I have a blog site hosted on Hostinger, and I am using .htaccess to rewrite some URLs.
However, I have been trying to rewrite my blog posts URLs from http://localhost/article.php?p=hello-world to http://localhost/article/hello-world but no success. I found some other Stackoverflow references but they did not solve my issue.
Here is my current .htaccess code:
RewriteEngine On
RewriteRule ^config\.php - [R=404,L]
RewriteRule ^([^/]+)/$ $1.php
RewriteRule ^([^/]+)/([^/]+)/$ /$1/$2.php
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(\.[a-zA-Z0-9]{1,5}|/)$
RewriteRule ^(.+?)/?$ /$1.php [L]
ErrorDocument 404 /404.php
# disable directory browsing
Options All -Indexes
<FilesMatch "\.(htaccess|sql|htpasswd|ini|phps|fla|psd|log|sh|svn|7z|zip|rar|gz|tar)$">
Order Allow,Deny
Deny from all
</FilesMatch>
Please help me understand what is needed to be added and where.
Thank you!
Related
I don't understand htaccess at all except from it's function to "pretify" url's and I know this question has been asked a milion times, i have tried nearly all of them but none of the answers worked for me.
So basically i have givin my own go at creating a cms and a structure to go with it. the "cms" is located in a subfolder called system with it's own respectable index.php
my htaccess is configured to take the var "page" and retract the .php extension from it in the url. everything works fine until i start calling pages from the system subfolder.
My question is, how can i get htacces to ignore this folder and continue it's rewriting rule despite the user currently being located in the subfolder?
my htaccess is set up as follows:
RewriteEngine On
Options +FollowSymLinks
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\\.]+)$ $1.php [NC,L]
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^(.*)$ index.php?page=$1 [QSA]
<Files .htaccess>
order allow,deny
deny from all
</Files>
ErrorDocument 404 home
ErrorDocument 403 home
#php_flag display_errors off
Have it like this:
ErrorDocument 404 /home
ErrorDocument 403 /home
RewriteEngine On
Options +FollowSymLinks
# skip subfolder from any rules
RewriteRule ^subfolder(/.*)?$ - [L,NC]
# add .php extension
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ $1.php [L]
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^system/(.*)$ system/index.php?page=$1 [L,NC,QSA]
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^(.*)$ index.php?page=$1 [L,QSA]
<Files .htaccess>
order allow,deny
deny from all
</Files>
I'm having issues with .htaccess RewriteRule. all I'm trying to do is
rewrite this url - www.example.com/public/?q=admin
to - www.example.com/public/admin
but now when I go to this url www.example.com/public/admin it says not found.
but this url is working ww.example.com/public/?q=admin
here is my .htaccess code
Options All -Indexes
<FilesMatch "(config|.+\.html)\.php">
deny from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !\.(bmp|cgi|css|flv|gif|ico|jpe?g|js|png|swf|xml)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) ?q=$1&%1 [L,QSA]
</IfModule>
Does anyone know to help?
UPDATE
This script installed inside a subdomain and a sub folder
like this
http://subdomain.maindomain.com/comingsoon/
coming soon is the root folder
http://subdomain.maindomain.com/comingsoon/public is another folder where placed .htaccess file.
I'm using mini php framwork called Swiftlet
https://github.com/AliasIO/Swiftlet
You can use this rule in your .htaccess for your required url.
RewriteRule ^public/(.*)$ public?q=$1 [L,QSA]
UPDATE 1:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^subdomain.domain.com
RewriteRule ^public/(.*)$ http://subdomain.domain.com/comingsoon/public?q=$1 [L,NC,QSA]
Ok, so after your update, try this :
RewriteBase /comingsoon/public
RewriteRule ^(.*)$ /?q=$1 [L,QSA]
htaccess file which redirects my advanced Yii2 app to frontend index.php file for that there is already an .htaccess file. which has following lines..
This is Right Now my .HTACCESS at root directory
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
now i searched internet and i found this if i want to redirect to https then i have to add this.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
so i added like this....
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
then it loads website withouat any js and css... and also it is in http. But content it requires should be in https.
I do understand it is because of my another rewrite statement. But i am not so expertise in it. Please mae some suggetion.
Here this thing if it is alone it works perfect without any problem.
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
It will send my http to https. So it works perfact.
Or if this is alone
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
This rule tells that execute index.php file from the [.htaccess Directory/frontend/web/] directory . Means execute frontend/web/index.php . Here it is very important to do this as this is as per the framework structure.
So i have to combine these two rules together and build a .htaccess which will work for both scenario.
CONCLUSION
So my .HTACESS should tell the server we have to run [.HTACESS DIR/frontend/web/index.php] in https.
UPDATE TO QUESTION
this is the .htaccess under frontend/web/ folder where my index.php is
And this is at root/frontend/web folder where index.php exists.
