Develop Reference

htaccess to allow specific domains or url's as wild card?

htaccess we are trying to allow specific domains or url's (as wild card for their sub domains) to access video files in a folder that is blocked to everyone else. We want to grant access so they can transcode it. Any help would be most appreciated. Example:
<IfModule !mod_authz_core.c>
Order Deny,Allow
#Deny from all
allow from .xyz.com
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Order Deny,Allow
#Deny from all
Allow from .xyz.com
Allow from .abcdef.com
</IfModule>
# BEGIN code execution protection
<IfModule mod_rewrite.c>
#RewriteRule ^.*$ - [F,L,NC]
</IfModule>
<IfModule mod_php5.c>
php_flag engine 0
</IfModule>
<IfModule mod_php7.c>
php_flag engine 0
</IfModule>
AddHandler cgi-script .php .phtml .php3 .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
# END code execution protection```

.htaccess subfolder no redirect correctly - Error 404

I have a wordpress installation in the root of my server, I wanted to use the "opensourcepos" script in a new directory called "ospos"
If I try to access the link
www.mysite.it/ospos/
I am redirected to
www.mysite.it/public
with 404 error
To access the ospos installation I have to go to
www.mysite.it/ospos/public
only in this way everything works correctly.
Maybe there is some instruction in the ospos folder .htaccess file
which does not redirect correctly.
Code .htaccess wordpress /root
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Code .htaccess root/ospos
# redirect to public page
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^public$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
RewriteRule "^(.*)$" "/public/" [R=301,L]
</IfModule>
# disable directory browsing
# For security reasons, Option all cannot be overridden.
Options +ExecCGI +Includes +IncludesNOEXEC +SymLinksIfOwnerMatch -Indexes
# prevent folder listing
IndexIgnore *
# Apache 2.4
<IfModule authz_core_module>
# secure htaccess file
<Files .htaccess>
Require all denied
</Files>
# prevent access to PHP error log
<Files error_log>
Require all denied
</Files>
# prevent access to LICENSE
<Files LICENSE>
Require all denied
</Files>
# prevent access to csv, txt and md files
<FilesMatch "\.(csv|txt|md|yml|json|lock)$">
Require all denied
</FilesMatch>
</IfModule>
# Apache 2.2
<IfModule !authz_core_module>
# secure htaccess file
<Files .htaccess>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to PHP error log
<Files error_log>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to LICENSE
<Files LICENSE>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to csv, txt and md files
<FilesMatch "\.(csv|txt|md|yml|json|lock)$">
Order allow,deny
Deny from all
Satisfy all
</FilesMatch>
</IfModule>
Code .htaccess root/ospos/public
RewriteEngine On
# To redirect a subdomain to a subdir because of https not supporting wildcards
# replace values between <> with your ones
# RewriteCond %{HTTP_HOST} ^<OSPOS subdomain>\.<my web domain>\.com$ [OR]
# RewriteCond %{HTTP_HOST} ^www\.<OSPOS subdomain>\.<my web domain>\.com$
# RewriteRule ^/?$ "https\:\/\/www\.<my web domain>\.com\/<OSPOS path>" [R=301,L]
# To rewrite "domain.com -> www.domain.com" uncomment the following lines.
# RewriteCond %{HTTPS} !=on
# RewriteCond %{HTTP_HOST} !^www\..+$ [NC]
# RewriteCond %{HTTP_HOST} (.+)$ [NC]
# RewriteRule ^(.*)$ http://www.%1/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# if in web root
# RewriteRule ^(.*)$ index.php?/$1 [L]
# if in subdir comment above line, uncomment below one and replace <OSPOS path> with your path
RewriteRule ^(.*)$ /ospos/public/index.php?/$1 [L]
# disable directory browsing
# For security reasons, Option all cannot be overridden.
#Options All -Indexes
Options +ExecCGI +Includes +IncludesNOEXEC +SymLinksIfOwnerMatch -Indexes
# prevent folder listing
IndexIgnore *
# Apache 2.4
<IfModule authz_core_module>
# secure htaccess file
<Files .htaccess>
Require all denied
</Files>
# prevent access to PHP error log
<Files error_log>
Require all denied
</Files>
</IfModule>
# Apache 2.2
<IfModule !authz_core_module>
# secure htaccess file
<Files .htaccess>
Order allow,deny
Deny from all
Satisfy all
</Files>
# prevent access to PHP error log
<Files error_log>
Order allow,deny
Deny from all
Satisfy all
</Files>
</IfModule>
<IfModule mod_expires.c>
<FilesMatch "\.(jpe?g|png|gif|js|css)$">
ExpiresActive On
ExpiresDefault "access plus 1 week"
</FilesMatch>
</IfModule>
I have read many questions and made many tests, but I still haven't been able to figure out where and what to change to make it redirect correctly.
Anyone have any suggestions on this?
Thank you
PHP version: 7.3.13
MySQL version: 5.6.44-86.0
OS and version: CentOS 7
WebServer is: Apache 2.4
How should I edit:
RewriteCond %{REQUEST_URI} !^public$
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
RewriteRule "^(.*)$" "/public/" [R=301,L]

