Develop Reference

Blocked by CORS but Allow origin is *

I have added the Acces Control Allow Origin header to my htaccess file, and it is being used if i check it with cURL:
curl -I https://mywebsite.nl/assets/fonts/TheanoDidot-Regular.woff2
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 17 Apr 2019 11:32:12 GMT
Content-Length: 54360
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 17 Apr 2019 09:31:50 GMT
ETag: "d458-586b68e298fde"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Wed, 17 Apr 2019 11:32:12 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS,DELETE,PUT
But when I load this font file from another domain it still gets blocked:
Access to font at 'https://mywebsite.nl/assets/fonts/TheanoDidot-Regular.woff2' from origin 'https://myotherwebsite.nl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Do i miss something important?
My full htaccess:
# Turn on Expires and set default to 0
ExpiresActive On
ExpiresDefault A0
# Set up caching on media files for 1 year (forever?)
<filesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
ExpiresDefault A29030400
Header append Cache-Control "public"
</filesMatch>
# Set up caching on media files for 1 week
<filesMatch "\.(gif|jpg|jpeg|png|swf)$">
ExpiresDefault A604800
Header append Cache-Control "public"
</filesMatch>
# Set up 2 Hour caching on commonly updated files A7200
<filesMatch "\.(xml|txt|html|js|css)$">
ExpiresDefault A604800
Header append Cache-Control "proxy-revalidate"
</filesMatch>
# Force no caching for dynamic files
<filesMatch "\.(php|cgi|pl|htm)$">
ExpiresActive Off
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
</filesMatch>
<FilesMatch "\.(ttf|otf|eot|woff|woff2)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET,POST,OPTIONS,DELETE,PUT"
</IfModule>
</FilesMatch>
#HSTS
Header set Strict-Transport-Security "max-age=31536000" env=HTTPS
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteCond %{HTTP_HOST} ^www.mywebsite.nl$ [NC]
RewriteRule ^(.*)$ https://mywebsite.nl/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
RewriteBase /
#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} "/assets/"
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php/$1 [L]
RewriteBase /
RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]
RewriteRule (.*?)index\.php/*(.*) /$1$2 [R=301,NE,L]
#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin
ErrorDocument 404 /index.php

Okay I already found the problem. My server is using a combination of apache and nginx. I had to add the following setting to my nginx.conf file
location ~* \.(eot|ttf|woff|woff2)$ {
add_header Access-Control-Allow-Origin *;
}
For me this was possible with DirectAdmin at custom-httpd settings

Htaccess - If/esle statement syntax for the main page

I was wondering the correct syntax to check the main page (e.g. abc.com or localhost), for writing a if/else statement for the .htaccess file. Thanks.
<If "abc.com" OR "localhost">
<FilesMatch "\.(css|js|txt)$">
<IfModule mod_expires.c>
ExpiresActive Off
</IfModule>
<IfModule mod_headers.c>
FileETag None
Header unset ETag
Header unset Pragma
Header unset Cache-Control
Header unset Last-Modified
Header set Pragma "no-cache"
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Expires "Mon, 10 Apr 1972 00:00:00 GMT"
</IfModule>
</FilesMatch>
</If>
<Else>
<FilesMatch ".(css|jpg|jpeg|png|gif|js|ico)$">
Header set Cache-Control "max-age=2592000, public"
</FilesMatch>
</Else>

Do you mean something like this
<ifModule mod_rewrite.c>
RewriteEngine on
<If "%{HTTP_HOST} == 'abc.com'">
RewriteRule ^/?$ /index.php?pages=abc&file=index [NC,L,QSA]
</If>
<If "%{HTTP_HOST} == 'localhost'">
RewriteRule ^/?$ /index.php?pages=localhost&file=index [NC,L,QSA]
</If>
</ifModule>
Here is another example
RewriteEngine On
# Conditional Settings
<If "(%{HTTP_HOST} -strmatch '192.168.254.*')">
# Localhost/XAMPP
#RewriteBase /XAMPP-Sites/projectX/public_html/
# No need for a default domain
</If>
<Else>
# Live
#RewriteBase /
# Ensure this is the default domain
#RewriteCond %{HTTP_HOST} .
#RewriteCond %{HTTP_HOST} !^www\.projectX\.com [NC]
#RewriteRule (.*) http://www.projectX.com/$1 [R=301,L]
</Else>
https://forums.modx.com/thread/92638/one-htaccess-to-rule-them-all

Delete the name of the folder that came up in the url domain using htaccess

I'm having trouble with the domain url. When I call my website's url address in the browser, the folder name of the website comes up. I have another website too and that's fine, my other website url address does not show the folder name. I mean like this:
this is an example of my other website and that's fine with not displaying the folder name
And this url of my website that come show the folder name
the difference is quite noticeable instead. I want to make my website url address pure url name that I want without calling the folder name. it is the start page and I want to delete the folder name.
I have tried various scripts but it happens just blank and sometimes error.
this is the last script I tried and it still does not work and url still show the folder name. I have never been like this before.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} \ /+(.*)\?redirect=1&?([^\ ]*)
RewriteRule ^ /%1?%2 [L,R]
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 month"
ExpiresDefault "access 1 month"
</IfModule>
# END WordPress
<ifModule mod_headers.c>
<filesMatch "\\.(ico|pdf|flv|jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=2592000, public"
</filesMatch>
<filesMatch "\\.(css)$">
Header set Cache-Control "max-age=2592000, public"
</filesMatch>
<filesMatch "\\.(js)$">
Header set Cache-Control "max-age=216000, private"
</filesMatch>
<filesMatch "\\.(xml|txt)$">
Header set Cache-Control "max-age=216000, public, must-revalidate"
</filesMatch>
<filesMatch "\\.(html|htm|php)$">
Header set Cache-Control "max-age=1, private, must-revalidate"
</filesMatch>
</ifModule>
<IfModule mod_headers.c>
<FilesMatch ".(js|css|xml|gz|html)$">
Header append Vary: Accept-Encoding
</FilesMatch>
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from 192.168.1.22
<IfModule mime_module>
AddType application/x-httpd-ea-php56 .php .php5 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
it's the htaccess script inside the public_html folder. And this script is in the folder id or folder of my website whose url is problematic :
## No directory listings
<IfModule autoindex>
IndexIgnore *
</IfModule>
## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes
## Mod_rewrite in use.
RewriteEngine On
## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site then comment out the operations listed
# below by adding a # to the beginning of the line.
# This attempts to block the most common type of exploit `attempts` on Joomla!
#
# Block any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root home page
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.
# RewriteBase
RewriteCond %{THE_REQUEST} \ /+(.*)\?redirect=1&?([^\ ]*)
RewriteRule ^ /%1?%2 [L,R]
## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.
It's not working at all and I'm also confused whether I put the url manipulation script correctly. Anyone can help me ??

