.htaccess in root folder

.htaccess in root folder - php

I'm using Nette framework and i have some problems with root folder in my hosting.
My hosting structure:
root
- demo
- www
- index.php
- www
and by default I must use this URL address "www.demo.example.com/www" to access to file index.php. But, I don't want to access to web site with "www" postfix. Soooo i create this .htaccess file in root folder.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^$ /www/ [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/www/
RewriteRule ^(.*)$ /www/$1
</IfModule>
and in demo/www folder I'm using this .htaccess
# Apache configuration file (see httpd.apache.org/docs/2.2/mod/quickreference.html)
# disable directory listing
Options -Indexes
# enable cool URL
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# prevents files starting with dot to be viewed by browser
RewriteRule /\.|^\. - [F]
# front controller
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(pdf|js|ico|gif|jpg|png|css|rar|zip|tar\.gz)$ index.php [L]
</IfModule>
# enable gzip compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript text/javascript application/javascript application/json
</IfModule>
# allow combined JavaScript & CSS. Inside of script.combined.js you could use <!--#include file="script.js" -->
<IfModule mod_include.c>
<FilesMatch "\.combined\.(js|css)$">
Options +Includes
SetOutputFilter INCLUDES
</FilesMatch>
</IfModule>
BUT in this way i can access to web site with "www.demo.example.com" and also with "www.demo.example.com/www", but i don't want access with prefix "www", how can i do it?
Thank you for your answers!

You can just use a file like this -
deny from all
This will prevent any direct acces
UPDATE
You need only one .htaccess in the root directory like this I think -
<Files subdirectory/*>
deny from all
</Files>
Remove the .htaccess from your subdirectory

Related

MyBB redirects to www.www

I am working on setting up a MyBB forum with https enabled. I've got TLS set up and enabled and https redirect is enabled by my host.
Direct links like http://www.example.com/index.php and example.com/index.php correctly redirect to https://www.example.com/index.php. But any any attempts to go straight to to https://www.example.com/ go to https://www.www.example.com/. Does anyone have any ideas about what might cause this?
My .htaccess file is as follows (mostly taken from MyBB's default .htaccess setup.)
Options -MultiViews +FollowSymlinks -Indexes
<FilesMatch "\.(php|html)$">
Header set Cache-Control "private, no-cache"
Header set Pragma "no-cache"
</FilesMatch>
#
# If mod_security is enabled, attempt to disable it.
# - Note, this will work on the majority of hosts but on
# MediaTemple, it is known to cause random Internal Server
# errors. For MediaTemple, please remove the block below
#
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off
# The below probably isn't needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>
#
# MyBB "search engine friendly" URL rewrites
# - Note, for these to work with MyBB please make sure you have
# the setting enabled in the Admin CP and you have this file
# named .htaccess
#
<IfModule mod_rewrite.c>
RewriteEngine on
RedirectMatch ^/$ news.php
RewriteRule ^forum-([0-9]+)\.html$ forumdisplay.php?fid=$1 [L,QSA]
RewriteRule ^forum-([0-9]+)-page-([0-9]+)\.html$ forumdisplay.php?fid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)\.html$ showthread.php?tid=$1 [L,QSA]
RewriteRule ^thread-([0-9]+)-page-([0-9]+)\.html$ showthread.php?tid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)-lastpost\.html$ showthread.php?tid=$1&action=lastpost [L,QSA]
RewriteRule ^thread-([0-9]+)-nextnewest\.html$ showthread.php?tid=$1&action=nextnewest [L,QSA]
RewriteRule ^thread-([0-9]+)-nextoldest\.html$ showthread.php?tid=$1&action=nextoldest [L,QSA]
RewriteRule ^thread-([0-9]+)-newpost\.html$ showthread.php?tid=$1&action=newpost [L,QSA]
RewriteRule ^thread-([0-9]+)-post-([0-9]+)\.html$ showthread.php?tid=$1&pid=$2 [L,QSA]
RewriteRule ^post-([0-9]+)\.html$ showthread.php?pid=$1 [L,QSA]
RewriteRule ^announcement-([0-9]+)\.html$ announcements.php?aid=$1 [L,QSA]
RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)\.html$ calendar.php?calendar=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ calendar.php?calendar=$1&year=$2&month=$3 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4 [L,QSA]
RewriteRule ^calendar-([0-9]+)-week-(n?[0-9]+)\.html$ calendar.php?action=weekview&calendar=$1&week=$2 [L,QSA]
RewriteRule ^event-([0-9]+)\.html$ calendar.php?action=event&eid=$1 [L,QSA]
<IfModule mod_env.c>
SetEnv SEO_SUPPORT 1
</IfModule>
</IfModule>
#
# If Apache is compiled with built in mod_deflade/GZIP support
# then GZIP Javascript, CSS, HTML and XML so they're sent to
# the client faster.
#
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/css text/html application/xhtml+xml text/xml application/xml text/plain text/x-component application/javascript application/x-javascript application/rss+xml application/atom+xml application/json application/manifest+json application/x-web-app-manifest+json application/vnd.ms-fontobject application/font-sfnt application/font-woff application/font-woff2 image/svg+xml image/x-icon
</IfModule>
# Note: You are able to choose a different name in the Admin CP. If you've done that you need to change it here too
<Files "error.log">
Require all denied
</Files>

This turned out to be a browser caching issue.

