I am creating one secure website by using .htaccess . Everything works fine in other browsers but the site not working in Internet Explorer. Its showing 404 error. Please help I dont know much about .htaccess problems.
RewriteEngine On
#RewriteCond %{HTTPS} off
# First rewrite to HTTPS:
# Don't put www. here. If it is already there it will be included, if not
# the subsequent rule will catch it.
#RewriteRule .* http://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Now, rewrite any request to the wrong domain to use www.
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule .* http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule ^ - [F]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?localhost [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ https://openclipart.org/image/240px/svg_to_png/234001/no_glass_cameras.png [NC,R,L]
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule ^ - [F]
Header set X-Frame-Options SAMEORIGIN
ServerSignature Off
# Disable Directory Browsing
Options All -Indexes
# Deny php direct accessing
<Files *.php>
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Files>
<Files index.php>
Order Allow,Deny
Allow from all
</Files>
# DENY CODE
#<Files ~ "^.*">
# Deny from all
#</Files>
#<Files ~ "^index\.php|css|js|.*\.png|.*\.jpg|.*\.gif|.*\.pdf">
# Allow from all
#</Files>
#Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure"
Related
I have a laravel application installed on a shared hosting package and I'm using https://github.com/JosephSilber/page-cache to cache pages.
The cached pages are stored in the following server folder /home/username/public_html/app_name/public/page-cache/article
The following code is in the .htaccess found in public folder
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Serve Cached Page If Available...
RewriteCond %{REQUEST_URI} ^/?$
RewriteCond %{DOCUMENT_ROOT}/public/page-cache/pc__index__pc.html -f
RewriteRule .? public/page-cache/pc__index__pc.html [L]
RewriteCond %{DOCUMENT_ROOT}/public/page-cache%{REQUEST_URI}.html -f
RewriteRule . public/page-cache%{REQUEST_URI}.html [L]
RewriteCond %{DOCUMENT_ROOT}/public/page-cache%{REQUEST_URI}.json -f
RewriteRule . public/page-cache%{REQUEST_URI}.json [L]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
I have tried to debug the values of DOCUMENT_ROOT AND REQUEST_URI and I'm getting the following:
%{DOCUMENT_ROOT} = /home/username/public_html/app_name and %{REQUEST_URI} = /article/race-policing-and-the-universal-yearning-for-safety
With the above code in .htaccess i'm not managing to direct it to the cache pages but its going directly to the application even though the file exists.
e.g. /home/username/public_html/app_name/public/page-cache/article/race-policing-and-the-universal-yearning-for-safety.html
There is also the following .htaccess file in the app_name folder.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_URI} (\.\w+$) [NC]
RewriteRule ^(.*)$ public/$1
#disable directory browsing
Options -Indexes
#PROTECT ENV FILE
<Files .env>
order allow,deny
Deny from all
</Files>
#PROTECT ENV FILE
<Files .htaccess>
order allow,deny
Deny from all
</Files>
I would appreciate if someone can help me identify the reason why the .htaccess is not loading the cache page when it exists. Stay safe guys :).
I have two rules in my htaccess file and while the first two are working I can't figure out why the third one isn't.
What I have currently is
Options -Indexes
Options +FollowSymLinks
IndexIgnore */*
# Turn on the RewriteEngine
RewriteEngine On
# Rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-zA-Z0-9]+)$ index.php?key=$1
RewriteRule ^([a-zA-Z0-9]+)/$ index.php?key=$1
RewriteRule ^([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$ index.php?key=$1&id=$2
RewriteRule ^([a-zA-Z0-9]+)/([a-zA-Z0-9]+)/$ index.php?key=$1&id=$2
RewriteRule ^([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$ index.php?key=$1&id=$2&user=$3
RewriteRule ^([a-zA-Z0-9]+)/([a-zA-Z0-9]+)/$ index.php?key=$1&id=$2&user=$3
<files config.php>
order allow,deny
deny from all
</files>
<files loader.php>
order allow,deny
deny from all
</files>
I can go to localhost/page/5 and I can go to localhost/page just fine, but if I try to go to localhost/module/5/1 it breaks and throws me a 404 error.
Any help on this would be greatly appreciated as I don't see anything, so it could be a simple yet stupid typo on my part.
None of your rule regex are matching /module/5/1 URI. Have your rules like this:
RewriteEngine On
# skip all files and directories from rewrite rules below
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(\w+)/?$ index.php?key=$1 [L,QSA]
RewriteRule ^(\w+)/(\w+)/?$ index.php?key=$1&id=$2
RewriteRule ^(\w+)/(\w+)/(\w+)/?$ index.php?key=$1&id=$2&user=$3 [L,QSA]
\w matches [a-zA-Z0-9_]
htaccess file which redirects my advanced Yii2 app to frontend index.php file for that there is already an .htaccess file. which has following lines..
This is Right Now my .HTACCESS at root directory
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
now i searched internet and i found this if i want to redirect to https then i have to add this.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
so i added like this....
