On my server there is enabled mod_security and I want to disable it with .htaccess for 3 specific IP address. Is that possible?
I tried something like this:
<IfModule mod_security2.c>
SecRule REMOTE_ADDR "^1.2.3.4$" "phase:1,t:none,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off,id:9999"
</IfModule>
but seams like it doesn't work.
Rule looks good to me.
ModSecurity 2.7 requires the following flag to be added at compile time to allow .htaccess to alter settings so I presume you've included that (it's not set by default)?:
--enable-htaccess-config
To test if this is the problem you could move your rule to the main Apache config and see if it works there.
I would also suggest adding logging, to see if the rule is fired and/or adding debug logging to see if it reaches there or gives a clue as to why not.
Related
This simple RewriteRule that I am using for practicing with .htaccess files works almost always:
RewriteEngine on
RewriteRule ^.*$ test.html
When I have the file flowers.html and I use http://localhost/flowers I get redirected to test.html, however when I rename flowers.html to flowers.php I get a 404 page with the message The requested URL /flowers was not found on this server. Does anyone know what causes this?
EDIT:
When I create an empty file called flowers it does redirect properly to test.html. What is going on here?
This does sound like a conflict with MultiViews, so try adding the following at the top of your .htaccess file to disable MultiViews:
Options -MultiViews
MultiViews is not enabled by default, so maybe this has been enabled in your server config?
When MultiViews (part of mod_negotiation) is enabled, a request for /flowers (no extension) will result in Apache searching for an appropriate file to return (based on mime-type) by trying various file extensions of files found in that directory. This is achieved with an internal subrequest before mod_rewrite runs.
However, it's not clear why this would be a problem in your case if you have no other directives? Since your directive simply rewrites everything to test.html (which should include any subrequests). (I was unable to reproduce this behaviour on my Apache 2.4 test server - hence my initial doubt.)
Consider the following Apache conf directives inside .htaccess:
ErrorDocument 403 /dbug.html
<IfModule !mod_php5.c>
Require all denied
</IfModule>
It denies access even though mod_php5 is active, but ignores the ErrorDocument
If i remove the ! it triggers the ErrorDocument 403 - which it should, but this is backwards, and wrong ..
Any answer/advice would be appreciated, thanks.
In some shared-hosting environments, live-module-version-switching (hot-switch) is available; as a result, the main module-name (module-handler) may be different than the target-module-name, but the target-module will show up as being present only when it is called by the module-handler.
The solution is to track down the name of the module-handler-name and reference that instead .. contact the hosting provider. In this case, the module-handler-name is: mod_php_null (Hetzner); so <ifModule !mod_php_null.c> will work as expected -BUT- to set directives for the target-module, use the target module-name; so then <ifModule !mod_php7.c> will work as expected.
If there is no "module-handler" for such a module, then referring the target module directly in both conditions should work as it gets loaded upon server daemon startup.
The question was also posted on Server Fault, to avoid duplication -the .htaccess code is posted there.
I have difficulties making my .htacces work on my Ubuntu 14.04 LTS. I know it is a hidden file and all; I've searched everywhere and people seem to have the same problem. I've made a virtual host on my machine and all. Can someone please help me ?
ErrorDocument 404 /pages/error.php?code=404
ErrorDocument 403 /pages/error.php?code=403
You need to make sure the following things are true:
You need to check what DocumentRoot is set to. When an url beginning with a slash is detected, it will try to load that file relative to the document root. (docs) The file <documentroot>/pages/error.php must thus exist.
You need to make sure that .htaccess files are allowed by the main Apache configuration. The easiest way to test this is by entering garbage into your .htaccess file, saving it and reloading a page. You'll get an internal server error if Apache reads the .htaccess file. Otherwise the page loads as expected. To enable .htaccess files, the AllowOverride directive must allow something (see next bullet point). Additionally, check in httpd.conf if AccessFileName is set to something different than .htaccess. Change it as necessary, then RESTART APACHE. (docs)
For ErrorDocument, AllowOverride must be at least set to FileInfo. See the docs. Go to your main config file (httpd.conf), probably apache/Apachex.y.z/conf/httpd.conf. Search for the <Directory ...> block that corresponds to your http root, and look around if it contains an AllowOverride directive. Add FileInfo as one of the arguments, save the file and RESTART APACHE.
