I'm running WAMP on my Win7 box and trying to configure an htaccess folder to restrict my guests from browsing the directory structure.
Right now, if you head to http://grovertechnologysolutions.com/Technical, it will list the directory structure which I do not want. They should be only able to get to the .html site.
I've already modified the httpd.conf file to remove the commented out rewrite mod.
I've added the htaccess file to the documentroot of my website.
My htaccess file looks like this:
options -indexes
# or #
IndexIgnore *
I've restarted all services multiple times.
Should the htaccess be in the WWW folder or the document root? I run many websites virtually and only care about my main site, so I've been placing the htaccess inside that folder, but have tried www as well.
I'm assuming you've edited the proper .htaccess file in the website's DocumentRoot folder.
Options -Indexes
The above will only work if your particular WAMP's configuration and the website's VirtualHost file has the proper AllowOverride value set, such as...
AllowOverride All
Check the website's VirtualHost file, and/or httpd.conf's for something like...
<Directory "C:/WampDeveloper/Websites/www.example.com/webroot">
Options All
AllowOverride All
order allow,deny
allow from all
</Directory>
If it's not set to All nor lists Indexes, that .htaccess line is going to get ignored.
I've already modified the httpd.conf file to remove the commented out rewrite mod
mod_rewrite has nothing to do with this.
I've restarted all services multiple times.
.htaccess files are re-read on every request. You don't need to restart Apache.
http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
Related
I have a website running on a server. It's just an index.html with a hello world text. Also, I have a folder named /vpn which contains various txt files and an index.html file.
If I try to access the URL domain/vpn, it shows me the content of index.html.
I just need to show the files inside the folder vpn when the user tries to access domain/vpn.
I created an .htaccess file with the next content in the root:
RewriteEngine on
<If "%{REQUEST_URI} == '/vpn/'">
DirectoryIndex disabled
Options +Indexes
</If>
When I try to access to vpn, it shows me a 404 error, the requested URL was not found on this server.
.htaccess is applying the DirectoryIndex rule (If a delete it, it shows me index.html content again), but not the Options +Indexes one.
I tried the same example in localhost (with XAMPP) and it's working fine.
What can be the problem?
PD: This is the content of apache2.conf file:
When I try to acces to vpn, it shows me a 404 error, the requested URL was not found on this server.
If you are getting a "404 Not Found" then it would imply that mod_autoindex is not actually installed on your server (consequently Options +Indexes has no effect - although it would seem from your server config that Indexes is perhaps already enabled).
mod_autoindex is the module responsible for generating the directory listings.
I created an .htaccess file with the next content in the root:
Personally, I would create an additional .htaccess file in the /vpn directory instead:
DirectoryIndex disabled
Options +Indexes
And disable Indexes (and set DirectoryIndex) in the root .htaccess file.
NB: RewriteEngine has no place here, unless you are overriding a parent config.
If I try to access the url "domain/vpn"
Note that you should be requesting domain/vpn/ (with a trailing slash). If you omit the trailing slash then mod_dir issues a 301 redirect to append it.
I've just installed ubuntu-server_6.04.2_LTS, after the fresh installation I've enabled mod_rewrite, it's showing in phpinfo()
my .htaccess file is OK
but, still requests are not going through index.php
You should check if for that specific directory (root folder of your project), apache is configured to allow overriding through .htaccess.
If you want to allow such override, the directives found in apache.conf or the specific settings for your virtual host should look like this:
<Directory /var/www/>
AllowOverride All
Require all granted
</Directory>
When I browse example.com/img it shows all the directory contents. This leads to security problem . How to redirect these kind of url requests to example.com but without using htaccess
Best practice usually suggests adding these lines to your Apache config to disable directory listing:
<Directory />
Options -Indexes
Order allow,deny
Allow from all
</Directory>
But this will simply deny users access to the URL example.com/img. If you'd like to redirect as well, you could add an index.php file to each directory you'd like to redirect from in addition to making the Apache config change. The index.php file should contain:
<?php
header("Location:".$_SERVER['DOCUMENT_ROOT']);
I have a subdirectory setup with a static website inside.
But when I go to www.site.com/directory/ it doesn't show the index page, only www.site.com/directory/index.html works.
Is there a way for .htaccess to rewrite this?
I can't just forward all urls because there are also other pages like www.site.com/directory/other.html that still need to work.
Inside /directory/ it's enough that you put an .htaccess file with the directive:
DirectoryIndex index.html
If it still does not work, maybe there are other server directives conflicting with it.
In Apache config you should enable AllowOverride so you could set different options in .htaccess. In that file you could set the DirectoryIndex directive.
See:
http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex
http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
To prevent my Ajax files from direct acccess I did this:
I put all files in a common directory called "ajax" and put this in an .htaccess file in the same folder. This is my directory structure:
/var/www/html/ajax
<Directory "/var/www/html/ajax">
order allow,deny
Deny from all
Allow from 127.0.0.1
</Directory>
But this produces server error 500. .htaccess use is enabled in my server along with mod-rewrite. Please help.
The Directory directive is not allowed in your .htaccess file. see http://httpd.apache.org/docs/2.0/mod/core.html#directory. However, you can achieve the same result by simply placing the code you have in the .haccess in the /var/www/html/ajax directory, without the Directory directive
order allow,deny
Deny from all
Allow from 127.0.0.1
<Directory> is a directive that's not supported in .htaccess files, it's core and vhost specific.
For an .htaccess file, the directive is superfluous and must be omitted, because the directory is implied by the location of the .htaccess file.
Simply remove <Directory> and its closing "tag" and it should work.