEST_URI} !/forbidden.php
RewriteRule (.*) - [R=402,L]
SetEnvIf Remote_Addr "^38\.99\." bad=1
SetEnvIf Remote_Addr "^210\.195\.45\." bad=1
SetEnvIf Remote_Addr "^207\.189\." bad=1
SetEnvIf Remote_Addr "^69\.84\.207\." bad=1
# ...
SetEnvIf Remote_Addr "^221\.204\." bad=1
SetEnvIf User-agent "360Spider" bad=1
It will send the status code 402 Payment Required to all blacklisted IPs / user-agents.
You can put anything that you want displayed to the bot in forbidden.php.
It's quite effective.

I just had to block 360Spider. Solved with StreamCatcher on IIS (IIS7), which fortunately was already installed so only a small configuration change was needed. Details at http://needs-be.blogspot.com/2013/02/how-to-block-spider360.html

I use the following, and it helps alot! Check the HTTP_USER_AGENT for bad bots
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\.txt$
RewriteCond %{REQUEST_URI} !^/error\.html$
RewriteCond %{HTTP_USER_AGENT} EasouSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} YisouSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Sogou\ web\ spider [NC]
RewriteCond %{HTTP_USER_AGENT} 360Spider [NC,OR]
RewriteRule ^.*$ - [F,L]
</IfModule>
<Location />
<IfModule mod_setenvif.c>
SetEnvIfNoCase User-Agent "EasouSpider" bad_bot
SetEnvIfNoCase User-Agent "YisouSpider" bad_bot
SetEnvIfNoCase User-Agent "LinksCrawler" bad_bot
Order Allow,Deny
Allow from All
Deny from env=bad_bot
</IfModule>
</Location>