I've got the follow problem.
I have a website and for the directories /members and /admin I have a .htaccess which forces these URLs to go to https://
All other URLs are forced to go to normal https://
Now, for /members which is https:// I have in the pages a reference to /js/script.js which in imported into the page, but ofcourse this directory /js is forced to normal http:// while the page is displayed in https://
Internet Explorer users are shown a popup if they want to view non-secure content in the secure page, if they click yes, it's ok. If they click no, then the javascript doesn't work.
The /js is used in the normal http:// website and also in the /members secure website. This also is the case for the /images directory
So i'm not sure how to solve this problem. Other than say that /js and /images can be https or http. But I have no clue on how to configure this in the htaccess file.
Any help would be much appreciated!
This is the htaccess file I use now :
#Turn SSL on everything, except members and admin
RewriteCond %{HTTPS} =off
RewriteCond %{REQUEST_URI} ^(/members|/admin)
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Turn SSL off everything, except members and admin
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^(/members|/admin)
RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
There are quite a few approaches. Here are just a few.
Number 1. Add this before your rules:
# do not do anything for js/css/image files
# (will affect ALL such files in ALL folders)
RewriteRule \.(css|js|jpe?g|gif|png|ico)$ - [L]
The rule above will leave protocol as is for ALL css/js/image files (anywhere on a site)
Number 2. Add this before your rules:
# do not do anything to any files in css/js/images folders
RewriteRule ^(css|js|images)/ - [L]
The rule above will leave protocol as is for ALL files in css/js/image folders (e.g. example.com/js/main.js, example.com/images/logo.png or even example.com/js/compress.php
If you want -- you can combine them into single rule (to be more specific) -- but that is unnecessary (from my point of view).
I faced the same issue an year back. Was able to arrive at a conclusion on my own finally.
Check out my question and answer htaccess (https to http)
In your images and js directories create their own .htacess file with the following in it:-
RewriteEngine off
This will turn off writes for all files in that folder.
In your html do not specify the domain on the links so do /js/myscript.js instead of http://mydomain.com/js/myscript.js this way it will just inherit the same protocol as the page they are viewing it on.
Related
I have a Detroit iOS & Android Mobile App Development website that only has one web page : index.html.
The source code of the site is here.
Instead of showing a 404 error page, I want to redirect the user to thefirstprototype.com if they try to go anywhere else or try to put anything after.
For eg:
mail.thefirstprototype.com takes the user to just thefirstprototype.com
thefirstprototype.com/mail takes the user to just thefirstprototype.com
I know it's possible to do it using a .htaccess in the root folder, but I am just not sure how. There are a lot of tutorials showing how to do it between different domains, but nothing to my specific case. How do I do it?
Thanks
Edit1: Please note that I am not using any CMS like Wordpress. I am just plain FTP to push a static HTML, CSS, JS webpage to the hosting server
Try the following:
DirectoryIndex index.html
RewriteEngine On
# Redirect non-canonical hostnames (eg. mail)
RewriteCond %{HTTP_HOST} !^example\.com$
RewriteRule ^ http://example.com/ [R=302,L]
# Redirect 404 to root
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . / [R=302,L]
However, whether this catches requests for the mail. subdomain will depend on whether that subdomain points to the same place as your main domain. (For cPanel shared hosting, that is not necessarily the case.)
Change the 302 (temporary) redirect to 301 only once you have tested that this works OK - to avoid potential caching issues associated with 301 (permanent) redirects.
As an added bonus, you could redirect any direct requests for index.html back to the root. For example, add the following between the above two rule blocks:
# Remove "index.html" if requested directly
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index\.html$ / [R=302,L]
The condition that checks against the REDIRECT_STATUS environment variable is to ensure we don't get a redirect-loop since mod_dir internally rewrites the request to index.html.
I am very new to the idea of .htaccess and thought that it was what you used to do something like turn this:
http://www.domain.com/some/ugly/url/here.html
into this:
http://www.domain.com/niceurl
I was just told by my ISP that in order to get that to happen, no, it's done by putting the document into the web root folder. That .htaccess isn't used at all.
Does anyone know if this is true? I see a lot of examples about what .htaccess DOES but not so much about what it can't do. Somehow I thought this was all that was needed.
Lastly, if someone types in www.domain.com/niceurl what will happen? Don't I need to have that linked (if not by htaccess, how?!) to the location of the actual file?
Thank you for any and all help. I realize that .htaccess questions abound but they're hard to pick through for the layperson and I'm hoping to answer this specific question.
