The task seems very simple:
all requests must be passed through one file.
However,
when following code is added to httpd.conf:
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^(.*)$ /index.php?route=$1 [QSA,R=301,L]
and following code is added to /index.php:
if( isset($_GET["route"]) && $_GET["route"] != "/index.php" ){
header("Location: ".$_GET["route"]);
}
then it causes redirect loop!
Causes for example such loop:
www.site.com/image.jpg -> (redirected by httpd.conf)
www.site.com/index.php?route=/image.jpg -> (redirected by index.php)
www.site.com/image.jpg -> (redirected by httpd.conf)
www.site.com/index.php?route=/image.jpg -> (redirected by index.php)
...
So, the question is following:
How to stop this loop?
To stop for example in such way:
www.site.com/image.jpg -> (redirected by httpd.conf)
www.site.com/index.php?route=/image.jpg -> (redirected by index.php)
www.site.com/image.jpg (no further redirection)
This one is a bit of patch, but I think it works.
httpd.conf:
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{QUERY_STRING} !^(.*)a=a$ [NC]
RewriteRule ^(.*) index.php?route=$1 [QSA,L]
index.php:
<?php
if( isset($_GET["route"]) && $_GET["route"] != "/index.php" ){
header("Location: ".$_GET["route"].'?a=a');
}
The thing is: First time the rewrite engine redirects the page to index.php. Then, in index.php there's a redirection to the same file but adding parameter a=a. Then rewrite engine comes again, but he has orders of not redirect when found the string a=a in the query string, and there's no further redirection.
Of course this will end in a 404 error, since you're filtering only non-existant files with the first two rewritecond, but I guess you know how to deal with that.
Your rule looks fine but R=301 is a bit odd in your rule as you don't want to expose your internal URL in browser.
However PHP code is looking suspect due to this condition:
$_GET["route"] != "/index.php"
Which will always be true since /index.php itself will not be routed through this rule due to these conditions:
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
Hence your code will cause a redirect loop by continuously redirecting using header function.
I suggest keep your rule like this:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)$ /index.php?route=$1 [QSA,L]
And your PHP code should just check presence of $_GET['route'] but should not do any redirects.
First, put this to .htaccess file, not in httpd.conf
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /index.php [QSA,R=301,L]
Then, remove this redirect from your index.php file. You can get all your variables via $_GET or $_REQUEST.
What a senseless solutions. Of course it will cause redirect loop. In the RewriteCond-s you trying to catch files and dirs names that not exists in the server file system, and then you trying to pass their names to the index.php in which you make to request them again, again and again.
There is a single boilerplate that may come in handy, it should be placed on the top, after RewriteEngine on condition:
RewriteEngine on
RewriteCond %{ENV:REDIRECT_STATUS} !^[\s/]*$
RewriteRule ^ - [L]
An env was added, it works by theory, however I have tested it only once, see if it can solve the issue.
Why are you putting this:
RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteRule ^(.*)$ /index.php?route=$1 [QSA,R=301,L]
In httpd.conf? You need to place this into file called .htaccess, create it into your root directory.
Related
I'm working on an MVC project and I have the following .htaccess file:
Options -Indexes
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?path=$1 [L]
RewriteRule !^(public/|index\.php) [NC,F]
It works OK. I only want the public/ folder and the index.php file to be accessible to the public. All other paths should be inserted into the path GET parameter. For example, mysite.com/controller/method should point to mysite.com/index.php?path=controller/method.
Now, there is a problem. When visiting the URL directly (without including index.php, it is adding [NC,F] to the GET path parameter. It's like visiting mysite.com is pointing to mysite.com/index.php?path=[NC,F].
Why is this happening and how do I fix it?
EDIT
I moved index.php into the public/ folder. Here is my .htaccess file now:
Options -Indexes
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ public/index.php?path=$1 [L]
RewriteRule ^(/)?$ public/index.php [L]
RewriteRule !^(public/) [NC,F]
It seems to work OK. Are there any other improvements I could make on this?
You don't have a redirect location on the last rule, so it's taking the flags as the redirect location. Just a dash will be fine since it's a forbidden response. Change the last line to:
RewriteRule !^(public/|index\.php$) - [NC,F]
Also adding the dollar sign after index.php just to be clear.
