Had our website up for a while, and I'm now working on a contact form with a simple PHP mailer. For some reason though, all .php files on the directory are 403 Forbidden. For example:
http://www.bawkdesign.co.uk/mailer.php
Even trying .php files that don't exists results in a 403.
http://www.bawkdesign.co.uk/idonoexist.php
Perhaps there's something in .htaccess causing this? If there is I can't see it! The website is hosted with GoDaddy (Yup, not my choice)
I've checked the file and folder permissions and they all seem good too. Any help is really appreciated.
.htaccess file
#Rewrite urls to remove extensions
Options FollowSymLinks
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC]
RewriteRule ^(.+[^/])/$ http://%{HTTP_HOST}/$1/ [R=301,L]
RewriteCond %{HTTP_HOST} ^bawkdesign.com [NC]
RewriteRule ^(.*)$ http://www.bawkdesign.com/$1 [L,R=301]
#404 Page Not Found
ErrorDocument 404 /404
#Enable server side compression
AddOutputFilterByType DEFLATE text/text text/html text/php text/plain text/xml text/css application/x-javascript application/javascript
#Enable Mod_Expires for browser caching
ExpiresActive On
ExpiresDefault A0
# Set timing for cached files to expire after
<FilesMatch "\.(jpg|jpeg|png|gif|txt|xml|php|js|css|html)$">
ExpiresDefault A704800
Header append Cache-Control "public"
</FilesMatch>
#Define the charset
AddDefaultCharset utf-8
Related
I am working on setting up a MyBB forum with https enabled. I've got TLS set up and enabled and https redirect is enabled by my host.
Direct links like http://www.example.com/index.php and example.com/index.php correctly redirect to https://www.example.com/index.php. But any any attempts to go straight to to https://www.example.com/ go to https://www.www.example.com/. Does anyone have any ideas about what might cause this?
My .htaccess file is as follows (mostly taken from MyBB's default .htaccess setup.)
Options -MultiViews +FollowSymlinks -Indexes
<FilesMatch "\.(php|html)$">
Header set Cache-Control "private, no-cache"
Header set Pragma "no-cache"
</FilesMatch>
#
# If mod_security is enabled, attempt to disable it.
# - Note, this will work on the majority of hosts but on
# MediaTemple, it is known to cause random Internal Server
# errors. For MediaTemple, please remove the block below
#
<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off
# The below probably isn't needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>
#
# MyBB "search engine friendly" URL rewrites
# - Note, for these to work with MyBB please make sure you have
# the setting enabled in the Admin CP and you have this file
# named .htaccess
#
<IfModule mod_rewrite.c>
RewriteEngine on
RedirectMatch ^/$ news.php
RewriteRule ^forum-([0-9]+)\.html$ forumdisplay.php?fid=$1 [L,QSA]
RewriteRule ^forum-([0-9]+)-page-([0-9]+)\.html$ forumdisplay.php?fid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)\.html$ showthread.php?tid=$1 [L,QSA]
RewriteRule ^thread-([0-9]+)-page-([0-9]+)\.html$ showthread.php?tid=$1&page=$2 [L,QSA]
RewriteRule ^thread-([0-9]+)-lastpost\.html$ showthread.php?tid=$1&action=lastpost [L,QSA]
RewriteRule ^thread-([0-9]+)-nextnewest\.html$ showthread.php?tid=$1&action=nextnewest [L,QSA]
RewriteRule ^thread-([0-9]+)-nextoldest\.html$ showthread.php?tid=$1&action=nextoldest [L,QSA]
RewriteRule ^thread-([0-9]+)-newpost\.html$ showthread.php?tid=$1&action=newpost [L,QSA]
RewriteRule ^thread-([0-9]+)-post-([0-9]+)\.html$ showthread.php?tid=$1&pid=$2 [L,QSA]
RewriteRule ^post-([0-9]+)\.html$ showthread.php?pid=$1 [L,QSA]
RewriteRule ^announcement-([0-9]+)\.html$ announcements.php?aid=$1 [L,QSA]
RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)\.html$ calendar.php?calendar=$1 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ calendar.php?calendar=$1&year=$2&month=$3 [L,QSA]
RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4 [L,QSA]
RewriteRule ^calendar-([0-9]+)-week-(n?[0-9]+)\.html$ calendar.php?action=weekview&calendar=$1&week=$2 [L,QSA]
RewriteRule ^event-([0-9]+)\.html$ calendar.php?action=event&eid=$1 [L,QSA]
