How i Protect Folder with htaccess Kohana 3.2 App - .htaccess

Hello guys I need a HELP, I use in my application Kohana, and created a root folder called media to imgs, css, and js so I want to protect access it without the url for the site to function, is doing that?
Example:
app folder
system folder
modules folder
media new folder (i need protect this folder)
index.php
My File .htaccess in root is:
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]

You are talking about hotlinking.
Return 403 Forbidden with .htaccess (assuming example.com is your domain name):
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpe?g|gif|bmp|png|js|css)$ - [F]
Here is a special generator: http://www.htaccesstools.com/hotlink-protection/

Related

.htaccess redirect non-www to www, but within a subdirectory

I have a wordpress installation in the root of the server. I then have a kohana framework in a sub directory. I want to redirect any urls in the kohana framework from non-www to www.
The url structure for the base of the kohana framework is www.mydomain.com/quotes
I've tried adapting the standard redirect I've used before, but it's not working as expected. It redirects to the www version but it adds index.php at the end (www.mydomain.com/quotes/index.php).
EDIT: I forgot to mention I need this to redirect to https as well.
Below is my .htaccess file:
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /quotes
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]
# 301 redirect to dubdubdub
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/quotes/$1 [R=301,L]
How do I get this working so that the url redirects to www.mydomain.com/quotes/ and not www.mydomain.com/quotes/index.php

.htaccess redirect & hide directory path in url

I have wordpress installed in root directory. I want to use some separate php files as a page on my domain, for which I have made a separate directory which holds all files for serving the php files, of which the directory structure is as:
the root folder has all the wordpress files
the directory which I'd like to serve as a page
/inc/css/
/inc/php/
/inc/img/
the CSS stylesheet files directory location in the PHP file is ../inc/css one step back & then css folder.
I want to hide folders from URL such as the files are served from the root (hide the /inc/php/, /inc/css/ & /inc/img/ folders from URL).
eg: www.domain.com/inc/php/about.php redirect & rewrite this URL to www.domain.com/about
the .htaccess in my root
RewriteEngine On
RewriteBase /
# disable directory browsing
Options -Indexes
# Prevent hotlinking of images htaccesstools.com/hotlink-protection
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?domain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|ico|pdf|flv|jpg|jpeg|mp3|mpg|mp4|mov|wav|wmv|png|gif|swf|css|js)$ - [NC,F,L]
RewriteRule ^login$ http://domain.com/wp-login.php [NC,L]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
<files wp-config.php>
order allow,deny
deny from all
</files>
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>
I have tried the simple redirect rule but the folders are exposed in the URL.
Redirect 301 /about.php /inc/php/about.php
also I have some more files in the PHP folder on which I'd like to apply the same rule of redirect & rewrite URL & hide folders from URL & remove the PHP extention.
www.domain.com/inc/php/about.php redirect & rewrite this URL to www.domain.com/about
This, of course, means that you can't have the same base filename that's a php file and, say, a css file. Since if the request is www.domain.com/about, is that supposed to map to /inc/php/about.php or /inc/css/about.css? Or is it an image? If you have both files, only one will get mapped to.
But if that's really what you want, try adding these rules right after the hotlinking rule that you have:
# Externally redirect requests for /inc/
RewriteCond %{THE_REQUEST} \ /inc/(php|img|css)/([^\?\ ]+)\.(php|css|jpe?g|png|gif) [NC]
RewriteRule ^ /%2 [L,R=301]
# Check if the request is a php file:
RewriteCond %{DOCUMENT_ROOT}/inc/php%{REQUEST_URI}.php -f
RewriteRule ^(.*)$ /inc/php/$1.php [L]
# Check if the request is a css file:
RewriteCond %{DOCUMENT_ROOT}/inc/css%{REQUEST_URI}.css -f
RewriteRule ^(.*)$ /inc/css/$1.css [L]
# Check if the request is a jpeg file:
RewriteCond %{DOCUMENT_ROOT}/inc/img%{REQUEST_URI}.jpg -f
RewriteRule ^(.*)$ /inc/img/$1.jpg [L]
# Check if the request is a gif file:
RewriteCond %{DOCUMENT_ROOT}/inc/img%{REQUEST_URI}.gif -f
RewriteRule ^(.*)$ /inc/img/$1.gif [L]
# Check if the request is a png file:
RewriteCond %{DOCUMENT_ROOT}/inc/img%{REQUEST_URI}.png -f
RewriteRule ^(.*)$ /inc/img/$1.png [L]

Rewrite to remove url - kohana 3.2 and .htacess

My installation of Kohana 3.2 works well. The site is navigable and also the CRUD functions works. He is in the example address: www.site.com.br/folder/.
At .Htacess I have
# Turn on URL rewriting
RewriteEngine On
# Installation directory ()
RewriteBase /folder/
# Protect hidden files from being viewed
Files .*>
Order Deny,Allow
Deny From All
/Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* index.php/$0 [PT]
When I write the complete url www.site.com.br/folder/ url it work.
But now the server is pointing to the root and I need to be like www.site.com.br, in other works, remove the folder/.
I tried some options but the Kohana stop working:
RewriteRule .* folder/index.php/$0 [PT] or
RewriteRule ^folder/(.*).* index.php/$0 [PT]
You only need to remove the RewriteBase from the HyperText Access script. Then, the URI's will be parsed correctly within Kohana.