Edit:
I would suggest updating your new rule set to the following (actually I suggest a complete re-think below, but this is an update on what you have):
RewriteEngine On
RewriteRule ^$ public/index.php [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(.*)$ public/index.php?path=$1 [L]
RewriteRule !^(public/) - [NC,F]
The (/)? wasn't needed in your homepage rule, as the opening forward slash is not included in .htaccess matches anyway.
I moved your rule for the homepage to the top or it will never be used due to being matched by the previous rule (so the path param is not there when empty, which is presumably what you intended).
I stopped anything in /public/ from being passed to your index.php script, since the way you had it, anything in public that didn't exist would have been passed to your index script, which does not seem to be what you intend.
I added RewriteCond %{REQUEST_URI} !=/public/index.php so the rule couldn't be executed on itself and create a loop if rule processing is run through more than once, which it can be, but then took it back out because the above match on /public/ covers that anyway.
A Re-Think
All that said, I don't think it really makes sense to check if files don't exist and then just send forbidden responses to the ones that do, yet send everything else to your index script. Why not just send everything to your index script? That seems to be what you want really. I would suggest you simplify to this:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(.*)$ public/index.php?path=$1 [L]
Dropping the homepage rule since no need to worry about an empty path parameter being passed to your index script. Changing the logic to be "Leave anything in /public/ alone. For anything else, pass it through to the index.php script." so files tests not needed since the script handles it all, and no forbidden response needed because there is nothing left to match, it's all covered by the rules. You can always return forbidden to anything you don't want to process in your script, which you would have needed to do anyway for existing file URLs in your previous setup.
One Last Re-Think
And finally, if I might suggest, it would be cleaner to have your index.php file in the root of the website, so you can make /public/ work with its own index file later if you like, so finally I would move it back to the root and change the rules to this:
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/public/
RewriteCond %{REQUEST_URI} !=/index.php
RewriteRule ^(.*)$ index.php?path=$1 [L]
And if you like all that, an up-vote to go with already accepting the answer would be much appreciated. :)
Adding RewriteRule ^(/)?$ public/index.php [L] seems to have resolved the issue. I'm not sure if this is the best approach, but here is my .htaccess file now:
Options -Indexes
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ public/index.php?path=$1 [L]
RewriteRule ^(/)?$ public/index.php [L]
RewriteRule !^(public/) [NC,F]
I moved index.php into the public folder to make things clearer.
This is my current .htaccess file:
DirectoryIndex requestHandler.php
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ requestHandler.php?/$0 [L,QSA]
I want to redirect alle requests to "requestHandler.php". It works now, but it is also possible to access sites with the direct link, and I don't want that.
For example:
It now works with ".../api/register" , but you can also access it but going to ".../register.php" and that shouldn't be possible. It should only be possible to go to register.php by ".../api/register".
I think I had it working before, but as I continued editing I've seemed to mess it up.
requestHandler.php should be working properly and when I enter ".../register.php" it is not at all redirected to requestHandler, but if I enter ".../registe.php" or ".../register.ph" it is redirected there.
Any solutions?
The rule you posted is only checking if the file/directory exists, and if it doesn't, then redirect to requestHandler.php. So naturally, if an existing file is entered in the URL, it will not redirect.
If you want all ".php" files to get redirected as well, you'll need a more specific Rewrite rules. Something like this maybe:
DirectoryIndex requestHandler.php
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ requestHandler.php?/$0 [L,QSA]
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteRule ^(.*)$ requestHandler.php?/$0 [L,QSA]
You can probably consolidate that into one rule block, but at least this way it's very readable. The second rule block is only checked if the requested file is not a file or a directory.
So to begin with I have a custom url rewrite that sends a request variable to a php script
Rewrite rule is below:
RewriteRule ^([\w\/-]+)(\?.*)?$ test/index.php?slug=$1 [L,T=application/x-httpd-php]
So if you access something like domain.com/slug-text it sends slug-text to index.php located in folder named test.
What I want is all my urls to look like domain.com/slug-text.html, but slug-test variable should still be sent to index.php file.
And
What I can't figure out is the redirect. I want all the old urls to be redirected from domain.com/slug-text or domain.com/slug-text/ to domain.com/slug-text.html and slug-text sent to index.php file located in test folder.
Searched a lot but could not find the answer for this question anywhere on the Internet.
Thank you all for the help.