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
Do i have to add https thing here ?
The easiest way might be setting the on beforeRequest event handler in /config/web.php like so:
...
'bootstrap' => ['log'],
'on beforeRequest' => function ($event) {
if(!Yii::$app->request->isSecureConnection){
$url = Yii::$app->request->getAbsoluteUrl();
$url = str_replace('http:', 'https:', $url);
Yii::$app->getResponse()->redirect($url);
Yii::$app->end();
}
},
...
You root/frontend/web/.htaccess should be like this:
RewriteEngine on
RewriteBase /frontend/web/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,NE,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
Just remember that a sub-directory .htaccess always takes precedence over parent directory .htaccess.
In root .htaccess when i put this. It also works for me.
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
Another approach would be to change the virtual host on port 80 (HTTP):
<VirtualHost *:80>
ServerName mywebsite.com
Redirect permanent / https://mywebsite.com
</VirtualHost>
and then have a separate virtual host for port 443 (HTTPS).
Assuming a Debian(-fork) Linux server you'd have to put the above in /etc/apache2/sites-available/myname.conf.
After you've done that use sudo a2ensite myname.conf (if this fails, you can create the symlink in /etc/apache2/sites-enabled/ yourself, but try not to). Now restart apache with 'sudo service apache2 restart'.
I've used this code below.
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www.(.*) [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www.(.*) [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
I created custom 404 error page called error.php, now I want to display the error.php content in user entered url.like this link: http://www.youtube.com/asdfasfsd
This is my htaccess code:
ErrorDocument 404 https ://localhost/path/error.php
I want to show the error.php content in same URL without redirect to error.php page
if user typed invalid url (for example:https ://localhost/path/nnn.php)
current result:redirecting to error.php
expected result:display error.php content in https
://localhost/path/nnn.php
My full htaccess code:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule index.html$ index.php [L]
RewriteRule service.html$ service.php [L]
RewriteRule ^([^/]*)\.html$ about.php?pid=$1 [L]
RewriteRule ^cont/([^/]*)\.html$ contact-inner.php?tid=$1 [L]
RewriteRule ^contact/([^/]*)/([^/]*)\.html$ contact-page.php?tid=$1&ona=$2 [L]
RewriteRule ^about/([^/]*)\.html$ about-inner.php?oid=$1 [L]
RewriteRule ^service/([^/]*)/([^/]*)\.html$ service-page.php?oid=$1&ona=$2 [L]
ErrorDocument 404 https://localhost/ezhil/path/public_html/error.php
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from 117.202.102.84
deny from 58.68.25.210
deny from 91.200.13.112
deny from 86.128.130.170
deny from 91.200.13.7
deny from 173.208.206.90
Please remove your ErrorDocument rule and replace it with following code :
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ error.php [L]
A suggestion by the way: You should put a [L] behind RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} , so that no other rule will override the HTTPS-enforcement.
Your .htaccess will then look like this:
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]
RewriteRule index.html$ index.php [L]
RewriteRule service.html$ service.php [L]
RewriteRule ^([^/]*)\.html$ about.php?pid=$1 [L]
RewriteRule ^cont/([^/]*)\.html$ contact-inner.php?tid=$1 [L]
RewriteRule ^contact/([^/]*)/([^/]*)\.html$ contact-page.php?tid=$1&ona=$2 [L]
RewriteRule ^about/([^/]*)\.html$ about-inner.php?oid=$1 [L]
RewriteRule ^service/([^/]*)/([^/]*)\.html$ service-page.php?oid=$1&ona=$2 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ error.php [L]
<Files 403.shtml>
order allow,deny
allow from all
</Files>
deny from 117.202.102.84
deny from 58.68.25.210
deny from 91.200.13.112
deny from 86.128.130.170
deny from 91.200.13.7
deny from 173.208.206.90
Modify the line in your .htaccess file. Just use path and filename (Without host)
ErrorDocument 404 /path/error.php
It worked for me.
You may need to tweak your existing htaccess a bit for this to work
RewriteEngine On
# your existing rules. please note the [L] after each rule
RewriteRule ^main$ index.php [L]
RewriteRule ^about-us$ aboutus.php [L]
RewriteRule ^whatever$ whatever.php [L]
# anything else that ends with .php
RewriteRule .*\.php$ error.php
as soon a RewriteRule is met, further execution is stopped by [L]. Then if the request ends with .php the error.php will be executed.
