.htaccess rewrite with url masking - .htaccess

I need to do a url rewrite maintaining following condition:
rewrite http://domain.net (or http://www.domain.net) to http:// ip:port/folder
redirect any other request like http://domain.net/logout?query=1 to http:// ip:port/folder/logout?query=1 (preserve query string and all)
mask the rewrite so that novice users cannot detect the ip (the address where they are redirected to) from the browser url bar
as for masking, a visible redirection like http:// domain.net:port/folder is also acceptable.
What I tried so far: The following results in 500 error.
RewriteCond %{HTTP_HOST} ^(*.)?domain\.net$
RewriteRule ^(/)?$ http:// ip:port/folder/$1 [L,R,QSA]
The following works without the masking:
RewriteCond %{HTTP_HOST} !^www\.domain\.net [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http:// ip:port/folder/$1 [L,R,QSA]

You can do this only if ip:port and domain.net refers to the same server. Otherwise you have to use some script that pulls the remote content from ip:port for a request to domain.net, if you want to hide ip:port.
Otherwise you can proxy the request to another server using the [P] flag.
See: http://httpd.apache.org/docs/current/rewrite/flags.html#flag_p

Related

Redirect HTTPS to HTTP for one directory while ISAPI rewrite in place

I've got a site (example.com) and a blog (externalblog.com) which is hosted externally and reverse-proxied using ISAPI rewrite. So if you go to www.example.com/blog you're actually on externalblog.com, but the URL is masked.
I've got this working with a number of sites, but the issue is when the parent site uses HTTPS, whereas the blog is only HTTP. When visitors attempt to follow old links, the blog posts will show normally under the https version of the url, but the stylesheets are all broken and a "no certificate" warning is shown.
I need an htaccess rule that will do 2 things:
Forward anyone attempting to access an https version of a blog post only (ie anything within www.example.com/blog) to the http version instead.
Forward anyone attempting to visit example.com/blog (without the www) to http://www.example.com/blog instead of the https version, which it currently does.
However I've like the rules to only affect www.example.com/blog and nothing else on example.com. My current rule for ISAPI rewrite on example.com is as follows:
RewriteRule ^blog(.+)$ http://www.externalblog.com$1 [R=301,L]
This works correctly and is based on an article online called "using reverse proxying to pull a wordpress blog into your domain" – I can't add any more links here due to not having enough reputation.
Any help would be much appreciated.
EDIT: I tried the following
RewriteCond %{HTTPS} on
RewriteCond %{THE_REQUEST} ^[A-Z]+\s/blog [NC]
RewriteRule ^blog(.+)$ http://www.externalblog.com$1 [R=301,L]
This works as far as rewriting https to http – but reverse proxy URL masking no longer kicks in.
Your explanation is rather unclear, so sorry if my answer will be unrelated. I suppose you are trying to force everything under www.example.com/blog to be HTTPS, instead of HTTP? Then try this rule:
RewriteEngine On
# HTTP to HTTPS redirect rule
RewriteCond %{HTTPS} off [NC]
RewriteCond %{HTTP:Host} ^www\.example\.com$ [NC]
RewriteRule ^(blog/.*)$ https://www.example.com/$1 [NC, R=301, L]
# No www. to www. redirect rule
RewriteCond %{HTTP:Host} ^example\.com$ [NC]
RewriteRule ^(blog/.*)$ https://www.example.com/$1 [NC, R=301, L]
# Your proxy rule goes here, I suppose it looks like:
RewriteRule ^blog(/.*)$ http://www.externalblog.com$1 [NC, P]

.htaccess not redirecting web site to https

I am running Apache/2.2.15 on Centos 6.6 and am using a free certificate from StartCom. My home page file is /var/www/index.php so I create a file /var/www/.htaccess with the following content, as suggested here.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e. http://www.example.com/foo/ to https://www.example.com/foo/
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
However, entering
myWebSite.com
in the URL box brings up my site in http protocol. If I enter
https://myWebSite.com
instead, I get my site in https protocol. My goal is to get my site in https protocol by simply entering
myWebSite.com
and I cannot see why the .htaccess file is not effecting that.
It doesn't appear that your .htaccess file is being read. So make sure you have AllowOverride All in your config.
Also for your rules, I wouldn't use SERVER_NAME, that isn't always set and sometimes is not correct. I would either use HTTP_HOST variable or your actual domain name. You also should specificy 301 for your redirect because without it 302 is default. You want this to be a permanent redirect.
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !^on [OR]
# This checks to make sure the connection is not already HTTPS
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule ^/?(.*)$ https://example.com/$1 [R=301,L]
I also made it where it would remove the www since you don't show your are using it.