htaccess rewritecond, starts with and ends with matching

Cant seem to get a redirect to work. Please consider the following:
/poles/foobar.html
/poles/foobar/doodaa.html
/poles/foobar.html?qparam=123
/poles/foobar/doodaa.html?qparam=123
/poles/foobar.html?qparam=123&cat=444
/poles/foobar/doodaa.html?qparam=123&cat=444
My current rule (i know it wont catch all the above...but I cant even get it to catch any of them)
RewriteCond %{THE_REQUEST} ^/poles
RewriteCond %{THE_REQUEST} ^\.html$
RewriteRule (.*) /poles/ [R=301,L]
How could I catch all possible url scenarios? They would all start with /poles/ and end in .html ...or .html?queryparams
UPDATE, MY .HTACCESS FILE CONTENTS, MAGENTO2 SITE:
############################################
## overrides deployment configuration mode value
## use command bin/magento deploy:mode:set to switch modes
# SetEnv MAGE_MODE developer
############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
# Options -MultiViews
## you might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini
############################################
## this line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## default index file
DirectoryIndex index.php
<IfModule mod_php5.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_php7.c>
############################################
## adjust memory limit
php_value memory_limit 768M
php_value max_execution_time 18000
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
## disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
## disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level
## SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
AddType 'text/html; charset=UTF-8' html
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
</IfModule>
###########################################
## Deny access to root files to hide sensitive application information
RedirectMatch 403 /\.git
<Files composer.json>
order allow,deny
deny from all
</Files>
<Files composer.lock>
order allow,deny
deny from all
</Files>
<Files .gitignore>
order allow,deny
deny from all
</Files>
<Files .htaccess>
order allow,deny
deny from all
</Files>
<Files .htaccess.sample>
order allow,deny
deny from all
</Files>
<Files .php_cs>
order allow,deny
deny from all
</Files>
<Files .travis.yml>
order allow,deny
deny from all
</Files>
<Files CHANGELOG.md>
order allow,deny
deny from all
</Files>
<Files CONTRIBUTING.md>
order allow,deny
deny from all
</Files>
<Files COPYING.txt>
order allow,deny
deny from all
</Files>
<Files Gruntfile.js>
order allow,deny
deny from all
</Files>
<Files LICENSE.txt>
order allow,deny
deny from all
</Files>
<Files LICENSE_AFL.txt>
order allow,deny
deny from all
</Files>
<Files nginx.conf.sample>
order allow,deny
deny from all
</Files>
<Files package.json>
order allow,deny
deny from all
</Files>
<Files php.ini.sample>
order allow,deny
deny from all
</Files>
<Files README.md>
order allow,deny
deny from all
</Files>
<Files magento_umask>
order allow,deny
deny from all
</Files>
# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php
################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
# ######################################################################
# # INTERNET EXPLORER #
# ######################################################################
# ----------------------------------------------------------------------
# | Document modes |
# ----------------------------------------------------------------------
# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
#
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx
<IfModule mod_headers.c>
Header set X-UA-Compatible "IE=edge"
# `mod_headers` cannot match based on the content-type, however,
# the `X-UA-Compatible` response header should be send only for
# HTML documents and not for the other resources.
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
</IfModule>
# CUSTOM 301 REDIRECTS
# --------------------------------------------------------- ##
# Custom eyelets category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/eyelets-3.html?(.*)
RewriteCond %{query_string} ^cat=233
RewriteRule (.*) /eyelets/plastic-eyelets/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/eyelets-3.html?(.*)
RewriteCond %{query_string} ^cat=234
RewriteRule (.*) /eyelets/metal-eyelets/? [R=301,L]
# Custom poles category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/poles.html?(.*)
RewriteCond %{query_string} ^range=251
RewriteRule (.*) /poles/? [R=301,L]
# Custom track category query param url redirects
# -------------------------------------------------
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=104
RewriteRule (.*) /tracks/plastic-track/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=951
RewriteRule (.*) /tracks/metal-track/? [R=301,L]
RewriteCond %{THE_REQUEST} ^/track.html?(.*)
RewriteCond %{query_string} ^cat=95&range=5391
RewriteRule (.*) /tracks/metal-track/vogue/? [R=301,L]
# Category url redirects
# -------------------------------------------------
Redirect 301 /poles.html /poles
Redirect 301 /track.html /tracks
Redirect 301 /curtrain-track.html /tracks
Redirect 301 /net-suspension-products.html /net-suspension
Redirect 301 /tiebacks-and-trimmings.html /tiebacks
Redirect 301 /brassware-1.html /brassware
Redirect 301 /eyelets-3.html /eyelets
Redirect 301 /blinds.html /blinds/retail-blinds
Redirect 301 /roman-blind-systems.html /blinds/roman-blind-systems
Redirect 301 /shower-rail-products.html /net-suspension/shower-rail-products
Redirect 301 /accessories-and-sundries.html /accessories
Redirect 301 /panel-track.html /tracks/metal-track/panel-track
Redirect 301 /valance-track.html /tracks/metal-track/aluminium-valance-rail
# Subcategory url redirects - DOES NOT WORK
# -------------------------------------------------
# eg: /poles/foobar.html
# eg: /poles/foobar/doodaa.html
# eg: /poles/foobar.html?cat=4
# eg: /poles/foobar/doodaa.html?cat=4
RewriteCond %{THE_REQUEST} ^/poles
RewriteCond %{THE_REQUEST} ^\.html$
RewriteRule (.*) /poles/? [R=301,L]
# Page/Section url redirects
# -------------------------------------------------
Redirect 301 /downloads /resources
Redirect 301 /about-us /about-us.html
Redirect 301 /specialoffers /blog
Redirect 301 /testimonials /blog
Redirect 301 /contact-us /contact

