I want to allow access to my site when there is s=stick_path or s=stick_relative in the query string otherwise deny the access. e.g allow access when www.domain.com/?s=stick_path but deny access when www.domain.com/?s=ck_relative or www.domain.com/?s=action_path.
I have tried for simple example like www.domain.com/?s=stick_path but it does not seem to work.
RewriteCond %{QUERY_STRING} !^s=stick_path$
RewriteRule ^.* - [F,L]
I think one can trick the .htaccess rule if s parameter is present twice like www.domain.com/?s=stick_path&s=action_path
The rules you have work for me when I try to go to http://localhost/?s=stick_path, but if you want to be able to check anywhere for the query string, try:
RewriteCond %{QUERY_STRING} !(^|&)s=stick_path(&|$)
RewriteCond %{QUERY_STRING} !(^|&)s=stick_relative(&|$)
RewriteRule ^.* - [F,L]
This works if either s=stick_path or s=stick_relative is anywhere in the querystring.
Answer pulled from an OP's update
RewriteEngine ON was missing in the .htaccess.
So, the correct code was:
RewriteEngine on
RewriteCond %{QUERY_STRING} !^s=stick_path$
RewriteRule ^.* - [F,L]
Related
I want to deny access to all my posts/pages via their database id address e.g. /?p=1 , /?p=2 , ... etc
I am looking at doing this using .htaccess and would guess it would be best done with a RewriteCond rule. I have tried this but it doesn't appear to work.
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/?p=*
RewriteRule ^(.*)$ - [F,L]
Any help greatly appreciated
With your shown samples, please try following.
Please make sure to clear your browser cache before testing your URLs.
RewriteEngine ON
RewriteCond %{QUERY_STRING} ^p=[0-9]+ [NC]
RewriteRule ^ - [F,L]
As per OP's comments to match p or page with = digits try following then.
RewriteEngine ON
RewriteCond %{QUERY_STRING} ^(p|page)=[0-9]+ [NC]
RewriteRule ^ - [F,L]
I want to deny access to urls starting with /mapname , so that urls like /mapname/mapname2 and /mapname/file1 etc, are blocked. But there is 1 url that I want to allow, for example /mapname/mapname.php/something/something/something.php/something . How do I do this using htaccess?
To deny access I used the following code example. This worked, but I can't figure out how to allow specific urls.
RewriteCond %{REQUEST_URI} /mapname
RewriteRule ^.*$ / [R=301,L]
In single RewriteRule one can do this using negative lookahead:
RewriteRule ^mapname(?!/something\.php/allow/this/uri/?$) - [F,L,NC]
You can use this :
RewriteRule ^mapname/something\.php/allow/this/uri/?$ - [L]
#Deny any other uri string starting with "/mapname
RewriteCond %{REQUEST_URI} ^/mapname
RewriteRule ^.*$ - [F,L]
How do I change example.com/1 to example.com/?id=1
I've tried googling but I can only find code for example.com/?id=1 to example.com/1
I used a generator and got this, but it didn't work
RewriteEngine On
RewriteRule ^\?get\=$ / [L]
Thanks,
Isaac
It kind of depends on which way you want to do the rewrite - ie, what does the user type see, and what does the server do.
If you want the user to see "http://example.com/1" and internally the server provides "http://example.com/?id=1", then the following should work:
RewriteRule ^([0-9]+)$ /?id=$1
However, if you want the user see "http://example.com/?id=1", and internally the server provides "http://example.com/1", then the following, as per Jon Lin's answer, should do it:
RewriteCond %{QUERY_STRING} ^id=([0-9]+)$
RewriteRule ^$ /%1?
You can't match against the query string in a RewriteRule statement, you need to use a RewriteCond and the %{QUERY_STRING} variable:
RewriteEngine On
RewriteCond %{QUERY_STRING} ^id=([0-9]+)$
RewriteRule ^$ /%1? [L]
The ? is needed in the rule's target to remove the query string.
Basically I do not want people that visit my site to get all of the files, but all the things I tried and found on the internet disallow the usage of GET variables after the index.php. I'm using a rewrite to make domain.com/lol go to index.php?lol.
This is my current .htaccess file, if you'd like to modify it to make it easier for me, go ahead too.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteRule .? http://domain.com%{REQUEST_URI} [L,R=301]
RewriteRule ^act/(.*)$ index.php?act=$1
RewriteRule ^code/(.*)$ index.php?code=$1
RewriteRule ^login$ index.php?login
RewriteRule ^logout$ index.php?logout
RewriteRule ^add$ index.php?add
RewriteRule ^tac$ index.php?tac
RewriteRule ^profile$ index.php?profile
Following rule stops direct requests to index.php (either with or without) arguments:
# block direct requests to index.php and redirect it to /
RewriteCond %{ENV:REDIRECT_STATUS} =""
RewriteRule ^index.php$ /
If needed, you can change the rewrite target and/or add some more conditions based on what exactly is allowed and what's not.
Well I am using the following code to redirect users who don't have my IP to a coming soon page:
rewritebase /
rewritecond %{REMOTE_HOST} !(^1\.2\.3\.4)
rewritecond %{REQUEST_URI} !/comingsoon\.html$
rewriterule .* http://www.andrew-g-johnson.com/comingsoon.html [R=302,L]
I want to make it so that I have two IP's that are allowed, any ideas how?
I'd actually recommend Cletus' suggestion, but an alternative if you wanted to stick with .htaccess would also be to just add on more lines of conditions (benefit is it's more legible than concatenating them all into one long regex):
rewritebase /
rewritecond %{REMOTE_HOST} !(^1\.2\.3\.4)
rewritecond %{REMOTE_HOST} !(^5\.6\.7\.8)
# and so forth
rewritecond %{REQUEST_URI} !/comingsoon\.html$
rewriterule .* http://www.andrew-g-johnson.com/comingsoon.html [R=302,L]
You could specify a regular expression like:
(1\.2\.3\.4|5\.6\.7\.8)
but that becomes unwieldy the more exceptions you want.
what you might want to do instead use mod_access (assuming you're using Apache) with allow and deny directives.
order deny, allow
deny all
allow from 1.2.3.4
allow from 5.6.7.8
ErrorDocument 403 http://www.andrew-g-johnson.com/comingsoon.html
combined with a custom error document for 403 that says coming soon.
RewriteCond directives are combined implicitly with AND. So you just have to add another RewriteCond directive to express this:
RewriteCond %{REMOTE_HOST} !^1\.2\.3\.4$
RewriteCond %{REMOTE_HOST} !=5.6.7.8
RewriteRule !^comingsoon\.html$ comingsoon.html [R=302,L]
Additionally, you should specify the begin an the end of the address usind ^ and $ or do a lexicographical comparison with =.