I currently have 2 domains using the same httpdocs folder, what i need to do is to deny the access to the favicon when the request comes from one of my domains or simply redirect it to another favicon file.
I've been trying to solve this by editing the .htaccess file but i can't figure out how to make the RewriteRule to work.
Thank you very much
To deny access to the favicon.ico completely you can use a <Location> directive in your .htaccess file:
<Location /favicon.ico>
Order deny,allow
Deny from all
</Location>
If you wanted to redirect instead, you might do it this way:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^host1.domain.com$
RewriteRule ^favicon.ico /host1-favicon.ico
RewriteCond %{HTTP_HOST} ^host2.domain.com$
RewriteRule ^favicon.ico /host2-favicon.ico
Related
I want to restrict access to a file "test.txt" with .htaccess
The problem, I'm on a multisite and I want only one domain to access to the file eg. mydomain.com/test.txt
When other domain trying to access, it should denied them: otherdomain.com/test.txt
Multisite is sharing the same files but different db.
<Files "test.txt">
Order deny,allow
deny from all
allow from mydomain.com
</Files>
You may use this deny rewrite rule instead of allow/deny:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(?:www\.)?mydomain\.com$ [NC]
RewriteRule ^test\.txt$ - [NC,F]
Let me start by saying I am new to creating an htaccess file. I want to deny certain IPs from access to our site. I created this and I am looking for validation that this is correct. I know that there is no advanced redirect page within this as I am not sure how to accomplish that yet. I am more concerned that this snippet would work to block IPs. Thanks in advance for any and all help.
#.htaccess
DirectoryIndex index.htm
#deny list
order allow,deny
allow from all
deny from xxx.xxx.xxx.xxx
deny from yyy.yyy.yyy.yyy
Looks good to me, assuming you're on Apache 2.2 To block individual visitors, you can use the following directives:
Order Allow,Deny
Allow from all
Deny from 123.123.123.123
Instead of blocking visitors, you can redirect them to another location. Here's how to do it using Apache's mod_rewrite:
#<IfModule mod_rewrite.c>
RewriteCond %{REMOTE_ADDR} ^123\.123\.123\.123$
RewriteRule .* https://www.google.com [R=301,L]
#</IfModule>
See also: https://htaccessbook.com/block-ip-address/
Alternatively, try this to block a range if IPS (here 10.0.8.0-10.0.8.21:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^10\.0\.8\.(2[01]|[0-9][0-9]|[0-9])
#or RewriteCond %{HTTP_HOST} 12\.34\.56\.789
RewriteRule .* https://www.google.com [L,R=301]
If you are on Apache 2.4 this link from the htaccess book shows the differences between 2.2 and 2.4: https://htaccessbook.com/access-control-apache-2-4/
Trying to block directory access from everyone except 1 IP address. This .htaccess code blocks access but it blocks access to everything including images, css, etc. What do I need to change?
RewriteCond %{REMOTE_ADDR} !^XX\.XXX\.XX\.XXX$
RewriteRule ^hidedirectory(.*)$ http://site.com/ [R,L]
Anyone accessing mysite.com/hidedirectory except me should redirect to mysite.com. Is there a better, more secure way to do this including something like an http response code?
Better way is to do this in your .conf file:
<Directory /hidedirectory>
options -Indexes
Order Deny,Allow
Deny from all
Allow from XX.XXX.XX.XXX
</Directory>
This will deny everythig like your rewrite rules.
But since you want to allow access to images/css etc...
RewriteCond %{REMOTE_ADDR} !^XX\.XXX\.XX\.XXX$
RewriteCond %{REQUEST_URI} !\.(?:jpe?g|png|gif|css)$ [NC]
RewriteRule ^hidedirectory(.*)$ http://site.com/ [R,L]
Add any other extensions into (?:jpe?g|png|gif|css) suffixed by a |(or).
i want to use .htacess to block all domains to access my images folder.
this folder is only accessible by own domain only.
I think what you are looking for is some sort of hotlink protection in which case this in your .htaccess file should work:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Change yourdomain.com to whatever your domain is. Change the RewriteRule to include any file extensions you wish to block and then place the entire thing in a .htaccess file in the directory you wish to protect.
As described in this page of Apache docs, you can accomplish it with the following directives, replacing example\.com with your domain name (please remember to escape any dot characters from . to \.:
SetEnvIf Referer example\.com localreferer
<FilesMatch \.(jpe?g|png|gif)$>
Order deny,allow
Deny from all
Allow from env=localreferer
</FilesMatch>
I have got lots of ideas from google and stackoverflow- but none of those was exactly what i am looking for. here is scenario-
I have bought a hosting space from a provider. I had to provide a domain name(let abc.com) as the primary domain of that hosting space.
Then i have found that i have to put all the contents for that rimary domain(abc.com) into the document root directly. that is no directory like www/abc or www/abc.com.
Then I googled and found lots of .htaccess solution. I picked the following one-
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} abc.com
RewriteCond %{REQUEST_URI} !^/abc.com/(.*) [NC]
RewriteRule ^(.*)$ /abc.com/$1
I have just paste above lines at the end of the existing .htaccess file (default).
It was working fine. I have been using www/abc.com directory for my abc.com domain from then.
Recently I have added some subdomains (let xyz.abc.com) to my abc.com domain. But it is behaving strange with me. all subdomains are looking for its contents from abc.com/subdomain (eg. abc.com/xyz.abc.com)
This time i am getting no solution over google (i may missed it).
Someone help me please- i am in bad shape.
EDITED:
Following lines were in WebRoot .htaccess from the beginning. After that I have added additional lines as mentioned above(3,4)
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName abc.com
AuthUserFile /home/abc/public_html/_vti_pvt/service.pwd
AuthGroupFile /home/abc/public_html/_vti_pvt/service.grp\
EDITED AGAIN:
There are some other domains(except the main domain abc.com) in the same hosting space. Those domains have some working sub-domains. But sub-domain of main domain is not working as i explained above.
Change
RewriteCond %{HTTP_HOST} abc.com
to
RewriteCond %{HTTP_HOST} ^abc.com$
Now the rules do not match your subdomains anymore.
Update
# catch www.abc.com and abc.com (and wwwwwwwwwww.abc.com)
RewriteCond %{HTTP_HOST} ^(w+\.)?abc\.com$