This seems to be what you're trying to achieve:
RewriteCond %{REQUEST_URI} ^/poles/.*\.html$
RewriteRule ^ /poles/? [R=301,L]
You nearly had it. The caret (^) means the start of the string, so needed removing on your second condition. They could also be combined. The query string isn't part of the match in REQUEST_URI so any query string will match. The question mark in the RewriteRule removes any query string.

Silverstripe & .htaccess - How to access a specific folder and view the directory index?

I want to be able to access the directory index view when I hit the URI /client-files - I am using Silverstripe which comes with its own .htaccess out of the box which I have provided at the end.
e.g domain.com/client-files
Sample image of what I am trying to achieve, just with a different folder name...
I have tried the following:
I have tried adding - (This gives me a 500 error):
<Directory "/client-files">
Options +Indexes
</Directory>
and adding this:
RewriteCond %{REQUEST_FILENAME} !-d - This gives me "Forbidden - You don't have permission to access /client-files/ on this server."
My .htaccess (Default)
### SILVERSTRIPE START ###
# Deny access to templates (but allow from localhost)
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Order deny,allow
Deny from all
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files *.yml>
Order allow,deny
Deny from all
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_rewrite.c>
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
<IfModule mod_dir.c>
DirectoryIndex disabled
</IfModule>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
RewriteBase '/'
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
# Process through SilverStripe if no file with the requested name exists.
# Pass through the original path as a query parameter, and retain the existing parameters.
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* framework/main.php?url=%1 [QSA]
</IfModule>
### SILVERSTRIPE END ###

I ended up getting it to work by using what #munomono said but slightly different.
I ended up having my own .htaccess file in the /client-files directory and putting this in it:
.htaccess
RewriteCond %{REQUEST_FILENAME} !-d
Options +Indexes

proper userdir.conf for this .htaccess

The story behind...
Ok, I was experimenting things with my netbook...without having backup files. Yes, I'm a moron :D
The Problem
I have this .htaccess file in my userdir which was working properly before I screwed up my partion:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /~dierre/DierReLabS/
RewriteRule ^(tutorials|me|not-found|add)$ $1/ [R=301,L]
RewriteRule ^me/$ me.php [L]
RewriteRule ^style/$ style.css [L]
RewriteRule ^logo/$ logo2.png [L]
RewriteRule ^add/$ add.php [L]
RewriteRule ^tutorials/$ tutorials.php [L]
RewriteRule ^tutorial/([a-zA-Z0-9\-]+)/$ tutorial.php?tut=$1 [L]
RewriteRule ^not-found/$ 404.php [L]
# This is a real directory...
RewriteCond %{REQUEST_FILENAME} -f [OR]
# Or it's a real file...
RewriteCond %{REQUEST_FILENAME} -d
# And it's not not-found/...
RewriteCond $0 !=not-found/
# And it's not the root
RewriteCond $0 !=""
# And it's not any of the above due to an internal redirect...
RewriteCond %{ENV:REDIRECT_STATUS} ^$
# So cause a 404 response (you could redirect to 404.php if you want)
RewriteRule ^.*$ - [R=404,L]
ErrorDocument 404 /~dierre/DierReLabS/not-found/
In the userdir this .htaccess does not work properly with the default parameters in userdir.conf. I do not have anymore that configuration. The current configuration is:
<IfModule mod_userdir.c>
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
</IfModule>
I really can't recall what I did. Can you help me?

Thanks God for forsaken laptop! I've started today my Thinkpad and it was there the configuration with a non-updated version of the site.
<IfModule mod_userdir.c>
UserDir public_html
UserDir disabled root
<Directory /home/*/public_html>
#AllowOverride FileInfo AuthConfig Limit Indexes
AllowOverride All
#Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Options Indexes FollowSymLinks
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
</IfModule>