I have my .htaccess setup as
order deny, allow
deny from all
allow from 123.my.ip
my IP is what ipchicken is giving me yet I am getting internal server error from any address. I have also tried multiple IP locations.
Following Apache copied from there site with this format just gives me forbidden even from my address...
Order Deny,Allow
Deny from all
Allow from my.ip.address
I have followed this question with no success...
.htaccess block all but my ip
I have also tried below from the following link with the same results...
http://kb.siteground.com/how_to_redirect_all_visitors_except_your_ip_to_another_site/
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} !^1.2.3.4
RewriteRule .* http://www.anothersite.com [R=302,L]
Just in case its relevant, i'm running magento on a AWS server. Running out of ideas to try...
If you tried:
order deny,allow
deny from all
allow from {111.111.111.111} <-- example ip
its very straight forward that it should be working
what you need to do is enable rewrite.log in your apaches virtualhost config
to determine whats going on in there with mod rewrites/
make sure that you have given your apache virtuahost auth to read from .htaacess file
** Override to All
you shouldn't use mod_rewrite rules to disallow any ip but your, keep that for specific page rewriting, the above code should be fine.
Make sure! that you're IP address is your Internet ip address and not an internal ip address. Go on google and type in "what is my ip" it should give you the correct one
if none works, there's definitely something funky going on with your .htaccess file. Try to paste your entire .htaccess file to somewhere where we can all view it. There may be errors on your .htaccess file. Make sure magentos admin isn't over-writing your .htaccess file.
with .htaccess its a big factor where you place the rules. sometimes having too many things on there can confuse the web server if its not in order.
(Pardon me, I've injured my right hand so I'll have trouble typing)
I've recently set up a new Linux server running off the 'LAMP Stack'. I used PuTTY, Git and friends. Usually, I work in a pre-set up environment - I'm just an app developer. This would technically count as my first 'solo venture'. I've never been given root access to a server before, I was just there to work.
So, to get started, I decided to port some of my work from a previous project and build off of that. It relies heavily on Rewrite Rules. Ignorantly, I assumed my .htaccess file would magically work. It doesn't - For whatever reason, Apache wants you to enable the use of rewrite rules (It's not like you'd accidentally set up an .htaccess file, dear me).
So, I've read various tutorials, followed guides, asked elsewhere - I'm not really getting anywhere. To finally get to the point, here's what I've done:
1. I enable the use of .htaccess files at /etc/apache2/sites-available/default-ssl.conf:
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
2. I create an .htaccess file at var/www/html/site:
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
RewriteRule ^(.*)$ %{DOCUMENT_ROOT}/site/index.php [L]
3. Now, you should be able to reach a URL located at http://www.example.com/site/index.php/Bool via http://www.example.com/Bool (Bool is something like a query string - A page identifier). You can't in this case - You're told that there's no file titled 'Bool' on the server.
The rewrite rules given in section 2 have worked before, but don't work here.
Some guides also tell you to do wacky stuff like set up some password system at /etc/htaccess/.htpasswd and have another .htaccess file to call on that or something. Despite my other rewrite rules not working in this new server environment, the 'password' system did actually work (I was asked to provide a password before accessing a page) - However, I don't need or want any restricted access pages like that.
Practically everything I've tried has not worked - And that's ranged from changing the path in the <Directory> tag within default-ssl.conf to putting .htaccess files here and there, with and without password systems, different 'code' in the .htaccess/configuration files, and more. Practically every 'guide' provides you with a different solution, including and excluding details and steps others do/don't.
I've even attempted changing AllowOverride to All in /etc/apache2/apache2.conf to no success - Just an Internal Server Error.
The grand question: How do you enable the use of .htaccess files anywhere you need them? Somebody has to be using a correct configuration somewhere, so you happen to have that working on your server, I'd like to see what you did.
I'm very excited to be in charge of my own server, it's been a wonderful learning experience and surprisingly, the learning curve hasn't been too difficult. I hope I can get this app running on it properly.
If Unfortunately Your HtAccess File are not being read by your server even in any case then you can use this command in order to enable the htaccess accessibity onto your server.
TO ENABLE HTACCESS FILE ON RACKSPACE SERVER(Debian Os)
sudo a2enmod rewrite
and restart the apache server now it will be accessible.
Thanks
Raghwendra Pathak