All .php files are 403 Forbidden + No 404 Doc Found

Had our website up for a while, and I'm now working on a contact form with a simple PHP mailer. For some reason though, all .php files on the directory are 403 Forbidden. For example:
http://www.bawkdesign.co.uk/mailer.php
Even trying .php files that don't exists results in a 403.
http://www.bawkdesign.co.uk/idonoexist.php
Perhaps there's something in .htaccess causing this? If there is I can't see it! The website is hosted with GoDaddy (Yup, not my choice)
I've checked the file and folder permissions and they all seem good too. Any help is really appreciated.
.htaccess file
#Rewrite urls to remove extensions
Options FollowSymLinks
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC]
RewriteRule ^(.+[^/])/$ http://%{HTTP_HOST}/$1/ [R=301,L]
RewriteCond %{HTTP_HOST} ^bawkdesign.com [NC]
RewriteRule ^(.*)$ http://www.bawkdesign.com/$1 [L,R=301]
#404 Page Not Found
ErrorDocument 404 /404
#Enable server side compression
AddOutputFilterByType DEFLATE text/text text/html text/php text/plain text/xml text/css application/x-javascript application/javascript
#Enable Mod_Expires for browser caching
ExpiresActive On
ExpiresDefault A0
# Set timing for cached files to expire after
<FilesMatch "\.(jpg|jpeg|png|gif|txt|xml|php|js|css|html)$">
ExpiresDefault A704800
Header append Cache-Control "public"
</FilesMatch>
#Define the charset
AddDefaultCharset utf-8

Wordpress and Magento Installed On Same Server Issue

I have installed wordpress into the root of my domain. After that was already done and setup, we decided to install Magento into a subfolder called shop. The problem that I am having is that on certain pages in Magento, actually just the checkout page, pages are carried over from wordpress. If I am logged into wordpress, my wordpress menu loads into the Your Checkout Progress box. If I am not logged in, the wordpress login page loads to the right of the checkout. I have tried to prevent this by using my .htaccess in the root of the hosting with the following
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} "/shop/"
RewriteRule (.*) $1 [L]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Here is my Magento .htaccess file
############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi
# Action php5-cgi /cgi-bin/php5-cgi
# AddHandler php5-cgi .php
############################################
## GoDaddy specific options
Options -MultiViews
## you might also need to add this line to php.ini
## cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini
############################################
## this line is specific for 1and1 hosting
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
############################################
## default index file
DirectoryIndex index.php
<IfModule mod_php5.c>
############################################
## adjust memory limit
# php_value memory_limit 64M
php_value memory_limit 256M
php_value max_execution_time 18000
############################################
## disable magic quotes for php request vars
php_flag magic_quotes_gpc off
############################################
## disable automatic session start
## before autoload was initialized
php_flag session.auto_start off
############################################
## enable resulting html compression
#php_flag zlib.output_compression on
###########################################
# disable user agent verification to not break multiple image upload
php_flag suhosin.session.cryptua off
###########################################
# turn off compatibility with PHP4 when dealing with objects
php_flag zend.ze1_compatibility_mode Off
</IfModule>
<IfModule mod_security.c>
###########################################
# disable POST processing to not break multiple image upload
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
<IfModule mod_deflate.c>
############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip
# Insert filter on all content
###SetOutputFilter DEFLATE
# Insert filter on selected content types only
#AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
# Netscape 4.x has some problems...
#BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
#BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
#SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_ssl.c>
############################################
## make HTTPS env vars available for CGI mode
SSLOptions StdEnvVars
</IfModule>
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /shop/
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /shop/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /shop/index.php [L]
</IfModule>
############################################
## uncomment next line to enable light API calls processing
# RewriteRule ^api/([a-z][0-9a-z_]+)/?$ api.php?type=$1 [QSA,L]
############################################
## rewrite API2 calls to api.php (by now it is REST only)
RewriteRule ^api/rest api.php?type=rest [QSA,L]
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks
############################################
## redirect for mobile user agents
#RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
#RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
#RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteRule .* index.php [L]
</IfModule>
############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead
AddDefaultCharset Off
#AddDefaultCharset UTF-8
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
ExpiresDefault "access plus 1 year"
</IfModule>
############################################
## By default allow all access
Order allow,deny
Allow from all
###########################################
## Deny access to release notes to prevent disclosure of the installed Magento version
<Files RELEASE_NOTES.txt>
order allow,deny
deny from all
</Files>
############################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags
#FileETag none
I am starting to think that I might have to find a way to move the WP install to another folder unless someone has any suggestions.
UPDATE:
Here is a link to a screenshot of what I am seeing, per the requests in the comments.
https://dl.dropboxusercontent.com/u/24789136/magentoerror.jpg

I think, in your Magento .htaccess, you need to remove the following section
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /shop/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /shop/index.php [L]
</IfModule>
and uncomment the following line.
#RewriteBase /shop/

