There is something strange going on. I am using Zend Framework on a subfolder in a site. I have a modular structure to my website, so the links consist of module names (www.xx.com/modulename). I have created a .htaccess file for the root dir, so that all of the requests would be routed to the public dir.
When i try to access the homepage ( www.xx.com) or any module it all goes exactly as it should. www.xx.com/authentication, www.xx.com/sample or www.xx.com/deathmetalreallyrox are all working as they should. But when I try to connect to www.xx.com/admin, it crashes and BURNS!!!! It does work however with www.xx.com/public/admin/.
Could it be, that my Hosting provider has set up some sort of rule in the httpd.conf to prevent me from accessing the admin section in my hosting?
Here's my .htaccess:
SetEnv APPLICATION_ENV development
RewriteRule ^(browse|config).* - [L]
ErrorDocument 500 /error-docs/500.shtml
SetEnv CACHE_OFFSET 2678400
SetEnv APP_DOMAIN http://www.xx.com/public
SetEnv APP_PREF /public
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Fri, 25 Sep 2037 19:30:32 GMT"
Header unset ETag
FileETag None
</FilesMatch>
RewriteEngine On
RewriteRule ^(adm|statistics) - [L]
RewriteRule ^admin/(.*) public/admin/$1
RewriteRule ^(.*)$ public/$1 [L]
Help?
EDIT:
Browser error msg:
Not Found
The requested URL /admin/ was not found on this server.
You redirect anything starting with admin/ to public/admin/ first and then everything to public/whatever. So when you request /admin/, it's trying to give you /public/public/admin/, which doesn't exist, so you get a 404.
Try removing the line RewriteRule ^admin/(.*) public/admin/$1. It's already handled by the next line, and you don't want to do it twice.
It turned out, that the server was somehow configured wrongly.
As I do not have the total control over the server, I couldn't know, that there was a rule in the httpd.conf, that denied access to any folder named admin or administrator, so that when I tried to get the contents of a folder by this name, Apache first checked, if a folder by this name existed, and denied it by default.
So, the concise answer, the server was configured wrongly, didn't allow access to specific folders.
Related
I have a WordPress website (mywebsite.com) running on a shared hosting server. Alongside, I made a node.js app running in the backend on port 3000, which has been programmed to have different API endpoints.
I would like to have the endpoints to be in the same domain as the website in specific URLs.
The main endpoint, which has been declared in the node.js selector environment, works just fine. Let's call it mywebsite.com/myapp.
The other endpoints (which have been declared in the express routes) work correctly outside the website environment but are instead caught by apache/wordpress if I try to access them on the same domain even as sub-uri.
For example, if I try to access mywebsite.com/secondendpoint or mywebsite.com/myapp/thirdendpoint, the request gets caught by Wordpress which loads the 404 page.
Now, I understand that I have to instruct the apache server to redirect the requests to the above mentioned URL to the node.js app.
As long as I don't have access to the apache server, the only choice I have to tweak the .htaccess files.
When I created the node.js app, the virtual environment has been automatically set through a .htaccess file in its own subfolder in my website public folder, where my whole website is: /public_html/myapp . It uses Phusion Passenger to handle the virtual environment the app is running in.
# DO NOT REMOVE. CLOUDLINUX PASSENGER CONFIGURATION BEGIN
PassengerAppRoot "/home/user/apps/myapp"
PassengerBaseURI "/myapp"
PassengerNodejs "/home/user/nodevenv/apps/myapp/12/bin/node"
PassengerAppType node
PassengerStartupFile app.js
PassengerAppLogFile "/home/user/logs/myapp.log"
# DO NOT REMOVE. CLOUDLINUX PASSENGER CONFIGURATION END
The above code works just fine. I tried to add an Alias as suggested in some tutorial:
# DO NOT REMOVE OR MODIFY. CLOUDLINUX ENV VARS CONFIGURATION BEGIN
<IfModule Litespeed>
SetEnv Alias /secondendpoint /apps/secondendpoint
</IfModule>
# DO NOT REMOVE OR MODIFY. CLOUDLINUX ENV VARS CONFIGURATION END
In the root of /public_html/ I have the following .htaccess file
# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^/secondendpoint/(.*)?$ http://127.0.0.1:3000/secondendpoint/$1 [P,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
No matter what I try, when I try to access mywebsite.com/secondendpoint, I always get the Wordpress 404 message.
