htaccess 403 not work custom page - .htaccess

my .htaccess file:
RewriteEngine On
# If the request sent by the browser includes login1.php...
RewriteCond %{THE_REQUEST} login1\.php
RewriteRule ^ - [F]
RewriteCond %{THE_REQUEST} index\.php
RewriteRule ^ - [F]
ErrorDocument 403 /404.php
ErrorDocument 404 /404.php
# Then you just need a generic rule to rewrite /mysite into login1.php
RewriteRule ^mysite$ login1.php [L]
RewriteRule ^$ index.php [L]
When I try to access the page: http://example.com/login1.php I get an error:
Forbidden
You don't have permission to access /login1.php on this server.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
but I want to display message on page 404.php

Your rules are looping because once you issue forbidden once for /login1.php it keeps on throwing 403 since %{THE_REQUEST} doesn't change.
Have your rules like this to fix it:
RewriteRule ^404\.php$ - [L,NC]
# If the request sent by the browser includes login1.php...
RewriteCond %{THE_REQUEST} (index|login1)\.php
RewriteRule ^ - [F]
ErrorDocument 403 /404.php
ErrorDocument 404 /404.php
# Then you just need a generic rule to rewrite /mysite into login1.php
RewriteRule ^mysite$ login1.php [L]
RewriteRule ^$ index.php [L]

Related

htaccess file make redirection to another file

I have htaccess file below
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.html -f
RewriteRule ^(.*)$ $1.html
Redirect /index.html /login.html
ErrorDocument 404 /404.html
ErrorDocument 403 /403.html
Options -Indexes
Redirect /index.html /login.html
When user enters index page it should redirect to login.html page.
But it doesn't work.
Redirect /index.html /login.html
im requesting /index
If you are requesting /index then I'm not sure why you are checking for /index.html in your rule. However, you should be using mod_rewrite to construct this redirect since you are already using mod_rewrite for your internal rewrites.
So, have it like this instead:
Options -Indexes
ErrorDocument 404 /404.html
ErrorDocument 403 /403.html
RewriteEngine On
RewriteBase /
# Redirect "/index" to "/login"
RewriteRule ^index$ /login [R=302,L]
# Append ".html" if target file exists
RewriteCond %{DOCUMENT_ROOT}/$1.html -f
RewriteRule (.*) $1.html [L]
I've also "fixed" your .html rewrite since this could result in a 500 error for certain requests and there's no need to check that the request does not map to a directory before checking that the request does map to a file.
See the following question on ServerFault that expands on this potential issue regarding .html removal. https://serverfault.com/questions/989333/using-apache-rewrite-rules-in-htaccess-to-remove-html-causing-a-500-error

.htaccess Pages open even though the URL is broken

I have a problem with my website opening pages that should show 404 error. It seems that only the first part of the URL is taken into account.
Here's an example
example.com/page.php - (opens - correct)
example.com/asdasd.php - (error 404 - correct)
example.com/asdasd.php/asdasd - (error 404 - correct)
example.com/page.php/asdasd - (opens - incorrect)
example.com/page/ - (opens - incorrect)
example.com/page/asdasd (opens - incorrect)
I would like to get an Error 404 and if I feel that the URL is important also be able to Redirect it. Now I can't even Redirect URLs that for example look like this "example.com/page.php/asdasd"
The closest answer that I found was this:
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=302,L]
RewriteCond %{THE_REQUEST} ^(?:GET|HEAD)\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^.]+?)/?$ $1.php [L]
But the problem was that I got something like this:
Input URL
example.com/page.php/asdasd
Output URL
example.com/page
I need it for the .php extention to stay. And if possible instead of "Redirecting" to the example.com/page.php, I'd like to get an Error 404
This is what I currently have in the htaccess file:
ErrorDocument 404 /404.php
ErrorDocument 401 /404.php
ErrorDocument 403 /404.php
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule ^(.*) http://www.example.com/$1 [L,R=301]
RewriteRule ^index\.php$ / [R=301,L]
Sorry if this is a duplicate but I don't even know what I should look for.
example.com/page.php/asdasd - (opens - incorrect)
This is due to a feature called Path Info - if Apache manages to match the first part of the requested URL to an existing file, then it will serve that file, and pass the rest of the path along via environment variables (so that a script could in theory make use of this information.)
The AcceptPathInfo directive makes it possible to disable this behavior.
https://httpd.apache.org/docs/2.4/mod/core.html#acceptpathinfo