Just add code like this in your .htaccess
ErrorDocument 404 "<script>document.write(atob('[Your Html code convert to base64string]'))</script>"
For Example
ErrorDocument 404 "<script>document.write(atob('PCFET0NUWVBFIGh0bWw+CjxoZWFkPgoJPG1ldGEgY2hhcnNldD0idXRmLTgiPgoJPG1ldGEgaHR0cC1lcXVpdj0iWC1VQS1Db21wYXRpYmxlIiBjb250ZW50PSJJRT1lZGdlIj4KCTxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSI+Cgk8IS0tIFRoZSBhYm92ZSAzIG1ldGEgdGFncyAqbXVzdCogY29tZSBmaXJzdCBpbiB0aGUgaGVhZDsgYW55IG90aGVyIGhlYWQgY29udGVudCBtdXN0IGNvbWUgKmFmdGVyKiB0aGVzZSB0YWdzIC0tPgoKCTx0aXRsZT40MDQgTm90IEZvdW5kPC90aXRsZT4KCgk8IS0tIEdvb2dsZSBmb250IC0tPgoJPGxpbmsgaHJlZj0iaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PU1vbnRzZXJyYXQ6NTAwIiByZWw9InN0eWxlc2hlZXQiPgoJPGxpbmsgaHJlZj0iaHR0cHM6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PVRpdGlsbGl1bStXZWI6NzAwLDkwMCIgcmVsPSJzdHlsZXNoZWV0Ij4KCgk8c3R5bGU+CiogewogIC13ZWJraXQtYm94LXNpemluZzogYm9yZGVyLWJveDsKICAgICAgICAgIGJveC1zaXppbmc6IGJvcmRlci1ib3g7Cn0KCmJvZHkgewogIHBhZGRpbmc6IDA7CiAgbWFyZ2luOiAwOwp9Cgojbm90Zm91bmQgewogIHBvc2l0aW9uOiByZWxhdGl2ZTsKICBoZWlnaHQ6IDEwMHZoOwp9Cgojbm90Zm91bmQgLm5vdGZvdW5kIHsKICBwb3NpdGlvbjogYWJzb2x1dGU7CiAgbGVmdDogNTAlOwogIHRvcDogNTAlOwogIC13ZWJraXQtdHJhbnNmb3JtOiB0cmFuc2xhdGUoLTUwJSwgLTUwJSk7CiAgICAgIC1tcy10cmFuc2Zvcm06IHRyYW5zbGF0ZSgtNTAlLCAtNTAlKTsKICAgICAgICAgIHRyYW5zZm9ybTogdHJhbnNsYXRlKC01MCUsIC01MCUpOwp9Cgoubm90Zm91bmQgewogIG1heC13aWR0aDogNzY3cHg7CiAgd2lkdGg6IDEwMCU7CiAgbGluZS1oZWlnaHQ6IDEuNDsKICBwYWRkaW5nOiAwcHggMTVweDsKfQoKLm5vdGZvdW5kIC5ub3Rmb3VuZC00MDQgewogIHBvc2l0aW9uOiByZWxhdGl2ZTsKICBoZWlnaHQ6IDE1MHB4OwogIGxpbmUtaGVpZ2h0OiAxNTBweDsKICBtYXJnaW4tYm90dG9tOiAyNXB4Owp9Cgoubm90Zm91bmQgLm5vdGZvdW5kLTQwNCBoMSB7CiAgZm9udC1mYW1pbHk6ICdUaXRpbGxpdW0gV2ViJywgc2Fucy1zZXJpZjsKICBmb250LXNpemU6IDE4NnB4OwogIGZvbnQtd2VpZ2h0OiA5MDA7CiAgbWFyZ2luOiAwcHg7CiAgdGV4dC10cmFuc2Zvcm06IHVwcGVyY2FzZTsKICBiYWNrZ3JvdW5kLWNvbG9yOiBCbGFjazsKICAtd2Via2l0LWJhY2tncm91bmQtY2xpcDogdGV4dDsKICAtd2Via2l0LXRleHQtZmlsbC1jb2xvcjogdHJhbnNwYXJlbnQ7CiAgYmFja2dyb3VuZC1zaXplOiBjb3ZlcjsKICBiYWNrZ3JvdW5kLXBvc2l0aW9uOiBjZW50ZXI7Cn0KCi5ub3Rmb3VuZCBoMiB7CiAgZm9udC1mYW1pbHk6ICdUaXRpbGxpdW0gV2ViJywgc2Fucy1zZXJpZjsKICBmb250LXNpemU6IDI2cHg7CiAgZm9udC13ZWlnaHQ6IDcwMDsKICBtYXJnaW46IDA7Cn0KCi5ub3Rmb3VuZCBwIHsKICBmb250LWZhbWlseTogJ01vbnRzZXJyYXQnLCBzYW5zLXNlcmlmOwogIGZvbnQtc2l6ZTogMTRweDsKICBmb250LXdlaWdodDogNTAwOwogIG1hcmdpbi1ib3R0b206IDBweDsKICB0ZXh0LXRyYW5zZm9ybTogdXBwZXJjYXNlOwp9Cgoubm90Zm91bmQgYSB7CiAgZm9udC1mYW1pbHk6ICdUaXRpbGxpdW0gV2ViJywgc2Fucy1zZXJpZjsKICBkaXNwbGF5OiBpbmxpbmUtYmxvY2s7CiAgdGV4dC10cmFuc2Zvcm06IHVwcGVyY2FzZTsKICBjb2xvcjogI2ZmZjsKICB0ZXh0LWRlY29yYXRpb246IG5vbmU7CiAgYm9yZGVyOiBub25lOwogIGJhY2tncm91bmQ6ICM1YzkxZmU7CiAgcGFkZGluZzogMTBweCA0MHB4OwogIGZvbnQtc2l6ZTogMTRweDsKICBmb250LXdlaWdodDogNzAwOwogIGJvcmRlci1yYWRpdXM6IDFweDsKICBtYXJnaW4tdG9wOiAxNXB4OwogIC13ZWJraXQtdHJhbnNpdGlvbjogMC4ycyBhbGw7CiAgdHJhbnNpdGlvbjogMC4ycyBhbGw7Cn0KCi5ub3Rmb3VuZCBhOmhvdmVyIHsKICBvcGFjaXR5OiAwLjg7Cn0KCkBtZWRpYSBvbmx5IHNjcmVlbiBhbmQgKG1heC13aWR0aDogNzY3cHgpIHsKICAubm90Zm91bmQgLm5vdGZvdW5kLTQwNCB7CiAgICBoZWlnaHQ6IDExMHB4OwogICAgbGluZS1oZWlnaHQ6IDExMHB4OwogIH0KICAubm90Zm91bmQgLm5vdGZvdW5kLTQwNCBoMSB7CiAgICBmb250LXNpemU6IDEyMHB4OwogIH0KfQoKCTwvc3R5bGU+CgoJPCEtLSBIVE1MNSBzaGltIGFuZCBSZXNwb25kLmpzIGZvciBJRTggc3VwcG9ydCBvZiBIVE1MNSBlbGVtZW50cyBhbmQgbWVkaWEgcXVlcmllcyAtLT4KCTwhLS0gV0FSTklORzogUmVzcG9uZC5qcyBkb2Vzbid0IHdvcmsgaWYgeW91IHZpZXcgdGhlIHBhZ2UgdmlhIGZpbGU6Ly8gLS0+Cgk8IS0tW2lmIGx0IElFIDldPgoJCSAgPHNjcmlwdCBzcmM9Imh0dHBzOi8vb3NzLm1heGNkbi5jb20vaHRtbDVzaGl2LzMuNy4zL2h0bWw1c2hpdi5taW4uanMiPjwvc2NyaXB0PgoJCSAgPHNjcmlwdCBzcmM9Imh0dHBzOi8vb3NzLm1heGNkbi5jb20vcmVzcG9uZC8xLjQuMi9yZXNwb25kLm1pbi5qcyI+PC9zY3JpcHQ+CgkJPCFbZW5kaWZdLS0+Cgo8L2hlYWQ+Cgo8Ym9keT4KCgk8ZGl2IGlkPSJub3Rmb3VuZCI+CgkJPGRpdiBjbGFzcz0ibm90Zm91bmQiPgoJCQk8ZGl2IGNsYXNzPSJub3Rmb3VuZC00MDQiPgoJCQkJPGgxPjQwNDwvaDE+CgkJCTwvZGl2PgoJCQk8aDI+T3BzcyEgVGhlIHJlcXVlc3RlZCBVUkwgd2FzIG5vdCBmb3VuZCBvbiB0aGlzIHNlcnZlci48L2gyPgoJCQk8cD5UaGF0J3MgYWxsIHdlIGtub3cuPC9wPgoJCQk8YSBocmVmPSIjIj5HbyBUbyBIb21lcGFnZTwvYT4KCQk8L2Rpdj4KCTwvZGl2PgoKPC9ib2R5Pgo8L2h0bWw+Cg=='))</script>"
It's worked for me.
I am trying to make SSL and Redirection work perfectly with my web application. I wish to achieve that always https://www.mydomain.com/ should be loaded in the browser - although, if he types a subdomain - it should be redirected to https://subdomain.mydomain.com/ instead.
I mean to say, everything should be SSL - here is what I am doing currently
Options -Indexes
Options +FollowSymLinks
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www) [NC]
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [L,R=301]
RewriteCond %{REQUEST_FILENAME} !index.php
RewriteRule (.*)\.php$ index.php/$1
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [QSA,L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 index.php
</IfModule>
Also, I wish to improve this .htaccess file so to introduce more security measures plus also allow only js, css and images files to be accessible by everyone - rest everything hidden or redirected to a 404 page.
Please guide, I would be greatly thankful!
These rewrite conditions may help you, I use this to make my CodeIgniter go to HTTPS:
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L]