URL Canonicalization through .htaccess

I'm trying to redirect http://www.example.me to http://example.me, but for some reason it's not working. Can somebody help me with this by telling what is wrong on my .htaccess file?
<IfModule mod_rewrite.c>
RewriteEngine On
SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
Deny from env=block_bad_bots
RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)=http [NC]
RewriteRule ^(.*)$ – [F,L]
RewriteCond %{HTTP_HOST} ^www\.example\.me$
RewriteRule ^/?$ "http\:\/\/example\.me\/“ [R=301,L]
# Turn on Expires and set default to 0
ExpiresActive On
ExpiresDefault A0
# Set up caching on media files for 1 month
<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
ExpiresDefault A2419200
Header append Cache-Control "public"
</FilesMatch>
# Set up 2 Hour caching on commonly updated files
<FilesMatch "\.(xml|txt|html|js|css)$">
ExpiresDefault A7200
Header append Cache-Control "proxy-revalidate"
</FilesMatch>
# Force no caching for dynamic files
<FilesMatch "\.(php|cgi|pl|htm)$">
ExpiresActive On
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
</FilesMatch>
</IfModule>

Try this and also do not use quotes in your rule
RewriteCond %{HTTP_HOST} ^www\.example\.me$
RewriteRule ^ http:\\example.me [R=301,L]

It was a problem with the quotes. Below is the correct .htaccess
The error was on this line with the last quote
RewriteRule ^/?$ "http\:\/\/example\.me\/" [R=301,L]
Below you can check the full correct .htaccess file
<IfModule mod_rewrite.c>
RewriteEngine On
SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
Deny from env=block_bad_bots
RewriteCond %{HTTP_USER_AGENT} libwww [NC,OR]
RewriteCond %{QUERY_STRING} ^(.*)=http [NC]
RewriteRule ^(.*)$ – [F,L]
RewriteCond %{HTTP_HOST} ^www\.example\.me$
RewriteRule ^/?$ "http\:\/\/example\.me\/" [R=301,L]
# Turn on Expires and set default to 0
ExpiresActive On
ExpiresDefault A0
# Set up caching on media files for 1 month
<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">
ExpiresDefault A2419200
Header append Cache-Control "public"
</FilesMatch>
# Set up 2 Hour caching on commonly updated files
<FilesMatch "\.(xml|txt|html|js|css)$">
ExpiresDefault A7200
Header append Cache-Control "proxy-revalidate"
</FilesMatch>
# Force no caching for dynamic files
<FilesMatch "\.(php|cgi|pl|htm)$">
ExpiresActive On
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
</FilesMatch>
</IfModule>

rewrite condition in .htaccess

I am trying to make partners readable on the website i.e. http://domain.com/partners. but the pinnaclecart doesn't allow it to be readable or accessable on the browser. i created the directory partners so i could write the whole different files from the pinnaclecart.
inside .htaccess: you can see "partners" at the end.
EDIT II
RewriteEngine ON
RewriteRule ^homepage.html$ index.php
RewriteRule ^home.html$ index.php
<IfModule mod_headers.c>
Header unset ETag
FileETag None
<FilesMatch "(?i)^.*\.(ico|flv|jpg|jpeg|png|gif|js|css)$">
Header unset Last-Modified
Header set Expires "Fri, 21 Dec 2020 00:00:00 GMT"
Header set Cache-Control "public, no-transform"
</FilesMatch>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} ^$
RewriteRule ^((.)?)$ index.php?p=home [L]
RewriteCond $1 /var/www
RewriteRule ^(.+)$ / [L]
RewriteCond $1 !^(\#(.)*|\?(.)*|admin\.php(.)*|ses\/(.)*|ecc\/(.)*|index\.php(.)*|login\.php(.)*|\.htaccess(.)*|images\/(.)*|\.htaccess\.back(.)*|3cc4da-pinnacle_zend_3\.7\.7_sdk\.zip(.)*|dump\.sql(.)*|content\/(.)*|download\.php(.)*|readme\.txt(.)*|in_case_of_install\/(.)*|robots\.txt(.)*|images\.zip(.)*|partners\/(.)*)
RewriteRule ^(.+)$ index.php?url=$1&%{QUERY_STRING} [L]
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "\.(js|css|ico|flv|jpg|jpeg|png|gif)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
Why is it not accessable on the browser?
EDIT
is there no answer to this for solutions?

As people mentioned you may wish to post more of your .htaccess file to help debugging, but I couldn't help but notice that the last part of your regex reads:
partners\/(.)
This seems odd as it will only match single letter items in that directory. So I am not 100% sure its your problem but I suspect you intended that to read:
partners\/(.)*