I have a Drupal site where new content is added very rarely. Recently, there have been an increasing number of visits from bots to various URLs (node/add, user/register), which return Drupal's "Access denied" page.
I want to block access to these URLs in .htaccess. I have tried the following and it works:
<IfModule mod_alias.c>
Redirect 403 /node/add
Redirect 403 /user/register
</IfModule>
However, bots can still access ?q=node/add and ?q=user/register. I have tried including ?q= in the code above but no success.
How do I block access to these URLs in .htaccess ?
You can use mod_rewrite to do url-manipulation based on the query string. You'll need something like the (untested) code below.
RewriteEngine On
RewriteCond %{QUERY_STRING} ^q=(node/add|user/register)$
RewriteRule ^ - [F,L]
What does this do? It matches any url (^), then checks if the query string is equal to q=node/add or q=user/register. If either one matches, then the url is not rewritten (-), but access is denied [F] and the rewriting stops for this iteration [L].
While doing this via .htaccess is completely viable, I would reconsider this approach and consider putting these URLs into robots.txt for crawler bots. This way, they will ignore them completely, which is definitely more healthy for SEO.
Also, you can use Global Redirect module (https://drupal.org/project/globalredirect) to ensure that only clean URLs are used.
Related
My old page url looks like this
https://blabla.com/us/sample-data/us/
my new url looks like this
https://blabla.com/us/data/sample/us/
I added this into my htaccess
<IfModule mod_rewrite.c>
Redirect 301 ^sample-data/us/ /data/sample/us/ [NC,L]
</IfModule>
but i'm getting a internal server error
the 1st us in the url is dynamic depending on country user is from. and the 2nd us is the countries sample data. which is a list of 10 countries at the moment. could be more.
i tried
RewriteRule ^sample-data/us/ /data/sample/us/ [L,R=301,NC]
but no luck either. it redirects too
https://blabla.com/data/sample/us/ missing the 1st /us/
how do get this redirect working? Thanks
<IfModule mod_rewrite.c>
Redirect 301 ^sample-data/us/ /data/sample/us/ [NC,L]
</IfModule>
but i'm getting a internal server error
Because that directive is syntactically invalid. The [NC,L] argument is a parameter belonging to the mod_rewrite RewriteRule directive. Redirect is a mod_alias directive - there is no such "flags" parameter with the Redirect directive.
RewriteRule ^sample-data/us/ /data/sample/us/ [L,R=301,NC]
but no luck either. it redirects too
https://blabla.com/data/sample/us/ missing the 1st /us/
You appear to be missing the 1st /us/ (virtual path segment) from your directives, so I don't see how this is redirecting at all (unless you are seeing a cached response, or something else is performing the redirect)? This .htaccess file is presumably in the document root and you are presumably requesting the URL /us/sample-data/us/ and the first /us/ is virtual - so the directive above cannot possibly do anything?
If the first path segment is variable and you need to redirect to the same path segment and assuming this consists of two lowercase a-z letters then try the following instead:
RewriteRule ^([a-z]{2})/sample-data/us/ /$1/data/sample/us/ [R=302,L]
But what about the 2nd /us/ - is that not also variable? Should the 1st and 2nd instance of /XX/ (two letters) be the same?
Test first with 302 (temporary) redirect to avoid potential caching issues. You will need to clear your browser cache before testing.
I've removed the NC flag - should this really be a case-insensitive match?
Note that if you have existing directives in your .htaccess file then the order is important. Generally, external redirects need to go near the top, certainly before your front-controller.
not sure what my problem is, but I insert one rewrite into my htaccess file and the whole thing breaks. I used an htaccess tester and it says the rule works fine.
For some reason Google indexed the php file that I normally rewrite URLs to. So I need to take the .php page that displays and send it to the proper rewritten URL.
Here is the rule:
RewriteRule ^products/Automotive-Transmission-Torque-Converters-results.php$ /Search-Results [QSA,R=301,L]
The only thing I can think that would be causing the problem, is that I use this URL in another rewrite later on in my code.
Here is the second rewrite later on in the file:
RewriteRule ^Search-Results/?$ /products/Automotive-Transmission-Torque-Converters-results.php [QSA]
I hope I've identified the problem correctly. But again, I put the first rewrite rule into my htaccess and the the regular page doesn't show, the browser says there is an error on the page. Yet, htaccess testers say the rule works fine. Hence my suspicion.
