I would like to add a IP restriction based on the URL in my htaccess file.
This way I can keep my .htaccess file inside my git repo and use the development branch for dev.domain.com and the master branch for the live website on www.domain.com.
I need 1 htaccess since the dev site is a replica of the live site. On the dev site I'd like to have IP restriction. So I need 1 htaccess that looks similar on both environments, but the behaviour of restriction only kicks in on the dev uri.
How can I achieve this?
Thanks in advance.
order deny,allow
allow from 31.24.232.0/21
allow from 127.0.0.0/20
allow from 192.168.0.0/20
deny from all
you can put this in .htaccess at document root of your subdomain. but remember to change IPs.
That is why I am looking to have 1 htaccess file which contains a 'switch' to turn on restriction based on the visiting URI.
I've been looking for the same thing for a while, but it doesn't seem to be practically possible. Apache's configuration language knows some conditional blocks, but none to do this as far as I can see.
What I have often ended up doing is specifying two different AccessFileName properties on the dev and the production server. For example, on the dev server, I would set
AccessFileName .htaccess.local
the dev server rules would then go into .htaccess.local, and the production server ones into ? htaccess.
Related
I just rebuilt my site to be responsive with Gantry 5 and Joomla. built in inmotion hosting server. moved it into a sub domain on my real sites server, www.umiultrasound.com/new. when i try to access the site to test it redirects to www.umiultrasound.com.
I have discussed this with my host, they say i have a wildcard redirect- i don't. they say to check my .htaccess file. i did but i do not see where i am redirecting / or www.mysite.com to itself.
they then recommended that i read one of your forum results. the one they sent didn't apply to me. hoping you can help
Check for any RewriteBase command in .htaccess. You could also temporarily copy the standard htaccess.txt over .htaccess to see if this makes any difference (backup .htaccess to .htaccess.old or similar first).
Also check your configuration.php file to see if the live_site parameter has been set.
While our new website is under development we want to allow a small user base to look at the new site and get feedback. Our current site www.sitea.com will remain functional and available but we want them to visit www.sitea.com/v2 and have the browser maintain the url www.sitea.com/v2 but show the contents of the new site www.siteb.com is this possible?
Preferably this would be done with an .htaccess file if possible I am open to other suggestions though.
Maybe, you can use ProxyPass for this
This directive allows remote servers to be mapped into the space of the local server.
I haven't used this myself, but something like this might work
<Location "/v2/">
ProxyPass "http://www.siteb.com/"
</Location>
Unfortunately, this cannot be used in a .htaccess file. The Context lists only
Context: server config, virtual host, directory
See the manual for details.
I have OpenRefine (a webapp hosted by jetty) running on:
http://127.0.0.1:3333
Which looks like this:
Everything works perfectly.
Now I would like to tunnel this through Apache2 (for security and renaming reasons), so I changed my http.conf file and modified it like this:
ProxyPass /refine http://127.0.0.1:3333
ProxyPassReverse /refine http://127.0.0.1:3333
Now if I try to open the page through the proxy this is what I see:
It looks like all the dynamic content is not working properly. How can I solve this?
Notes:
I made sure mod_proxy is updated and working. Tested with other webapps from Tomcat.
You can use mod_proxy with OpenRefine without using virtual hosts.
I needed to do this exact same thing today. I have an SSL portal through which users must authenticate with some complicated PKI and LDAP tracking, and I need OpenRefine to be hosted behind this because of some data which it has access to. The answers to this problem given in this thread and elsewhere simply weren't acceptable, so I went through the source code expected to patch this behavior in--but I didn't have to!
I noticed that because OpenRefine runs out of a WEB-INF directory, it probably is probably built as a typical java web app. And sure enough, when I looked for how the context was being set on the server, I found this in Refine.java:
final String contextPath = Configurations.get("refine.context_path","/");
So this is what you do:
NOTE: StackOverflow won't let me write things that look like URLs because I don't have any reputation here. So when you read http:\, that really means http://.
1) In refine.ini, make sure that JAVA_OPTIONS includes "-Drefine.context_path=/refine". (It should go without saying that you changed refine.host to 0.0.0.0 instead of 127.0.0.1 and you also set refine.headless=true.) When you restart OpenRefine now, you'll access it at http:\your.refine.server:3333/refine (obviously put your server hostname in that url).
2) Now, for a simple example, we will make https:\your.apache.server/refine proxy to http:\your.refine.server:3333/refine .
In one of your httpd config files (maybe make a openrefine.conf in /etc/httpd/conf.d) put the following lines after enabling mod_proxy:
ProxyPass /refine http:\\your.refine.server:3333/refine
ProxyPassReverse /refine http:\\your.refine.server:3333/refine
The difference here is that OpenRefine is kept out of the global context, so the root of the application can be proxied. OpenRefine makes requests for resources with an absolute path, based upon how the context is set. So if you don't do this, OpenRefine will make javascript files which fall outside your proxy location, as everyone else on this thread was experiencing previously,
In real life, you might want to have mod_proxy use a load balancer over multiple OpenRefine instances and you might want to put some logic about which users are allowed to use this proxy tunnel.
Hope this helps someone else!
I also recommend that you review the undocumented Refine server properties which are also in Refine.java.
You changed the app location from http://your.server:3333/ to http://your.server/refine
You can see that a link with, for example, href="/resource.css" would no longer be valid since that resource has now moved to "/refine/resource.css". I think if you go digging through the HTML source you will find dozens of these links with absolute paths.