URL rewrite for language query variable to fake directory conversion returns 404 error

I have surely read and tested all the solutions found on Stackoverflow but couldn't make it work ... so here I am.
I'm trying to transform
example.com/?l=en
into
example.com/en/
( /en/ isn't supposed to exist on the server )
I use the following htaccess
DirectoryIndex index.php
ErrorDocument 404 https://example.com/
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
RewriteCond %{QUERY_STRING} (^|&)l=en($|&)
RewriteRule ^$ /en/?&%{QUERY_STRING}
RewriteCond %{QUERY_STRING} (^|&)l=ja($|&)
RewriteRule ^$ /ja/?&%{QUERY_STRING}
Since the last line triggers a 404 error, the errorDocument 404 kicks in.
The rule returns a "page not found" in the browser when I comment the errorDocument line.

How to redirect from folder having permission `Deny from all`, error `You don't have permission to access / on this server`

I have .htaccess in /domainName folder with rule Deny from all and some other rules.
After this if i type :
http://www.domainName.com - i am redirected correctly
http://www.domainName.com/uri - i am redirected correctly
domainName.com - i am getting the error You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Structure:
/domainName/
/domainName/.htaccess
/domainName/public
/domainName/public/.htaccess
/domainName/.htaccess
RewriteEngine On
RewriteBase /
Options -MultiViews
Redirect https://domainName.com https://www.domainName.com/public/index\.php
Redirect https://www.domainName.com https://www.domainName.com/public/index\.php
Redirect http://domainName.com https://www.domainName.com/public/index\.php
Redirect http://www.domainName.com https://www.domainName.com/public/index\.php
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI}
#1# the error You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
# Deny from all
#2#does not give errors, but i am not able to access https://www.domainName.com/public/index.php, dditionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
#<FilesMatch ".">
# Deny from all
#</FilesMatch>
#3# gives errors, about wrong configuration
# <DirectoryMatch ".">
# Deny from all
# </DirectoryMatch>
Seems, that one has to redirect in case of deny:
Deny from all
ErrorDocument 403 https://www.somedomain.com/public/index.php/
If redirect in case of deny, there will not be the error for url somedomain.com, or www. somedomain.com
Structure:
/domainName/
/domainName/.htaccess
/domainName/public
/domainName/public/.htaccess
When in somedomain.com/public/ there shall be another .htaccess, whith rule Allow from all.
Full .htacess
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
Options -MultiViews
DirectoryIndex /public/index.php
#redirect to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
#[L,R=301]
# Now, rewrite any request to use www.
# [NC] is a case-insensitive match
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Deny from all
ErrorDocument 403 https://www.somedomain.com/public/index.php/
In somedomain.com/public/ there shall be another .htaccess, whith rule Allow from all.
the error You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Why 404.html page is not shown

I have this .htaccess
RewriteEngine On
ErrorDocument 404 /404.html
RewriteBase /
RewriteRule ^$ index\.html
RewriteRule ^(.+)\.html$ index.php?page=$1 [L]
RewriteRule ^robots.txt$ /generator.php?what=robots [L]
RewriteRule ^sitemap.xml$ /generator.php?what=sitemap [L]
If I go at: site.com/blablalblabla
I get 404 NOT FOUND, but it doens't show my 404.html page. Why?
Thank you
IMHO if the server fires up a 404, the 404.html will be the new REQUEST_URI to transform. The new uri will also go over all the rewrite rules and ending up redirected to index.php?page=404.
Try do add this rule condition:
RewriteCond %{REQUEST_URI} !^\/404\.html$
RewriteRule ^(.+)\.html$ index.php?page=$1 [L]
Try making a 404.md file with the following inside:
---
permalink: <insert 404 file path here>
---

Resources