How to Re-Direct non WWW, non HTTPS to WWW, HTTPS without Multiple Re-Directs?

I hope you can help with this htaccess issue please? I basically have the htaccess rules working apart from in one scenario. This is the case where a user visits the site on a non HTTPS and non WWW links.
Re-Directs
User visits on http/non-WWW URL
User is redirected initially to the http/WWW URL
User is then redirected to https://www.website
You can see the behaviour here:
http://childrens-curtains.co.uk
All other scenarios work fine.
I want to try to remove the 2nd redirect from the sequence so it behaves like this:
User visits on http and is immediately redirected to the https/www version without the 2nd step (if that makes sense?)
The current scenario causes multiple re-directs, which I understand is a bad approach from an SEO perspective.
This is my htaccess redirect rule:
RewriteEngine On
# This will enable the Rewrite capabilities
RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [L,R=301]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# The leading slash is made optional so that this will work either in httpd.conf
# or .htaccess context
You can try this code keepin into .htaccess file.
To add www add following code.
RewriteCond %{HTTP_HOST} ^**domainname**\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domainname\.com$
RewriteRule ^index\.html$ "http\:\/\/www\.domainname\.com\/" [R=301,L]
To add http add following code.
RewriteCond %{HTTP_HOST} ^domainname.com [NC]
RewriteRule ^(.*)$ http://www.domainname.com/$1 [L,R=301]
Which will add both http as well as www to URL.
Thanks.

Limit access to subdirectory via specific SERVER_PORT using htaccess

I've been trying to limit access to a specific subdomain via the server port, e.g. it can only be accessed from subdomain.domain.com:8443 and no other ports.
I'm currently using hostgator for my webhost, and it's already been setup such that subdomain.domain.com points to the correct subdirectory.
Now in the htaccess file, I'm currently trying this:
Options +FollowSymLinks
RewriteEngine on
RewriteBase /subdomain
RewriteCond %{SERVER_PORT} !^8443$
RewriteRule ^ - [F]
RewriteCond %{SERVER_PORT} ^8443$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/subdomain/$1 [R=301,L]
As far as the blocking of other ports goes, it seems to work since accessing either subdomain.domain.com or www.domain.com/subdomain, I get a 403 forbidden page. But I can't get it to load the normal content correctly when I do access it via subdomain.domain.com:8443 or www.domain.com:8443/subdomain. Am I doing the rewrite conditions and rules correctly?
Thanks!
The R=301 tells the server to do a redirect, not a (silent) rewrite. So, when you load via 8443, the user is redirected to http://%{HTTP_HOST}/subdomain/$1 without the port 8443 specification and they are then blocked by the first rule. If you do a curl -I on subdomain.domain.com:8443 you should see the 301 redirect code rather than 200.
Remove the R=301 and remove the full domain specification in the final RewriteRule to leave:
RewriteRule ^(.*)$ subdomain/$1 [L]
This should do a silent rewrite of the content.

I want a user who made request from example.com to mydomain.example/domains to redirect to mydomain.com/userdomain

I want a user who made request from example.com to mydomain.example/domains to redirect to mydomain.example/userdomain. It is like implementing vanity URLs as per the user's domain name.
I know, we can do it using .htaccess redirect rules but don't know how to do.
I've EDITED the following code as best I can without a way to test it. It should get you close if it doesn't work.
RewriteCond %{HTTP_HOST} ^www.(.*)$ [NC]
RewriteRule ^/(.*) http://%1/$1 [R=301,L]
RewriteCond %{HTTP_HOST} ^(.*)$ [NC]
RewriteRule ^/(.*) mydomain.example/%1/$1 [L]
should do the trick. Can't test it quickly myself though. There are two key things to notice:
You gotta use HTTP_HOST in a RewriteCond to test the domain. Use %1 in the RewriteRule line to get the variable from the HTTP_HOST line in parentheses.
You also gotta redirect any requests to www to the non www with an R=301 permanent redirect first. It might be possible NOT to do this, but I'm not sure at the moment how to extract the non www part of the host regardless of its presence. The R=301 sends a redirect msg back to the browser for anyone who visits www.example.com. Then the browser will hit example.com and your second RewriteRule will match against it. Since its 301 (permanent) the browser will cache the redirect and always do the non-www for the user on its own.
If this doesn't work, compare to some other tutorials on URL redirection and also refer to this wonderful page:
http://httpd.apache.org/docs/2.2/rewrite/intro.html

Resources