Rewrite path before processing directory? - .htaccess

I'm having a small problem with my htaccess files. Currently, it redirects everything back to index.php for processing, except when someone tries to access an actual directory. When the directory exists, it displays the 403 error page instead of rewriting the path to index.php like it's supposed too. What can I modify to make it always go to index.php when the files are accessed via the internet, but still load the correct files in PHP on the server?
Options -Indexes +FollowSymLinks
RewriteEngine On
RewriteBase /
ErrorDocument 403 /index.php?403
ErrorDocument 404 /index.php?404
ErrorDocument 414 /index.php?414
RewriteCond %{HTTP_HOST} !^$ [NC]
RewriteRule !^(.*) index.php [L]
Sample file structure:
Web Directory
- com
- source
- index.php
- TEST.HTML
The folders such as 'com' and source' will display the 403 because the user doesn't have access to them. The files such as 'index.php' and 'TEST.HTML' execute normally. I want my htaccess to redirect everything in the Web Directory folder back to the index.php file, no matter what.

I think you want this instead:
Options -Indexes +FollowSymLinks
RewriteEngine On
RewriteBase /
ErrorDocument 403 /index.php?403
ErrorDocument 404 /index.php?404
ErrorDocument 414 /index.php?414
RewriteCond %{REQUEST_URI} !^/index.php
RewriteRule .* index.php [L]
This was on the assumption that you didn't want to be able to access TEST.HTML directly and didn't want to change the URL in the user's browser. If either of those assumptions were wrong, let me know and I'll update the answer with the appropriate rewrite information.

Related

URL changes when using ErrorDocument 403 in .htaccess

I have written a .htaccess file to make sure that visitors are always redirected to https and to www. In addition to that I have also added a custom html page for 404 errors.
When visitors try to access a forbidden file I want them to see my custom 404 message, as to not reveal that the path contains a forbidden file.
Here is the problem. When writing for example "example-domain.com/.htaccess" (no www or https) in the browser, the URL in the address field in the browser changes to "https://www.example-domain.com/missing.html". But I want it to say "https://www.example-domain.com/.htaccess" while displaying my 404 page.
It works for 404 errors. But when typing in a path in the address field which both triggers the 403 error and fulfill at least one of the rewrite conditions in my .htaccess file (missing https and/or www) I experience the above described problem.
Here is the code in the .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} ^example-domain.com [NC]
RewriteRule ^(.*)$ https://www.example-domain.com/$1 [L,R=301,NC]
ErrorDocument 403 /missing.html
ErrorDocument 404 /missing.html
Best regards

htaccess redirect empty uri instead of directory listing

If I just do Options -Indexes
localhost/subdir/ would give me 500 error.
But I want to redirect it to https://github.com/miranda-zhang/cloud-computing-schema
Something like
RewriteRule ^$ https://github.com/miranda-zhang/cloud-computing-schema [R=308,L]
Currently, this doesn't work on my local server.
I have to do
RewriteRule ^home$ https://github.com/miranda-zhang/cloud-computing-schema [R=308,L]
And use the url localhost/subdir/home
Also Options -Indexes seem to make the following stop working.
ErrorDocument 406 https://miranda-zhang.github.io/cloud-computing-schema/v1.0/406.html
RewriteRule ^.*$ https://miranda-zhang.github.io/cloud-computing-schema/v1.0/406.html [R=406,L]
Full original .htaccess file
I also tried some methods in Problem detecting empty REQUEST_URI with Apache mod_rewrite
The following doesn't seem to work, or maybe I'm missing some other config.
RewriteCond %{HTTP_HOST} ^localhost/coocon
Or
RewriteCond %{REQUEST_URI} "^/$"
Seems something else was wrong, it is a 403 error now.
Forbidden
You don't have permission to access /cocoon/ on this server.
Cannot serve directory /var/www/html/cocoon/: No matching
DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive
This might work:
Options -Indexes
ErrorDocument 403 https://github.com/miranda-zhang/cloud-computing-schema

HTACCESS: Throw 404 error but still accessible

I have the following structure:
- root
- css
- test.css
- index.php
Is there a way to throw a 404 error when I try to open anything in CSS folder in my browser as:
http://localhost:1993/css
http://localhost:1993/css/test.css
but still accessible from the browser? I want CSS to load normally, but to throw a 404 error when someone opens this path. Or turn off the directory listing for everything in the directory (with all files inside)? Or something like that? Its possible?
You can try mod_access,
<FilesMatch "\.css$">
order deny,allow
deny from all
allow from 127.0.0.1
allow from localhost
</FilesMatch>
With mod_rewrite
RewriteEngine On
RewriteCond %{HTTP_HOST} ^!localhost
RewriteCond %{REQUEST_URI} ^/css [OR]
RewriteCond %{REQUEST_FILENAME} \.css$
RewriteRule ^ - [R=404]

.htaccess rewriterule - check for referrer, if wrong referrer send to a specific URL, if right, allow directory to be read

I have a folder on my site (domain.com/protect) I want to limit to only one referrer (otherdomain.com/subfolder).
Deny for all others, allow only if coming from that URL.
If not coming from that URL, then redirect the visitor over to otherdomain.com/login instead.
How would I write that out in .htaccess rewrite rules?
In the htaccess file in your /protect directory, add these rules:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !otherdomain\.com/subfolder
RewriteRule ^ - [L,F]
The condition checks that the referer doesn't contain: otherdomain.com/subfolder, and if it doesn't, then whatever the request is (inside the /protect directory) will result in a 403 Forbidden.
Alternatively, you can put these rules in the htaccess file in your document root if you would rather keep everything in once place:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !otherdomain\.com/subfolder
RewriteRule ^/?protect/? - [L,F]

How can I get non existant files mapped correctly in .htaccess?

Duplicate:
How to rewrite non existant files to
‘default’ files?
(.htaccess)
How would I "rewrite" to a location if a file doesn't exist? I don't want to use a 404 redirect, but an actual rewrite.
So for example, let's say it is a directory with images. If the image isn't found, then it rewrites to a default image?
I.e.,
images/1.jpg
images/2.jpg
images/default.jpg
if someone tried to access "website.com/images/3.jpg",
since that doesn't exist, I want it to go to:
"website.com/images/default.jpg"
This was a previous "posted" solution, but didn't quite work:
RewriteCond %{REQUEST_FILENAME} !-f [NC]
RewriteRule /images/.* /images/error.jpg [L]
It still doesn't "get" the right image (just goes as a regular 404 request).
RewriteCond %{REQUEST_FILENAME} !-f [NC]
RewriteRule ^images/.* /images/error.jpg [L]
Obviously this only redirects if missing file is under /images/... but you can easily modify it for your own needs
Well, your previous posted solution is on the right track, but there's some slight craziness with it. Try this:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule images/.* /images/default.jpg [L]
You should better send a 404 status code if the file really doesn’t exist rather than just a substitute with a status code other than 404. Otherwise the URL will be handled as valid.
So in your case I recommend you to set the ErrorDocument of the images directory to your default image:
<Directory "/path/to/your/images/">
ErrorDocument 404 /images/default.jpg
</Directory>
But note that the <Directory> block is only available in the server or virtual host configuration context and not the per-directory context (thus .htaccess).
If you cannot use the above, you could use a custom script as your custom error document to check what URL has been requested (see Request_URI environment variable) and send the default image if necessary. The ErrorDocument directive then should look like this:
ErrorDocument 404 /your-error-404.script
re-write your 404 document for your images folder:
(In your .htaccess file in your images folder)
ErrorDocument 404 default.jpg

Resources