I've been trying to limit access to a specific subdomain via the server port, e.g. it can only be accessed from subdomain.domain.com:8443 and no other ports.
I'm currently using hostgator for my webhost, and it's already been setup such that subdomain.domain.com points to the correct subdirectory.
Now in the htaccess file, I'm currently trying this:
Options +FollowSymLinks
RewriteEngine on
RewriteBase /subdomain
RewriteCond %{SERVER_PORT} !^8443$
RewriteRule ^ - [F]
RewriteCond %{SERVER_PORT} ^8443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/subdomain/$1 [R=301,L]
As far as the blocking of other ports goes, it seems to work since accessing either subdomain.domain.com or www.domain.com/subdomain, I get a 403 forbidden page. But I can't get it to load the normal content correctly when I do access it via subdomain.domain.com:8443 or www.domain.com:8443/subdomain. Am I doing the rewrite conditions and rules correctly?
Thanks!
The R=301 tells the server to do a redirect, not a (silent) rewrite. So, when you load via 8443, the user is redirected to http://%{HTTP_HOST}/subdomain/$1 without the port 8443 specification and they are then blocked by the first rule. If you do a curl -I on subdomain.domain.com:8443 you should see the 301 redirect code rather than 200.
Remove the R=301 and remove the full domain specification in the final RewriteRule to leave:
RewriteRule ^(.*)$ subdomain/$1 [L]
This should do a silent rewrite of the content.
Related
I have a Detroit iOS & Android Mobile App Development website that only has one web page : index.html.
The source code of the site is here.
Instead of showing a 404 error page, I want to redirect the user to thefirstprototype.com if they try to go anywhere else or try to put anything after.
For eg:
mail.thefirstprototype.com takes the user to just thefirstprototype.com
thefirstprototype.com/mail takes the user to just thefirstprototype.com
I know it's possible to do it using a .htaccess in the root folder, but I am just not sure how. There are a lot of tutorials showing how to do it between different domains, but nothing to my specific case. How do I do it?
Thanks
Edit1: Please note that I am not using any CMS like Wordpress. I am just plain FTP to push a static HTML, CSS, JS webpage to the hosting server
Try the following:
DirectoryIndex index.html
RewriteEngine On
# Redirect non-canonical hostnames (eg. mail)
RewriteCond %{HTTP_HOST} !^example\.com$
RewriteRule ^ http://example.com/ [R=302,L]
# Redirect 404 to root
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . / [R=302,L]
However, whether this catches requests for the mail. subdomain will depend on whether that subdomain points to the same place as your main domain. (For cPanel shared hosting, that is not necessarily the case.)
Change the 302 (temporary) redirect to 301 only once you have tested that this works OK - to avoid potential caching issues associated with 301 (permanent) redirects.
As an added bonus, you could redirect any direct requests for index.html back to the root. For example, add the following between the above two rule blocks:
# Remove "index.html" if requested directly
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index\.html$ / [R=302,L]
The condition that checks against the REDIRECT_STATUS environment variable is to ensure we don't get a redirect-loop since mod_dir internally rewrites the request to index.html.
Our website is allowing any prefix/subdomain before the domain.
So if our site is www.domain.com, then the server is allowing;
www.anything.domain.com, where 'anything' can be literally anything, and it displays whatever is on the page that actually exists.
So, www.anything.domain.com/something.php displays the content that should only be accessible via www.domain.com/something.php.
Is there any way using .htaccess to stop this from happening, or redirect it to the version that does actually exist?
Or does this need to be done on the server?
Does anyone know why this is being allowed?
Ideally, this should be configured in server configuration files (also, you can configure DNS to simply not resolve unwanted hostnames, but that is for another question probably).
If you don't have access to server configuration, you can do it in .htaccess:
# to block access if any domain except example.com or www.example.com was used
RewriteEngine On
RewriteCond %{HTTP_HOST} !=www.example.com
RewriteCond %{HTTP_HOST} !=example.com
RewriteRule ^ - [F]
or
# if any domain except example.com or www.example.com was used,
# redirect the request to www.example
RewriteEngine On
RewriteCond %{HTTP_HOST} !=www.example.com
RewriteCond %{HTTP_HOST} !=example.com
RewriteRule ^ http://www.example.com%{REQUEST_URI} [R=301]
I am running Apache/2.2.15 on Centos 6.6 and am using a free certificate from StartCom. My home page file is /var/www/index.php so I create a file /var/www/.htaccess with the following content, as suggested here.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
However, entering
myWebSite.com
in the URL box brings up my site in http protocol. If I enter
https://myWebSite.com
instead, I get my site in https protocol. My goal is to get my site in https protocol by simply entering
myWebSite.com
and I cannot see why the .htaccess file is not effecting that.
It doesn't appear that your .htaccess file is being read. So make sure you have AllowOverride All in your config.
Also for your rules, I wouldn't use SERVER_NAME, that isn't always set and sometimes is not correct. I would either use HTTP_HOST variable or your actual domain name. You also should specificy 301 for your redirect because without it 302 is default. You want this to be a permanent redirect.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !^on [OR]
# This checks to make sure the connection is not already HTTPS
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^/?(.*)$ https://example.com/$1 [R=301,L]
I also made it where it would remove the www since you don't show your are using it.
I've got the following 301 redirect in my .htaccess
RewriteCond %{QUERY_STRING} ^$
RewriteRule ^old-site\.com,$ http://www.new-site.com/? [R=301,NE,NC,L]
If i visit
old-site.com
I am redirected correctly.
However, if I visit www.old-site.com, then it doesn't work.
Is there a way of effectively ignoring the www
Edit
There are several entries like this...
for example:
www.old-site.com/page-a-242.html to www.new-site.com/page-a
RewriteRule ignores the domain, so your first rule could be just
RewriteRule ^$ http://www.new-site.com/? [R,L]
For the other specific mappings you might use RewriteMap. See txt: Plain text maps for details on how to use it.
The drawback with RewriteMap is, that it can only be used in the main server config or in a virtual host environment.
I need to do a url rewrite maintaining following condition:
rewrite http://domain.net (or http://www.domain.net) to http:// ip:port/folder
redirect any other request like http://domain.net/logout?query=1 to http:// ip:port/folder/logout?query=1 (preserve query string and all)
mask the rewrite so that novice users cannot detect the ip (the address where they are redirected to) from the browser url bar
as for masking, a visible redirection like http:// domain.net:port/folder is also acceptable.
What I tried so far: The following results in 500 error.
RewriteCond %{HTTP_HOST} ^(*.)?domain\.net$
RewriteRule ^(/)?$ http:// ip:port/folder/$1 [L,R,QSA]
The following works without the masking:
RewriteCond %{HTTP_HOST} !^www\.domain\.net [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http:// ip:port/folder/$1 [L,R,QSA]
You can do this only if ip:port and domain.net refers to the same server. Otherwise you have to use some script that pulls the remote content from ip:port for a request to domain.net, if you want to hide ip:port.
Otherwise you can proxy the request to another server using the [P] flag.
See: http://httpd.apache.org/docs/current/rewrite/flags.html#flag_p