Here's what I believe should be an answer you want, put the block below to your .htaccess
Answer:
## Enabling Apache's Mod_rewrite module.
RewriteEngine On
# Following line is required if your webserver's URL is not directly related to physical file paths (just / for root, e.g. www.domain.com/)
RewriteBase /
# Restricts rewriting URLs only to paths that do not actually exists
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
# Redirect www.domain.com/bar to www.domain.com/foo
Redirect 301 /bar /foo
# Internally load the long URL without changing URL in address bar
RewriteRule ^foo/?$ http://www.domain.com/some/ugly/long/thing/here.html [L,NC]
As a result, www.domain.com/bar will be redirected to www.domain.com/foo and /foo will internally load http://www.domain.com/some/ugly/long/thing/here.html
FYI:
Your website's URL doesn't have to be directly related to physical file paths. Your URL's segment can be served as alias to your URL's parameters. for e.g,
http://www.domain.com/index.php?key1=value1&key2=value2
can be represented as
http://www.domain.com/value1/value2
Note: you need to implement a server side script to be served as a
router to manipulate the URL segments.
For more information about using .htaccess, check this out
Ref: http://htaccess-guide.com/
.htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer. These facilities include basic redirect functionality, for instance if a 404 file not found error occurs, or for more advanced functions such as content password protection or image hot link prevention.
Below is a few examples,
# Custom Error Pages for Better SEO,
# for e.g, to handle 404 file not found error
ErrorDocument 404 http://www.domain.com/404page.html
# Deny visitors by IP address
order allow,deny
deny from 122.248.102.86
deny from 188.40.112.210
allow from all
# Redirects
Redirect 302 /en/my-dir/my-page.html /en/my-path/example.html
# Disallow some silly bots from crawling your sites
RewriteCond %{HTTP_USER_AGENT} (?i)^.*(BlackWidow|Bot\\ mailto:craftbot#yahoo.com|ChinaClaw|Custo|DISCo|Download\\ Demon|eCatch|EirGrabber|EmailSiphon|EmailWolf|Express\\ WebPictures|ExtractorPro|EyeNetIE|FlashGet|GetRight|GetWeb!|Go!Zilla|Go-Ahead-Got-It|GrabNet).*$
RewriteRule .* - [R=403,L]
# Setting server timezone
SetEnv TZ America/Los_Angeles
# trailing slash enforcement,
# e.g, http://www.domain.com/niceurl to http://www.domain.com/niceurl/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !#
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ http://www.domain.com/$1/ [L,R=301]
Enable mod_rewrite and .htaccess through httpd.conf (if not already enabled) and then You can use this code in your DOCUMENT_ROOT/.htaccess file:
RewriteEngine On
RewriteRule ^niceurl/?$ some/ugly/url/here.html [L,NC]
This will allow you to use http://domain.com/niceurl in your browser and it will internally load http://domain.com/some/ugly/url/here.html without changing URL in browser.
If you also want to force redirection from ugly URL to pretty URL then add this redirect rule just below RewriteEngine On line:
RewriteCond %{THE_REQUEST} \s/+some/ugly/url/here\.html [NC]
RewriteRule ^ /niceurl [R=302,L,NE]
The wordpress site I'm working on got moved into a subdirectory therefore all the links from other sites don't work anymore. I implemented a 301 redirect with .htaccess which is great because it fixes that problem BUT the old root directory now has an index.html that has landing page my client absolutely wants to be seen.
So, how can I set up my .htaccess to redirect all traffic into the sub directory (to fix the incoming links) EXCEPT the index.html in the root directory because it has the landing page.
I don't know how htaccess works well but this is what I have right now.
Order deny,allow
ErrorDocument 404 /404.php
DirectoryIndex index.php index.html
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/$ [OR]
RewriteRule ^.*$ http://example.com/portal/$0 [R=301,L]
Thanks!!
Edit for clarification:
Right now EVERYTHING redirects from the root to the subdirectory. I want everything to redirect except for index.html in the root directory. If the user requests just the domain name (http://example.com) without specifying a page, I also want him/her to be served up the index.html page in the root directory.
The following code does what you are asking for: "if the request does not match either index.php or index.html or "/" (i.e. nothing) (and the match is not case sensitive) then serve up the alternate location"
Order deny,allow
ErrorDocument 404 /404.php
DirectoryIndex index.php index.html
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/index\.(php|html) [NC]
RewriteCond %{REQUEST_URI} !^/$ {NC]
RewriteRule ^.*$ http://example.com/portal/$0 [R=301,L]
I have tested this using the excellent online testing tool http://htaccess.madewithlove.be
Using the following test cases:
http://example.com -- no rewrite, second condition not met
http://example.com/ -- ditto
http://example.com/index.html -- first condition not met
http://example.com/index.php -- first condition not met
http://example.com/some/page.html -- rewritten as http://example.com/portal/some/page.html
EDIT You said that this still didn't work quite as expected; so I brought out the big guns. By turning on "maximum logging" of everything that the rewrite engine does with the directives
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 9
(pick any path you want, obviously), then looking at the end of the logfile in a terminal window with
tail -f /var/log/apache2/rewrite.log
You can quickly see where things are not working quite right. A bit of fiddling led me to the following code. It says "if the requested URI is just /index.html or /index.php, or if it starts with /portal, or if it is blank, then don't redirect.