<IfModule mod_env.c>
SetEnv SEO_SUPPORT 1
</IfModule>
</IfModule>
#
# If Apache is compiled with built in mod_deflade/GZIP support
# then GZIP Javascript, CSS, HTML and XML so they're sent to
# the client faster.
#
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/css text/html application/xhtml+xml text/xml application/xml text/plain text/x-component application/javascript application/x-javascript application/rss+xml application/atom+xml application/json application/manifest+json application/x-web-app-manifest+json application/vnd.ms-fontobject application/font-sfnt application/font-woff application/font-woff2 image/svg+xml image/x-icon
</IfModule>
# Note: You are able to choose a different name in the Admin CP. If you've done that you need to change it here too
<Files "error.log">
Require all denied
</Files>
This turned out to be a browser caching issue.
I'm using Nette framework and i have some problems with root folder in my hosting.
My hosting structure:
root
- demo
- www
- index.php
- www
and by default I must use this URL address "www.demo.example.com/www" to access to file index.php. But, I don't want to access to web site with "www" postfix. Soooo i create this .htaccess file in root folder.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^$ /www/ [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/www/
RewriteRule ^(.*)$ /www/$1
</IfModule>
and in demo/www folder I'm using this .htaccess
# Apache configuration file (see httpd.apache.org/docs/2.2/mod/quickreference.html)
# disable directory listing
Options -Indexes
# enable cool URL
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# prevents files starting with dot to be viewed by browser
RewriteRule /\.|^\. - [F]
# front controller
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(pdf|js|ico|gif|jpg|png|css|rar|zip|tar\.gz)$ index.php [L]
</IfModule>
# enable gzip compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript text/javascript application/javascript application/json
</IfModule>
# allow combined JavaScript & CSS. Inside of script.combined.js you could use <!--#include file="script.js" -->
<IfModule mod_include.c>
<FilesMatch "\.combined\.(js|css)$">
Options +Includes
SetOutputFilter INCLUDES
</FilesMatch>
</IfModule>
BUT in this way i can access to web site with "www.demo.example.com" and also with "www.demo.example.com/www", but i don't want access with prefix "www", how can i do it?
Thank you for your answers!
You can just use a file like this -
deny from all
This will prevent any direct acces
UPDATE
You need only one .htaccess in the root directory like this I think -
<Files subdirectory/*>
deny from all
</Files>
Remove the .htaccess from your subdirectory
Hi I am getting 500 Internal server Error when am trying to run my code in wampserver which is working absolutely
My .htaccess file is in wamp/www/site foloder and all other code is also in same folder
so should i put site somewhere in .htaccess file because online my code is in root folder
My .htaccess code:
RewriteEngine on
FileETag none
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} /+[^\.]+$
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]
</IfModule>
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript
</IfModule>
Apache error is here:
J:/wamp/www/site/.htaccess: Invalid command 'AddOutputFilterByType', perhaps misspelled or defined by a module not included in the server configuration, referer: /site/about/
If you are using apache 2.4, you need to change
<IfModule mod_deflate.c>
to
<IfModule mod_filter.c>
as the output filter has been moved to mod_filter. Then you need to make sure you have mod_filter loaded.
I have developed a really easy web application based on CakePHP. I am currently running some speed test and in order to optimise the performance I used .htaccess to turn on some Apache modules such as mod_deflate. However I am struggling with the expiring headers.
I have found a couple of solutions and this is my current htaccess:
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
ExpiresDefault "access plus 1 year"
</FilesMatch>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/release
RewriteRule ^$ app/webroot/ [L]
RewriteRule (.*) app/webroot/$1 [L]
</IfModule>
Using YSlow I can see that some of the assets have the right value, however some js/css files coming form plugins (/app/Plugins/X/webroot) are not changing the value.
I have also tried to add a htaccess file in the Plugin folder as well but nothing changed. I am running out of ideas.
Please, check plugin assets seems all your plugin static files handled by dispatcher this is reason of wrong headers. So, try to lead official documentation and create symbolic link
I was wondering how to redirect a link such as www.example.com/forum/index.php to www.example.com/forum/. I have been having trouble, I tried looking it up on Google but none of the solutions are working for me. I have WordPress installed in my root directory, along with phpbb forum software in my forum directory.