Server ignoring subdirectory htaccess file, going straight to root htaccess

I have an application that utilizes Codeigniter and SLIR (Smart Lencioni Image Resizer https://github.com/lencioni/SLIR). SLIR allows you to resize images using an intuitive URI structure. For example:
<img src="/slir/w100-h100/path/to/image.jpg"/>
This would resize the image to fit 100px * 100px. For whatever reason when I try to view a resized image, (eg. http://a2op03.com/slir/w300-h90/images/content/franchise-opportunities-badge.png) I am getting a 404 error generated by Codeigniter. I have verified the following:
http://a2op03.com/images/content/franchise-opportunities-badge.png does exist.
According to the host mod_rewrite is setup properly and working.
GD Library (for SLIR) is setup and enabled
According to SLIR, everything is setup properly (http://a2op03.com/slir/install/)
The Codeigniter [root] htaccess file looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#When your application folder isn't in the system folder
#This snippet prevents user access to the application folder
#Submitted by: Fabdrol
#Rename 'application' to your applications folder name.
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
#Checks to see if the user is attempting to access a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin
ErrorDocument 404 /index.php
</IfModule>
and the htaccess file in /slir/ looks like this:
# Prevent other scripts from interfering with SLIR
php_value auto_prepend_file none
php_value auto_append_file none
# Pretty URLs
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [S=40]
RewriteRule . index.php [L]
</IfModule>
# Prevent viewing of the error log file in its default location
<Files slir-error-log>
Order Deny,Allow
Deny from All
</Files>
My initial suspicion was that mod_rewrite.c was not setup properly and therefore was not being processed by the SLIR htaccess and falling back on the root htaccess which is sending it to a 404. I'm hosting on a managed VPS via servint.net and have WHM with full access to the server. The host claims that mod_rerwrite should be working fine. I have this working flawlessly on another server, but I can't figure out why it's not working here. Any helps is appreciated!
I figured it out! I just needed to add
RewriteBase /slir/
After
RewriteEngine On
In SLIR's htaccess file!

Kohana rewriting urls in .htaccess showing file not found message

I'm using Kohana 3.2 framework, I've put the standard .htaccess file in the same folder of the aplication.
my .htaccess file is
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /mysite/
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule ^(.*)$ /index.php/$0 [PT]
I've tried changing the las line to
RewriteRule ^(.*)$ /index.php/$0
RewriteRule ^(.*)$ /index.php/$0 [PT,L]
RewriteRule ^(.*)$ /index.php/$0 [PT,L,QSA]
RewriteRule .* /index.php/$0 [PT] - [PT,L] - [PT,L,QSA]
But it still shows
Not Found
The requested URL /index.php/login was not found on this server.
The complete path of the app is /var/www/es/ec/mysite
The complete working URL is http://10.0.0.1/ec/mysite/index.php/login
The complete NOT working URL is http://10.0.0.1/ec/mysite/login
Also...
Running in Apache 2.2.3 over CentOS 5
Any idea???
I got it!!
Here is how it gets done when the app is inside other folders.
The complete path of the app is /var/www/es/ec/mysite
The complete working URL is http://10.0.0.1/ec/mysite/index.php/login
The complete NOT working URL was http://10.0.0.1/ec/mysite/login
In /var/www/es/ec/mysite/application/bootstrap.php the Kohana::init stays like this
Kohana::init(array(
'base_url' => '/ec/mysite/',
'index_file' => FALSE,
'charset' => 'ISO-8859-1',
));
And the .htaccess like this
# Turn on URL rewriting
RewriteEngine On
# Installation directory
RewriteBase /
# Protect hidden files from being viewed
<Files .*>
Order Deny,Allow
Deny From All
</Files>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
RewriteRule .* /ec/mysite/index.php/$0
Hope this helps some one else!
Cheers!
You can try my Kohana .htaccess file
# Set environment
SetEnv KOHANA_ENV "development"
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I use Kohana 3.2, also. This rewrite tends to work for most of my projects.
Let me know how it works out!
In your bootstrap.php inside Kohana::init set 'index_file' => '',

Resources