What am I doing wrong?
I even tried to create a subfolder in /public_html/secondendpoint which actually does proxy the traffic, but I feel like this is not the right way to do it.
So, after a week of attempts, I found out that the syntax of the RewriteRule was indeed wrong for what I was trying to achieve.
RewriteRule ^/secondendpoint/(.*)?$ http://127.0.0.1:3000/secondendpoint/$1 [P,L]
The correct syntax is
RewriteRule ^secondendpoint(.*)$ http://127.0.0.1:3000/secondendpoint/$1 [P,L]
As shown in the comment of the .htaccess file "should only be modified via WordPress filters".
In fact is does automatically overwrites the rules I wrote every time it updates.
The right way to do it would be tweaking the internal WordPress WP_Rewrite
which I'm still trying to understand.
My best attempt has been adding to functions.php of my theme these lines:
function wpd_wtf_rewrite_rule() {
add_rewrite_rule(
'secondendpoint(.*)$',
'http://127.0.0.1:3000/secondendpoint$1',
'top'
);
}
add_action( 'init', 'wpd_wtf_rewrite_rule' );
These lines are being translated in
RewriteRule ^secondendpoint(.*)$ /http://127.0.0.1:3000/secondendpoint$1 [QSA,L]
and updated into the .htaccess file.
The slash in front of the target is an issue I don't know how to fix.
However, the generated .htaccess string does not proxy the requests resulting in errors from the API.
Magento forgotpassword.phtml page uses
js/index.php/x.js?f=prototype/prototype.js,prototype/validation.js,mage/adminhtml/events.js,mage/adminhtml/form.js,scriptaculous/effects.js
and this returns custom Magento template 404 error page.
Apparently js/index.php script is supposed to concatenate provided scripts (for optimization purpose) and return virtual x.js file which physically does not exist on the server.
But in my case this does not work. For testing purpose at the beginning of js/index.php I added logging some info to a file. When I invoke js/index.php an entry is added to the script. When I invoke js/index.php/x.js nothing is logged meaning that control is never passed to js/index.php.
Browsing internet I found information that using nginx for static files can introduce the problem, but I turned nginx off in my hosting settings. Admin of my hosting claims that this works in case of everybody's else Magento installations on that server whether nginx is turned on or off.
How can I troubleshoot the problem? What should I look for? Can something in the .htacces be blamed for it? Would the fact that my Magento installation is located in subfolder contribute to this problem somehow?
Finally I found the root cause of the problem. Since I have a multi Website Magento setup I need to add extra entries to my Magento .htaccess setting environment variables based on which right website is selected to be shown in the frontend. I used a template proposed on several internet articles. It goes like this:
RewriteCond %{HTTP_HOST} ^domain1$
RewriteRule (.*) $1 [E=MAGE_RUN_CODE:domain1]
RewriteRule (.*) $1 [E=MAGE_RUN_TYPE:website]
RewriteCond %{HTTP_HOST} ^domain2$
RewriteRule (.*) $1 [E=MAGE_RUN_CODE:domain2]
RewriteRule (.*) $1 [E=MAGE_RUN_TYPE:website]
The issue went away when I used another solution (which however may be not supporter by some servers):
SetEnvIf Host ^domain1$ MAGE_RUN_CODE=domain1
SetEnvIf Host ^domain1$ MAGE_RUN_TYPE=website
SetEnvIf Host ^domain2$ MAGE_RUN_CODE=domain1
SetEnvIf Host ^domain2$ MAGE_RUN_TYPE=website
I have got a contact form on my website with file attachment as well, that has been restricted only to pictures. Although if I type in example.com/uploads/ all the files are accessible by anyone. Is htaccess the best way to hide it? Also how could I do that in a safe manner, without messing up the contact form?
