I am trying to connect to a VPN connection using an automatic redirection via a .htaccess redirection, so the vpn setup is a bit more user-friendly using an url instead of an ip address.
The thing is that, when using the ip directly, all works smoothly. However, using .htaccess which redirects to my public IP address throws an Error 868.
My .htaccess is very basic - all I do is forward the input to the public IP without any filter:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ my.public.ip.address$1
The reason I am trying this is that I have successfully setup VPN via sub-domain redirecting to the public IP, so I'm wondering why the .htaccess redirection wouldn't work...
Your my.public.ip.address is not prefixed with either http:// or https:// also you could do with a few flags: [R,L] where: R = redirect (browser rather than an invisible server side internal job) and L = last flag to trigger immediate execution, also you don't need your regular expression, anyway try:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule .* https://11.22.33.44%{REQUEST_URI} [R,L]
Related
I have PHP script which collects the current DHCP address of a certain domain which is written to a file.
I need to read the IP address from that file (or collect it directly from within the .htaccess file) into a section of my .htaccess to allow only that certain IP address to be able to login to my account.
I used to use:
RewriteCond %{REMOTE_HOST} ^example\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php$
RewriteRule ^(.*)$ blackhole.html [L,R]
I am now hosted on a LiteSpeed server which does not do reverse DNS lookups so I am unable to use any hostname lookups.
An easy solution required please.
RewriteCond %{REMOTE_HOST} ^example\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/wp-login\.php$
RewriteRule ^(.*)$ blackhole.html [L,R]
Aside: This code would effectively block that specific user, not "allow" them. You would have needed to negate the first condition. ie. !^example\.com$
However, whether the server is configured to perform hostname lookups isn't necessarily a problem of LiteSpeed itself. It's probably just how the server is configured. Many shared hosts disable this feature for performance reasons.
Unfortunately though, your problem is still LiteSpeed with regards to reading a value from an external file in .htaccess.
You can do something like the following using an Apache expression on Apache 2.4+ to read an IP address from an external file and compare it to the REMOTE_ADDR server variable:
RewriteCond expr "file('%{DOCUMENT_ROOT}/ip-address.txt') != %{REMOTE_ADDR}"
RewriteRule ^wp-login\.php$ /blackhole.html [R,L]
Where ip-address.txt is a file in the document root that contains only an IP address (and no newlines).
HOWEVER, on LiteSpeed this simply does not work unfortunately. It just fails silently (the LiteSpeed way).
Aside:
Although, instead of redirecting to blackhole.html it would be preferable to just serve a 404 or 403 Forbidden. For example:
RewriteRule ^wp-login\.php$ - [R=404]
Got a vServer and plesk installed on it (Apache backend, Nginx reverse proxy), plesk is listening on port 8443.
I use the hostname as a domain for easier accesss and SSL certificate domain. So I would like to redirect ALL traffic to specific one:
What I got so far is this rule
return 301 https://www.DOMAIN.com:8443/;
which leads everything to the Plesk Panel URL but if someone is using this
https://DOMAIN.com:8443
he won't be redirected to
https://www.DOMAIN.com:8443
and the SSL certificate won't work (domain based). How can I force every traffic (http and https with the ports 80 and 8443) to
https://www.DOMAIN.com:8443
Thanks in advance
You could HTACCESS to do it:
The Code
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}:8443 [R=301,L]
What this does is check if the user is trying to access the site without using www and if so redirect to www on the specific port that you wanted.
If you already have your port 80 traffic redirecting to port 8443 and you just want to redirect the rule for www, what I have listed above will work. You can also have mod rewrite redirect based on the port used.
It would look like this:
The Code
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{SERVER_PORT} ^80$
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}:8443 [R=301,L]
You would just need to make sure that each virtual host you are using has the mod rewrite rule in place. You might have to create a virtual host for the extra ports you want to use. The only thing these virtual hosts would have is the redirect rule. Otherwise you might get 404 errors.
I've been trying to limit access to a specific subdomain via the server port, e.g. it can only be accessed from subdomain.domain.com:8443 and no other ports.
I'm currently using hostgator for my webhost, and it's already been setup such that subdomain.domain.com points to the correct subdirectory.
Now in the htaccess file, I'm currently trying this:
Options +FollowSymLinks
RewriteEngine on
RewriteBase /subdomain
RewriteCond %{SERVER_PORT} !^8443$
RewriteRule ^ - [F]
RewriteCond %{SERVER_PORT} ^8443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/subdomain/$1 [R=301,L]
As far as the blocking of other ports goes, it seems to work since accessing either subdomain.domain.com or www.domain.com/subdomain, I get a 403 forbidden page. But I can't get it to load the normal content correctly when I do access it via subdomain.domain.com:8443 or www.domain.com:8443/subdomain. Am I doing the rewrite conditions and rules correctly?
Thanks!
The R=301 tells the server to do a redirect, not a (silent) rewrite. So, when you load via 8443, the user is redirected to http://%{HTTP_HOST}/subdomain/$1 without the port 8443 specification and they are then blocked by the first rule. If you do a curl -I on subdomain.domain.com:8443 you should see the 301 redirect code rather than 200.
Remove the R=301 and remove the full domain specification in the final RewriteRule to leave:
RewriteRule ^(.*)$ subdomain/$1 [L]
This should do a silent rewrite of the content.
I have a site, mydomain.com/secure which I only want to be accessible via HTTPs. This is mapped as a virtual directory like this:
-wwwroot
--secure (Virtual directory, bound on port 443 only) - https://mydomain.com:443/secure
--externalApp (Mapped as a different site on port 80) - http://mydomain.com/
Currently requests to mydomain.com/secure are served, but I want to force them to redirect to HTTPs. Despite trying with rewrite rules I can't get this to work properly. Is it possible or just not doable?
Try this:
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(example|secure|test) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
You can add any directory you want in the example|secure|test area.
Example with comments.
So I am blocking all ip's except the ones on a list, so how can I redirect people to a new site if they're blocked?
My assumption is that you are blocking ip's using allow/deny. I do not believe that you are able to specify a redirect rule to work on the denied ip's as you have told the server to reject their connections outright.
Instead you are going to want to use the RewriteEngine to do a redirect. In case you are unfamiliar with the syntax I have provided the following example which will redirect all ip's except for "72.14.204.99" and "72.14.204.100" to "example.org":
RewriteEngine on
RewriteCond %{REMOTE_ADDR} !^72\.14\.204\.99$
RewriteCond %{REMOTE_ADDR} !^72\.14\.204\.100$
RewriteRule ^ http://www.example.org/ [R]