RewriteRule ^products/Automotive-Transmission-Torque-Converters-results.php$ /Search-Results [QSA,R=301,L]
RewriteRule ^Search-Results/?$ /products/Automotive-Transmission-Torque-Converters-results.php [QSA]
Yes, these two directives used together will result in a redirect-loop (something that online testers don't appear to check for). The problem is that the first rule will trigger an external redirect after the second rule has rewritten the URL (when the rewrite engine starts over - in .htaccess).
The solution is to make sure the first rule (the external redirect) only triggers on direct requests from the client and not requests that have been internally rewritten.
We can check for direct HTTP requests by checking against the REDIRECT_STATUS environment variable, which is empty on the initial request and set to "200" (as in 200 OK HTTP status) after the first successful rewrite.
For example:
# Redirect direct request for PHP file to canonical URL
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^products/Automotive-Transmission-Torque-Converters-results\.php$ /Search-Results [R=301,L]
# Internally rewrite the canonical URL
RewriteRule ^Search-Results/?$ /products/Automotive-Transmission-Torque-Converters-results.php [L]
Note that I have removed the QSA from both rules, since it's not required here (the query string is appended by default). And I've included the L flag on the second rule. Also, don't forget to backslash escape the literal dot in the RewriteRule pattern.
Test first with 302 (temporary) redirect to avoid potential caching issues and make sure your browser cached is cleared before testing.
For some reason Google indexed the php file that I normally rewrite URLs to.
However, you need to try and identify how Google managed to find the PHP file/URL in the first place. If this is the a result of an incorrect internal link on your site then it needs to be fixed.
I am getting thousands of bot visits every hour to one specific URL of my website http://www.domain.com/.gtput/
I would like to block ALL traffic (human+bot) trying to access this URL. (This URL is not accessed by human, though!)
After lot of googling, I found an answer that worked from here --> Anyway to block visits to specific URLs, for eg via htaccess?. I am using following code in htaccess file to block this URL.
<IfModule mod_alias.c>
Redirect 403 /.gtput/
</IfModule>
Is there a BETTER way to block ALL traffic from accessing that one specific URL? So that I can save server resources (bandwidth etc.).
You can use the following Rule to forbid access to "/.gtput" :
RewriteEngine On
RewriteCond %{THE_REQUEST} /.gtput/? [NC]
RewriteRule ^ - [F,L]
I've tried many many methods of this but none seem to work.
I upgraded my site to PHP from ASP and as a result now I have 300+ 404's which i should of seen coming, but oh well.
Problem is I need to redirect these files and they are all dynamic:
old files are like: http://www.domain.co.uk/resoucecentreDetails.asp?title=foobar&ID=37
There are literally 100s of these so is there a quick way I can redirect them to a single page i.e. http://www.domain.co.uk/resoucecentreSelect.php
You can use Rewrite Rules in .htaccess.
Write following Rule in your htaccess.. It will redirect all your dynamic URLs to one page..
RewriteRule ^resoucecentreDetails.asp?title=(.*)&ID=(.*)$ /resoucecentreSelect.php [L,R=301]
This rule will do the job:
# activate rewrite engine
RewriteEngine On
RewriteBase /
# redirect rule
RewriteRule ^resoucecentreDetails.asp$ http://%{HTTP_HOST}/resoucecentreSelect.php [NC,QSA,R=301,L]
It will redirect all requests from /resoucecentreDetails.asp to /resoucecentreSelect.php preserving the query string, e.g.:
http://www.domain.co.uk/resoucecentreDetails.asp?title=foobar&ID=37
will become
http://www.domain.co.uk/resoucecentreSelect.php?title=foobar&ID=37
I have a site set up complete with an index, etc. I would like to redirect only traffic coming directly to www.example.com to www.example.com/foo.php. However, if a user tries to access www.example.com/index.php or any of the other existing pages directly, the request should return the appropriate page as normal. I can't seem to wrap my head around these rewrite rules. How would I accomplish this with .htaccess?
You could likely get away with just changing the DirectoryIndex to /foo.php:
DirectoryIndex foo.php
However, if you wanted to use mod_rewrite to actually rewrite the URL, there are a few different ways to accomplish this, but the clearist is to just check if the requested resource is an empty string (the root was requested, and the input to RewriteRule in .htaccess files doesn't contain a leading slash):
RewriteEngine On
RewriteRule ^$ /foo.php
Any request to the server that is not for / will simply be ignored and routed by Apache as normal.