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
then it loads website withouat any js and css... and also it is in http. But content it requires should be in https.
I do understand it is because of my another rewrite statement. But i am not so expertise in it. Please mae some suggetion.
Here this thing if it is alone it works perfect without any problem.
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
It will send my http to https. So it works perfact.
Or if this is alone
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
This rule tells that execute index.php file from the [.htaccess Directory/frontend/web/] directory . Means execute frontend/web/index.php . Here it is very important to do this as this is as per the framework structure.
So i have to combine these two rules together and build a .htaccess which will work for both scenario.
CONCLUSION
So my .HTACESS should tell the server we have to run [.HTACESS DIR/frontend/web/index.php] in https.
UPDATE TO QUESTION
this is the .htaccess under frontend/web/ folder where my index.php is
And this is at root/frontend/web folder where index.php exists.
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
Do i have to add https thing here ?
The easiest way might be setting the on beforeRequest event handler in /config/web.php like so:
...
'bootstrap' => ['log'],
'on beforeRequest' => function ($event) {
if(!Yii::$app->request->isSecureConnection){
$url = Yii::$app->request->getAbsoluteUrl();
$url = str_replace('http:', 'https:', $url);
Yii::$app->getResponse()->redirect($url);
Yii::$app->end();
}
},
...
You root/frontend/web/.htaccess should be like this:
RewriteEngine on
RewriteBase /frontend/web/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,NE,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
Just remember that a sub-directory .htaccess always takes precedence over parent directory .htaccess.
In root .htaccess when i put this. It also works for me.
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ frontend/web/$1 [L]
Another approach would be to change the virtual host on port 80 (HTTP):
<VirtualHost *:80>
ServerName mywebsite.com
Redirect permanent / https://mywebsite.com
</VirtualHost>
and then have a separate virtual host for port 443 (HTTPS).
Assuming a Debian(-fork) Linux server you'd have to put the above in /etc/apache2/sites-available/myname.conf.
After you've done that use sudo a2ensite myname.conf (if this fails, you can create the symlink in /etc/apache2/sites-enabled/ yourself, but try not to). Now restart apache with 'sudo service apache2 restart'.
I've used this code below.
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^www.(.*) [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} ^www.(.*) [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
I couldn't find a solution to my problem anywhere. Nothing seemed to fit.
I'm trying to add this code to my .htaccess:
<IfModule mod_rewrite.c>
RewriteBase /
RewriteEngine On
# Check if mobile=1 is set and set cookie 'mobile' equal to 1
RewriteCond %{QUERY_STRING} (^|&)mobile=1(&|$)
RewriteRule ^ - [CO=mobile:1:%{HTTP_HOST}]
# Check if mobile=0 is set and set cookie 'mobile' equal to 0
RewriteCond %{QUERY_STRING} (^|&)mobile=0(&|$)
RewriteRule ^ - [CO=mobile:0:%{HTTP_HOST}]
# cookie can't be set and read in the same request so check
RewriteCond %{QUERY_STRING} (^|&)mobile=0(&|$)
RewriteRule ^ - [S=1]
# Check if this looks like a mobile device
RewriteCond %{HTTP:x-wap-profile} !^$ [OR]
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC,OR]
RewriteCond %{HTTP:Profile} !^$
# Check if we're not already on the mobile site
RewriteCond %{HTTP_HOST} !^m\.
# Check to make sure we haven't set the cookie before
RewriteCond %{HTTP:Cookie} !\mobile=0(;|$)
# Now redirect to the mobile site
RewriteRule ^ http://mobile.example.com%{REQUEST_URI} [R,L]
Every time I add it to my .htaccess, I get the 500 error.
Here's what's in my .htaccess now:
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName example.com
AuthUserFile /path/to/file/service.pwd
AuthGroupFile /path/to/file/service.grp
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>
# do not index specified file types
<IfModule mod_headers.c>
<FilesMatch "\.(doc|docx|xls|xlsx|pdf|ppt|pptx|xml|mp3)$">
Header set X-Robots-Tag "noindex"
</FilesMatch>
</IfModule>
Redirect 301 "/blog/2010/03/05/the-power-of-the-radio-jingle/"http://example.com
Redirect 301 "/blog/2010/02/10/how-to-write-for-voice-over/"http://example.com
What am I doing wrong? I've never edited a .htaccess before. Please help!
Thanks!
About:
Site in kohana, version 3.0.8.
Problem:
I want to close for search engines whole site, except
baseinvest.kz/project and inner pages of it(baseinvest.kz/project/view/110)
.htaccess file
RewriteEngine On
RewriteBase /
<Files .*>
Order Deny,Allow
Deny From All
</Files>
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteCond %{REQUEST_URI} !=/robots.txt
RewriteRule .* index.php [L]
I've found solution by adding file robots.txt
User-agent: *
Disallow: /
Allow: /project
Analyzed by this site http://tools.seobook.com/robots-txt/analyzer/