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/index\.(php|html) [NC]
RewriteCond %{REQUEST_URI} !^/portal.*$ [NC]
RewriteCond %{REQUEST_URI} !^/$ [NC]
RewriteRule ^(.*)$ http://example.com/portal$0 [R=301,L]
The test cases worked for me - see if they work for you!
NOTE: I made these changes in the httpd.conf file, not in the .htaccess file of the root directory. You need to be careful to make it so the .htaccess file in the root directory is even read - the default Apache configuration has an Override none for that directory, so some extra work is needed. By putting this configuration change in the httpd.conf file (and issuing a sudo apachectl restart command) you avoid the difficulty. Depending on who is hosting your website, and what control you have, that may not be an option for you. There may come a point where the experts for this problem can be found on superuser.com rather than SO... but I'm hopeful this does the trick for you.
My very dear Stackoverflow community,
I have the following redirection problem and after several unsuccessful attempts I come here in search of enlightenment. My problem is the following. I have a domain, let's call it 'www.mydomain.com', and my 'public_html' directory has two folders as follows:
public_html
public_html/my_app/
public_html/my_other_app/
First, I would like that when typing the URL 'www.mydomain.com', I get redirected to the contents of folder 'my_app', while keeping the same URL. In fact this I have already accomplished, so whenever I type 'www.mydomain.com' I get redirected to 'www.mydomain.com/index.php', which actually corresponds to the 'public_html/myapp/index.php' script under 'myapp'.
Now I want to have a subdomain called 'other.mydomain.com', which has to redirect to contents of the 'my_other_app' folder, but I do not know how to make .htaccess work for this and at the same time work for the first case also.
So this is basically, the main domain redirects to one folder, and a subdomain redirects to another folder, and both folders are located under the public_html directory
Any hints more than welcome.
For your reference I post below my current .htaccess file:
RewriteEngine On
# redirect to www prefix
RewriteCond %{HTTP_HOST} ^mydomain\.com$ [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]
# if start with www and no https then redirect
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www.mydomain\.com$ [NC]
RewriteRule ^(.*)$ https://www.mydomain.com/$1 [R=301,L]
# rewrite URL to trim folder
RewriteCond %{REQUEST_URI} !^/test/
RewriteRule ^$ /login [L,R=301]
RewriteRule ^(.*)$ test/$1 [L]
This actually works for my main domain, it also rewrites the url to https. I need to add something in here in order to process separately the 'other.mydomain.com' and redirect to the '/my_other_app/' subfolder
what you need is a vhost (virtual host) per app. In the vhost, you will define the vhosts root directory, which will point to either of your sub directories.
There is IP based vhosts (one IP address per subdomain) or name based vhosts (the vhost is chosen based on the HTTP host header that all modern browser send).
But there is too much to say about vhosts to write it all here, just read the apache documentation here:
http://httpd.apache.org/docs/2.2/vhosts/
I think with pure .htaccess files, you can't do that (I might be wrong). Normally you would add vhosts in the main apache config. Based on your hosting, this may not be possible. Talk to you hosting provider in that case.
Marc
If I redirect “/index.html” to “/”, will this allow browsing of my website because it no longer has a page titled “/index.html” or does the page it is redirected to (www.sample.com/) still serve as the index (default) page, thus preventing the directories from being exposed? The web server won't let you browse through directories if you have an index page, but does the redirection still maintain the index page, but just not show it in the URL?
I want to know before I make this change rather than just experimenting. I just have one domain on the server and was going to use one of the following scripts in my .htaccess file as suggested by others:
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html\ HTTP/
RewriteRule ^(([^/]+/)*)index\.html$ http://www.sample.com/$1 [R=301,L]
or
RewriteCond %{THE_REQUEST} ^.*/index.html
RewriteRule ^(.*)index.html$ http://www.sample.com/$1 [R=301,L]
Any ideas or comments are appreciated.
try to change the index.html to index.php, and just redirect it to www.sample.com
Option Indexes in apache is responsible for browsing files and directories on the website.
Write Options -Indexes to .htaccess and it will forbid such exposing.