My forum sub directory .htaccess:
#
# Uncomment the statement below if you want to make use of
# HTTP authentication and it does not already work.
# This could be required if you are for example using PHP via Apache CGI.
#
#<IfModule mod_rewrite.c>
#RewriteEngine on
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#</IfModule>
<Files "config.php">
Order Allow,Deny
Deny from All
</Files>
<Files "common.php">
Order Allow,Deny
Deny from All
</Files>
and this is my root folder .htaccess:
# BEGIN W3TC Browser Cache
<IfModule mod_deflate.c>
<IfModule mod_setenvif.c>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/css application/x-javascript text/x-component text/html text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon
</IfModule>
</IfModule>
<FilesMatch "\.(css|js|htc|CSS|JS|HTC)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
<FilesMatch "\.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml|HTML|HTM|RTF|RTX|SVG|SVGZ|TXT|XSD|XSL|XML)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
<FilesMatch "\.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip|ASF|ASX|WAX|WMV|WMX|AVI|BMP|CLASS|DIVX|DOC|DOCX|EOT|EXE|GIF|GZ|GZIP|ICO|JPG|JPEG|JPE|MDB|MID|MIDI|MOV|QT|MP3|M4A|MP4|M4V|MPEG|MPG|MPE|MPP|OTF|ODB|ODC|ODF|ODG|ODP|ODS|ODT|OGG|PDF|PNG|POT|PPS|PPT|PPTX|RA|RAM|SVG|SVGZ|SWF|TAR|TIF|TIFF|TTF|TTC|WAV|WMA|WRI|XLA|XLS|XLSX|XLT|XLW|ZIP)$">
FileETag None
<IfModule mod_headers.c>
Header set X-Powered-By "W3 Total Cache/0.9.2.4"
</IfModule>
</FilesMatch>
# END W3TC Browser Cache
# BEGIN W3TC Page Cache core
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^(.*\/)?w3tc_rewrite_test$ $1?w3tc_rewrite_test=1 [L]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteRule .* - [E=W3TC_ENC:_gzip]
RewriteCond %{REQUEST_METHOD} !=POST
RewriteCond %{QUERY_STRING} =""
RewriteCond %{HTTP_HOST} = site.com
RewriteCond %{REQUEST_URI} \/$ [OR]
RewriteCond %{REQUEST_URI} (sitemap(_index)?\.xml(\.gz)?|[a-z0-9_\-]+-sitemap([0-9]+)?\.xml(\.gz)?) [NC]
RewriteCond %{REQUEST_URI} !(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|\/feed\/|wp-.*\.php|index\.php) [NC,OR]
RewriteCond %{REQUEST_URI} (wp-comments-popup\.php|wp-links-opml\.php|wp-locations\.php) [NC]
RewriteCond %{HTTP_COOKIE} !(comment_author|wp-postpass|wordpress_\[a-f0-9\]\+|wordpress_logged_in) [NC]
RewriteCond %{HTTP_USER_AGENT} !(W3\ Total\ Cache/0\.9\.2\.4) [NC]
RewriteCond "%{DOCUMENT_ROOT}/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" -f
RewriteRule .* "/wp-content/w3tc/pgcache/%{REQUEST_URI}/_index%{ENV:W3TC_UA}%{ENV:W3TC_REF}%{ENV:W3TC_SSL}.html%{ENV:W3TC_ENC}" [L]
</IfModule>
# END W3TC Page Cache core
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Google Webmaster Tools has been saying I have duplicate title tags because of these 2 urls, I can not seem to figure it out!
In .htaccess there are basically two things you can do regarding URLs.
Rewriting URLs
You can rewrite URLs internally. If the user visits example.com/forum/ you can rewrite the URL internally to use example.com/forum/index.php. The user will see example.com/forum in their address bar.
In an .htaccess file, this would be written as:
RewriteRule ^forum /forum/index.php [L]
RewriteRule indicates that it should rewrite the URL. ^forum matches the forum part in example.com/forum/ and /forum/index.php says that it should rewrite the URL to /forum/index.php. Last [L] means that if this RewriteRule matches, it should stop matching rules.
Redirecting URLs
You can redirect an URL too. This will send an header to the client to load a different page instead. If the user visits example.com/forum/index.php, you can rewrite it to example.com/forum and order the client that requested that to load that URL instead. The user will see example.com/forum in their address bar.
In an .htaccess file, this would be written as:
RewriteRule ^forum/index\.php /forum [R,L]
Again, RewriteRule tells that the URL should be rewritten, if it matches ^forum/index\.php (notice the escaped dot, because it is a regex, we do not want it to match every character). It will be rewritten to /forum. Last, we have the flags [R,L]. R stands for 'redirect' (by default a temporary redirect) and L stands again for 'if this rule matches, stop matching any further rules.
Documentation
The documentation about mod_rewrite can be found here.