This configuration will break any absolute path references. The complicated way to resolve this issue is called URL rewriting, and there are in-depth tutorials for how to set up Mod-Proxy and Reverse with URL rewriting. It is complicated to explain, and easy to do wrong; instead add a VirtualHost so that absolute path links don't need rewriting.
<VirtualHost *>
ServerName refine
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:3333/
ProxyPassReverse / http://127.0.0.1:3333/
<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
It's unlikely that you're going to find any absolute links to localhost:3333 so this will probably work for you. Change your /etc/hosts so that refine resolves to 127.0.0.1 and you'll be golden. You can now use refine with no problem from http://refine/.
127.0.0.1 localhost refine
If you're trying to enable access from outside hosts, a slightly more complicated setup will involve a new DNS record and should be easy to imagine from here.
i have a site like twitter.com on server one and on server two i have forum, which path is like domain.com/forum
on server one i wanted to implement wild card dns and put main domain on it. but on server two i wanted to keep forum separate, i cant give sub-domain forum.domain.com, because all its links are already put in search engines and link back to domain.com/forum.
so i was wondering, how can i put domain and wild card dns on server one and still able to give path on server 2 for domain.com/forum (as sub-folder).
any ideas?
do you think htaccess can do that job? if yes, then how?
You could use htaccess and mod_rewrite so domain.com/forum actually displays pages from forum.domain.com.
Maybe something like this:
Options +FollowSymLinks
RewriteEngine on
RewriteRule domain.com/forum/(.+) forum.domain.com/$1
Easy - use a proxy! If you like apache you will love apache mod_proxy for your purpose.
<VirtualHost *:80>
ServerName maindomain.com
ServerAlias *.maindomain.com
# insert document root and general settings for this domain here
# ...
ProxyPass /forum http://forumdomain.com
ProxyPassReverse /forum http://forumdomain.com
ProxyPassReverseCookieDomain forumdomain.com maindomain.com
</VirtualHost>
This configuration makes apache do a HTTP-request to your internal domain (forumdomain.com) without notifiying the users browser of the internal location. Your Forum will be accessable at http://*.yourdomain.com/forum. Cookies and headers the forum sents will get rewritten accordingly and Search-engines will not take notice of your backend-server.
You can read more about it at http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
Should you need to rewrite reference sin your html (href, src ...) you might google on "mod_proxy_html".
A solution like this could of course be build with other intelligent proxyservers like squid as well. You can use it to map any content from "backend servers" to your public domain.
Make sure routing is OK or set up a host-entry for your internal domain (forumdomain) with a internet ip-addresse 192.168 ...
Enjoy your site and give feedback how worked out :)
p.s.: a "RewriteRule" directive can potentially do the same thing for you but the rdirect will be visible (and executed) by the client unless you specify the "P", foricng it to do an internal proxy request. If available I would prefer the mod_proxy though as it is more versatile and allows for more configuration.
If you use a proxy on server 1 pointing to server2, you will increase the load on server 1, since all traffic will be routed through it. Besides, if server 1 goes down, nobody will be able to reach server 2 either. Of course it is possible though, but these things are to be considered.
I would suggest setting up a supdomain for server 2 anyway, like forum.domain.com, and on server 1 you set up a 301 redirect from domain.com/forum to forum.domain.com using mod_rewrite from htaccess. Using that technique, you can even redirect calls to specific links to their corresponding page on server 2. Search engines will follow the 301 and they will eventually update the index.
You can use a 301 redirect to make sure the search engine update their index with your new urls like so:
RewriteRule domain.com/forum/(.*) http://forum.domain.com/$1 [R=301,L]
If you've got two servers you don't really have much choice but to use a redirect (ideally a 301 Permanent redirect) to move users from domain.com/forum to forum.domain.com.
The only other way to do it would be to put a reverse proxy in front of those two servers, which reads the URL and internally directs the query to the right server, but that's then an extra piece of hardware.
LEt's say I want to have a subfolder called- http://www.foo.com/news/ but I actually want that news folder on a different server. I realize it can be done easily with subdomains, but I was really hoping for the subfolder thing.
Is it possible? How?
The only real way to it is with a reverse proxy ( Or a webserver acting as a reverse proxy ) between you and the outside world that knows what IP address each folder is in.
Its not possible to just make something, for example have google.com appear at http://foobar.com/google/ because the browser won't route to the IP address ( lack of information ).
You can fake that effect with a fullpage IFrame or Other frameset system, but that's rather dodgy.
If you are using apache, you can set this up with mod_proxy. More details can be found here:
Mod_Proxy(1.3) Manual
Mod_Proxy(2.0) Manual
Apache Tutor.org guide
For Apache the following entries in httpd.conf are needed:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
ProxyPass /news http://newsserver.domain.com/news
ProxyPassreverse / http://newsserver.domain.com/
Yes, there is a setting in IIS which lets you point a subfolder to a different site. So make the sub folder a virtual directory on your site, and then in the properties of the virtual directory choose the option for 'A redirection to a URL'... in it specify your other site.
Of course, this is assuming your are using IIS. There should be something similar available to use in whatever web server you are using.
It can't be done with DNS because the domain name is only the *.example.com of the address.
It can be done by configuring a proxy on your www machine to pass all requests for /news to another server. It's very easy to do with apache but I don't remember all the details at this moment.
DNS resolution happens at the domain level. DNS doesn't have any knowledge of URLs or folders so your name will always point to the same server. You can make that server actually retrieve the information from another one or redirect to another one but that's not very satisfactory I'd say.