I have tried this, but it blocks the whole website
deny from all
<Files ~ “^w+.(gif|jpe?g|png)$”>
order deny,allow
allow from all
</Files>
if I type in example.com/uploads/ all the files are accessible
You mean you get a directory listing? This can be disabled in .htaccess:
Options -Indexes
To actively block all HTTP requests for files in the /uploads directory (since you state in comments that these are only ever accessed over FTP) then all you need is (in your root .htaccess file):
RewriteEngine On
RewriteRule ^uploads - [F]
This will respond with a 403 Forbidden for all requests that start /uploads.
Just to block access to example.com/uploads/ you can place this rule in /uploads/.htaccess:
RewriteEngine On
RewriteRule ^/?$ - [F]
I need to rewrite all address on my website to something like this :
http://domain.com/toto/myPage
http://domain.com/myPage
The problem is that when I modify my .htaccess to automatically add a prefix in all path, symfony (2) don't handle it and all routes end up to a 404 ...
How can I edit my .htaccess to modify the REQUEST_URI ?
This don't work :
<IfModule mod_rewrite.c>
# Rewrite all other queries to the front controller.
RewriteRule .? %{ENV:BASE}/app.php/toto [L]
</IfModule>
Thanks
We found a workaround (so the question is still valid).
But for industrialisation, we create a file
app/config/routing.yml.dist
containing all main bundle route declaration, and we removed the routing.yml from build.
So we just have to copy the sources for each domain, and edit the routing.yml file to remove ou change the prefix on the needed bundles.
This way we can continue to share the database.
But I'm still curious to how to do it with a .htaccess file.
I have my .htaccess file working in localhost. But its not working if i upload it in server. It throws me 404 error.
I am using Parallel Plesk 11.0.9 and i can't find conf file for the same on that. If anyone has any idea how to fix it or any workaround for url rewriting would be great help.
Anyway here's the code in htaccess:
RewriteEngine on
RewriteRule ^store/living/Hutches-Armoires-Side-tables-Coffee-tables-Entertainment-centers? store.php?store=Living
RewriteRule ^store/dining/sideboards-buffets-chairs-benches-Dining-table$ store.php?store=Dining
RewriteRule ^store/working/Bookshelves-Study-tables$ store.php?store=Working
RewriteRule ^store/accessories/Boxes-Photo-Frames-Mirror-Frames-Block-Stamps-and-Book-stands$ store.php?store=Accessories
RewriteRule ^store/hallway/Console-tables-Armoires$ store.php?store=Hallway
RewriteRule ^store/sleeping/Bed-Frames-Night-Stands-Dressers-Mirror-framesBed-Linens-Canopies-Curtains$ store.php?store=Sleeping
You may need to wrap your rewrite rules with:
<IfModule mod_rewrite.c>
...
</IfModule>
...probably a good idea anyway.
Or you could try putting your rules into a vhost.conf file in the conf directory immediately below the location of your httpdocs directory. For example on a Centos machine the web root might be
/var/www/vhosts/domain.com/httpdocs
and you should have a:
/var/www/vhosts/domain.com/conf
directory, this will contain a set of pregenerated Apache config files that Plesk creates. If there isn't already create a vhost.conf and add your rules between a set of
<Directory /var/www/vhosts/domain.com/httpdocs/ >
... your rules ...
</Directory>
Once you've created the vhost.conf file you will need to tell plesk about it with
/usr/local/psa/admin/sbin/httpdmng --reconfigure-domain domain.com
If you still can't get it to work you can add a log for mod_rewrite, see this relevant SO answer for details
Is your Plesk running IIS and supporting PHP via FastCGI or ISAPI? If that is the case, check whether URL Rewrite is installed and follow this guide to translate htaccess (for apache) into web.config (for IIS)