UPDATE:
my new code is:
RewriteEngine On
Options +FollowSymlinks
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-l
RewriteRule ^(([\w/\-]+)?[\w-])(?!:\.html)$ http://domain.com/$1\.html [L,R=301]
RewriteRule ^(([\w/\-]+)?[\w-])(/|\.html)?$ test/index.php?slug=$1 [L]
domain.com/slug-text/ does not get redirected to domain.com/slug-text.html
domain.com/slug-text works as intended redirecting to domain.com/slug-text.html
What do i need to change?
This rule:
RewriteRule ^(([\w/\-]+)?[\w-])(/|\.html)?$ test/index.php?slug=$1 [L]
Will trap domain.com/slug-text, domain.com/slug-text/ and domain.com/slug-text.html and send slug-text to /test/index.php inside slug param.
If you really want to redirect using [R=301] from old urls to new then use this:
RewriteRule ^(([\w/-]+)?[\w-])/?(?!:\.html)$ http://domain.com/$1.html [L,R=301]
RewriteRule ^(([\w/-]+)?[\w-])\.html$ test/index.php?slug=$1 [L]
Also note that as using explicit redirect bottom rule is modified to trap url's ending with .html
It is also advisable (if your .htaccess does not already contain this) to filter conditions for existing files and folders not to be trapped by your redirect rules. Simply add these lines before RewriteRule lines:
# existing file
RewriteCond %{SCRIPT_FILENAME} !-f
# existing folder
RewriteCond %{SCRIPT_FILENAME} !-d
And if using symlinks:
# enable symlinks
Options +FollowSymLinks
# existing symlink
RewriteCond %{SCRIPT_FILENAME} !-l
// addition
Your .htaccess file should look like this:
RewriteEngine on
Options +FollowSymLinks
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteCond %{SCRIPT_FILENAME} !-l
RewriteRule ^(([\w/-]+)?[\w-])/?(?!:\.html)$ http://domain.com/$1.html [L,R=301]
RewriteRule ^(([\w/-]+)?[\w-])\.html$ test/index.php?slug=$1 [L]
This is supposed to redirect /slug-text to /slug-text.html
RedirectMatch ^/([\w-]+)/?$ http://domein.com/$1.html
This is in the case when slug-text is only letters, digits, – and _.
Rewrite slug-text.html to a php file and pass the slug as a param:
RewriteRule ^([\w-]+)\.html$ test/index.php?slug=$1 [R,L]
If you have both line in your .htaccess the first one will do the redirects from the legacy URLs to the new ones and the second one will process the request.
I have the following htaccess
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/?user=$1
which works as expected for example
http://example.com/index.php?user=USERNAME -> http://example.com/USERNAME
However I have created a form on the page index.php which posts to /directory/save.php
How do I remove .php while allowing for the directory so that I can post to /directory/save/ instead?
if it is going to one and only such file in /directory then probably hard code it by adding following before the above rules?
RewriteRule ^directory/save$ /directory/save.php [L]
directory/ might have it's own rewrite rules and not have a physical save.php, that's why !-f might not work. Try adding a new rewrite condition to stop rewriting for directory/
RewriteCond %{REQUEST_URI} !^directory
Try to check this one if it's rewriting /directory/save.php file to directory /directory/save/
RewriteCond %{REQUEST_URI} ^/directory/save\.php$
RewriteRule ^(.+) /directory/save/ [NC]
I currently have a .htaccess file that allows people to enter the URL without the php extension, such that http://domain.com/account redirects to account.php
I would like to be able to have it so that if I enter http://domain.com/account/contactinfo (or http://domain.com/account/settings/groups and so on) it still goes to account.php, but I am not sure how to change what I have to achieve this.
Current .htaccess :
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(([A-Za-z0-9\-_\.]+/)*[A-Za-z0-9\-_\.]+)?$ $1.php
Any help appreciated! Obviously if there exists a folder it should follow that path (e.g. if /folder/page.php exists, then http://domain.com/folder/page/create would go to folder/page.php)
Try this is you don't need to pass any URI info into query string (i.e. your app will still look at $_SERVER['REQUEST_URI'])
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([A-Za-z0-9\-_\.]+)(/[A-Za-z0-9\-_\.]*)?$ $1.php&q=$2 [QSA]
# Note the optional '&q=$2' on line above if you want to make removed part of URI available as passed parameter
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^.*$ / [L,QSA]
Note that since I removed the condition to check for a valid php file, I added a second conditional rewrite rule to just redirect to site root if the re-written request does not point to a valid PHP file. You could obviously redirect this to a 404 page or whatever else you might want to redirect to. Or you could remove this altogether and let Apache give it's default 404 response.