How to redirect example.com/forum/index.php to example.com/forum/

I was wondering how to redirect a link such as www.example.com/forum/index.php to www.example.com/forum/. I have been having trouble, I tried looking it up on Google but none of the solutions are working for me. I have WordPress installed in my root directory, along with phpbb forum software in my forum directory.
My forum sub directory .htaccess:
#
# Uncomment the statement below if you want to make use of
# HTTP authentication and it does not already work.
# This could be required if you are for example using PHP via Apache CGI.
#
#<IfModule mod_rewrite.c>
#RewriteEngine on
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#</IfModule>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
and this is my root folder .htaccess:
# BEGIN W3TC Browser Cache
<IfModule mod_deflate.c>
<IfModule mod_setenvif.c>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon
</IfModule>
</IfModule>
<FilesMatch "\.(css|js|htc|CSS|JS|HTC)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
<FilesMatch "\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|SVG|SVGZ|TXT|XSD|XSL|XML)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
<FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|WAV|WMA|WRI|XLA|XLS|XLSX|XLT|XLW|ZIP)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
# END W3TC Browser Cache
# BEGIN W3TC Page Cache core
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^(.*\/)?w3tc_rewrite_test$ $1?w3tc_rewrite_test=1 [L]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* - [E=W3TC_ENC:_gzip]
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP_HOST} = site.com
RewriteCond %{REQUEST_URI} \/$ [OR]
RewriteCond %{REQUEST_URI} (sitemap(_index)?\.xml(\.gz)?|[a-z0-9_\-]+-sitemap([0-9]+)?\.xml(\.gz)?) [NC]
RewriteCond %{REQUEST_URI} !(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|\/feed\/|wp-.*\.php|index\.php) [NC,OR]
RewriteCond %{REQUEST_URI} (wp-comments-popup\.php|wp-links-opml\.php|wp-locations\.php) [NC]
RewriteCond %{HTTP_COOKIE} !(comment_author|wp-postpass|wordpress_\[a-f0-9\]\+|wordpress_logged_in) [NC]
RewriteCond %{HTTP_USER_AGENT} !(W3\ Total\ Cache/0\.9\.2\.4) [NC]
RewriteCond "%{DOCUMENT_ROOT}/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" -f
RewriteRule .* "/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" [L]
</IfModule>
# END W3TC Page Cache core
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Google Webmaster Tools has been saying I have duplicate title tags because of these 2 urls, I can not seem to figure it out!

In .htaccess there are basically two things you can do regarding URLs.
Rewriting URLs
You can rewrite URLs internally. If the user visits example.com/forum/ you can rewrite the URL internally to use example.com/forum/index.php. The user will see example.com/forum in their address bar.
In an .htaccess file, this would be written as:
RewriteRule ^forum /forum/index.php [L]
RewriteRule indicates that it should rewrite the URL. ^forum matches the forum part in example.com/forum/ and /forum/index.php says that it should rewrite the URL to /forum/index.php. Last [L] means that if this RewriteRule matches, it should stop matching rules.
Redirecting URLs
You can redirect an URL too. This will send an header to the client to load a different page instead. If the user visits example.com/forum/index.php, you can rewrite it to example.com/forum and order the client that requested that to load that URL instead. The user will see example.com/forum in their address bar.
In an .htaccess file, this would be written as:
RewriteRule ^forum/index\.php /forum [R,L]
Again, RewriteRule tells that the URL should be rewritten, if it matches ^forum/index\.php (notice the escaped dot, because it is a regex, we do not want it to match every character). It will be rewritten to /forum. Last, we have the flags [R,L]. R stands for 'redirect' (by default a temporary redirect) and L stands again for 'if this rule matches, stop matching any further rules.
Documentation
The documentation about mod_rewrite can be found here.

Fat Free Framework URL Error

I'm getting a problem. I'm using Ubuntu and all my files are located in /var/www. It contains the following folder:
fatfree:contains the fat free framwork
F3Apps: contains index.php, .htaccess(contents shown below)
The content of the index.php is
<?php
require '../fatfree/lib/base.php';
F3::route('GET /',function()
{
echo "root entered";
});
F3::route('GET /about',function()
{
echo "about entered";
});
F3::run();
?>
When I'm setting the URL as http://127.0.0.1/F3Apps/, it is ok, i.e. it is echoing
root entered
However when I'm setting the URL as http://127.0.0.1/F3Apps/about, I'm getting the following:
The .htaccess contents is shown below(The .htaccess is in the file F3Apps):
# Enable rewrite engine and route requests to framework
RewriteEngine On
RewriteBase /F3Apps
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L,QSA]
# Disable ETags
<IfModule mod_header.c>
Header Unset ETag
FileETag none
</IfModule>
# Default expires header if none specified (stay in browser cache for 7 days)
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault A604800
</IfModule>
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
Options -Indexes FollowSymLinks Includes
AllowOverride All
Order allow,deny
Allow from All
</Directory>

Check your .htaccess, problem is there. Or post it's content for us :)

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.