I have a need to have only the home page have the following Filesmatch where .pdf files need to ask before opening up, but other .pdf files in the site (not on the home page) I want to open automatically. Is this the best way to accomplish this?
This is a Wordpress site, latest version, and the home page is a set page. Also, the owner of the site could add more .pdf links within the site so I don't want to complicate it too much where she has to manipulate code every time she adds a file.
Here is what is currently in my .htaccess file:
# Use PHP5 as default
AddHandler application/x-httpd-php5 .php
ErrorDocument 404 /index.php
ErrorDocument 403 /index.php
#BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.dramanotebook.com/$1 [R,L]
<Files 403.shtml>
order allow,deny
allow from all
</Files>
<FilesMatch "\.pdf$">
ForceType applicaton/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
# END WordPress
Thanks in advance,
Jim
I was able to accomplish this by using <Files></Files>.
example:
<Files "filenameexample.pdf">
ForceType applicaton/octet-stream
Header set Content-Disposition attachment
</Files>
The trick is you need to add a <files></files> for each file you want to individually control. There are no options to say "all PDF's on this page be protected, but other pages do something else". Actually, you could..but you would have to put an .htaccess file in each folder to "revert" it back to another way for those extensions. Crazy. Faster just to do the 3 files I needed specifically.
I found none of the information online helpful nor any responses. I just tested a lot.
Jim
Related
I have the urls
https://example.net/app/ref/user/u123456
https://example.net/app/ref/user/u123456/
Need redirect both url to https://example.net/app/ref/user/index.php?referral=u123456
How to do it with a file .htaccess? Unfortunately, I couldn't do it, so I'm asking for your help.
UPD: Now me .htaccess is in the same directory as index.php:
<IfModule mod_rewrite.c>
RewriteEngine on
</IfModule>
AddType application/x-httpd-php .html
<Files 403.shtml>
order allow,deny
allow from all
</Files>
With your shown samples please try following htaccess rules file. Please make sure you keep your .htaccess rules file in your root folder; alongside with your app folder.
Make sure to clear your browser cache before testing your URLs.
RewriteEngine ON
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]*/[^/]*/[^/]*)/([^/]*)/?$ $1/index.php?referral=$2 [QSA,L]
I can't sign in to the WordPress admin dashboard it just keeps redirecting back to the login page. I notice the .htaccess has a weird code in it,
<FilesMatch ".(py|exe|php)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch "^(about.php|radio.php|index.php|content.php|lock360.php|admin.php|wp-login.php|wp-l0gin.php|wp-theme.php|wp-scripts.php|wp-editor.php)$">
Order allow,deny
Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I tried replacing the code with the default one but it just keep coming back. Also, I noticed that the wp-config.php was set to 0444 permission. I think it has something to do with malware.
How can I fix this issue? Appreciate your help!.
Thank you!
I want to know how can i restrict access to my file on my root directory using .htaccess files on my root directory. I have the following code but it is not working.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Any help would be appreciated thanks.
If I've understood you correctly, you want to block access to your wordpress files using .htaccess. To do this you can use:
<FilesMatch (wp-config|wp-admin|wp-content)\.php>
order allow,deny
deny from all
</files>
Or if you're using Apache 2.4:
<FilesMatch (wp-config|wp-admin|wp-content)\.php>
Require all denied
</files>
You then just need to put in the specific files that you want to restrict access to. I've just included three of the important ones as an example. Hope this helps.
I have a cscart installation, with the classic htaccess.
<IfModule mod_rewrite.c>
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !\.(png|gif|ico|swf|jpe?g|js|css)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(win) [NC]
RewriteRule . index.php?sef_rewrite=1 [L,QSA]
</IfModule>
But, there is a folder with a php script I need to be accessible. Anytime I try to access that script, it shows CScart 404 page. But if change the script in the subdirectory to any other different file extension, it suddenly works.
cscart.com/folder/file.php doesn't work
cscart.com/folder/file.html works
Would any of you guys know how to turn htacess for that folder to run and show cscart 404 page?
Please check if under folder cscart.com/folder/ is present any .htaccess, this may be the issue
Some cs-cart folder have .htaccess with content
Order deny,allow
Deny from all
<Files ~ "\.(js|css|png|jpg|gz)$">
order allow,deny
allow from all
</Files>
remove this line:
RewriteBase /
Or correct the path when moving the CS-Cart to another directory.
RewriteBase /some/other/path
I'm using CodeIgniter and .htaccess to rewrite the URLs but I want it to ignore index.html.
This is so we can upload an index.html at any time as this will be a temporary landing page. With a link through to the main site on the index.php.
This is what is currently in .htaccess and I have set the server's directory index to index.html index.php
RewriteEngine on
RewriteCond $1 !^(index\.html|index\.php|js|img|fonts|data|css|uploaded|mobile_devices|audioplayer|emails|robots\.txt|archive_blog)
RewriteRule ^(.*)$ /index.php/$1 [L]
Thanks for any help
that rather looks like you want to rewrite everything that does not really exist in your directory.
try this instead of your current RewriteCond:
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1
Instead of using RewriteCond to ignore the index.html file, you could instead restrict access to it directly through using the FilesMatch directive. FilesMatch accepts a regular expression which could filter based on file name (e.g., index.html) or any regular expression.
Blocking access to the index.html file
<FilesMatch "index\.html$">
Order allow,deny
</FilesMatch>
That would completely deny access to the index.html file. I will admit, that I do not know the negative effects this would have on search engine crawling.
To read more about the FilesMatch Directive see http://httpd.apache.org/docs/current/mod/core.html#filesmatch
As for the rest of the directories in that list you currently have, you could just lock down all directory access regardless of name. It would give you a little more coverage going forward.
Options -Indexes
To read more about the Options Directive see http://httpd.apache.org/docs/current/mod/core.html#options
In the end your new .htaccess file would look something like this:
# Protect specific files from access
<FilesMatch "index\.html$">
Order allow,deny
</FilesMatch>
# Hide directory listing for URL's mapping to a directory
Options -Indexes
# Follow all symbolic links in this directory
Options +FollowSymLinks
# General rewrite rules
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L,QSA]
</IfModule>
Why don't you use the built in environment function?
You could create a 'maintenance' environment and set the base controller to whatever you want. Then you would just need to edit the index.php file to specify the environment you want.