I can't seem to get this .htaccess IP blocking script to work. I want to block any IP except mine from being able to access the wordpress login script and admin folder. My IP is 55.55.555.55 in this code. It works in that it blocks access to the file and folder from all IP's, but it doesn't let me access it through my IP. I get the 403 error as well. I am running Cloudflare, I don't know if that could be causing problems. Here is the current .htaccess
RewriteEngine On
RewriteBase /
#Block everyone but me
RewriteCond %{REMOTE_ADDR} !^55\.55\.555\.55$
RewriteRule ^(wp-login\.php|wp-admin) - [F,NC]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
I don't know why it isn't working, I've tried half a dozen variations of the wordpress login .htaccess IP blocker, and the IP is my actual IP, the IP it showed on 5 different 'What's my IP' sites. When I delete or rename the .htaccess, anyone can view the login page, but when it's there I can't either.
Also, the blog itself is in blog.domain.com, domain.com does a 301 redirect to take it there, so the blog and .htaccess are in blog.domain.com/. I doubt that makes a difference, but that's how it's set up.
Update: I tried using the same .htaccess on another site I have, which doesn't have cloudflare, here is the .htaccess I used
AddHandler php-stable .php
RewriteEngine On
RewriteBase /
#Block everyone but me
RewriteCond %{REMOTE_ADDR} !^55\.55\.555\.55$
RewriteRule ^(index.php) - [F,NC]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
As you can see, I changed it to only work on the index.php, and I made a quick test index.php page. When I went there on my computer, it loads it, but proxies return the 403 correctly. Could cloudflare somehow be causing the problems? Even though I disabled the caching, could it be screwing with it?
I just found this https://www.cloudflare.com/resources-downloads#mod_cloudflare I'm reading it now
Order of rules in .htaccess is very important. In your case WP rules are above and taking full control.
Change order or the rules:
RewriteEngine On
RewriteBase /
# Block everyone but me
RewriteCond %{REMOTE_ADDR} !^55\.55\.555\.55$
RewriteCond %{THE_REQUEST} \s/+(wp-login\.php|wp-admin/)[\s?] [NC]
RewriteRule ^ - [F]
# regular WP stuff
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Related
Background
I'm creating a time tracking app with PHP on my localhost (MAMP). The app structure is as follows
htdocs/time-tracker/public/index.php
Issue
No matter how many configurations I try, I can't seem to avoid some sort of weird glitch with the URL.
What I need
I want the following result. When I visit the url 127.0.0.1:8888/time-tracker on my local machine, I trigger the php app, routing all requests through the htdocs/time-tracker/public/index.php. Preferably without a trailing slash, but priority is just to get the app to work.
My current .htaccess file
RewriteEngine On
RewriteBase /time-tracker/
RewriteRule ^public\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /public [L]
Updates
1. $_GET parameters change outcome
For some reason http://127.0.0.1:8888/time-tracker?debug=true and http://127.0.0.1:8888/time-tracker get me different results.
http://127.0.0.1:8888/time-tracker?debug=true results in a redirect to http://127.0.0.1:8888/public
http://127.0.0.1:8888/time-tracker results in a redirect to http://127.0.0.1:8888/Users/etc/etc/htdocs/time-tracker/public
Neither of these results are what I want.
2. Partially working
This .htaccess file has gotten my redirects to work whenever I put something in the $_GET
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ public/index.php [L]
For example, 127.0.0.1:8888/time-tracker/?test=test works while 127.0.0.1:8888/time-tracker/ still redirects to http://127.0.0.1:8888/Users/etc/etc/htdocs/time-tracker/public
3. Not redirecting properly on root
The redirects works on all paths except for the root path. For example, 127.0.0.1:8888/time-tracker/test and 127.0.0.1:8888/time-tracker/?test=test both work, just not 127.0.0.1:8888/time-tracker/
I don't know why my regex won't pick this up. Here is my code
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* public/index.php [L]
4. Seeing an empty path name
I've tracked it down to one last issue: empty paths don't register with the redirect.
# Settings
Options +FollowSymLinks
DirectorySlash Off
RewriteEngine On
# Rules
RewriteBase /time-tracker/public/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*|x) index.php?/var=$1 [L]
For some reason, it just can't catch the redirect if the path is empty.
5. Close enough solution
This is the best I got. This is actually working, but I couldn't fix the trailing slash issue.
# Settings
DirectorySlash On
RewriteEngine On
# Rewrite
RewriteBase /time-tracker/public/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*) index.php?/var=$1 [L]
Hopefully somebody can come solve the trailing slash directory root issue or at least confirm that it is impossible. At this point, the correct answer goes to anyone who can explain my mistakes and make this into a helpful post.
Try this right after RewriteEngine on
RewriteRule ^(.*)/$ /$1 [L,R=301]
Try this. Put your .htaccess file in the time-tracker folder
RewriteOptions inherit
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /time-tracker/public/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
I uploaded the code to the server. It started the homepage correctly . But when I press any link , I get 404 not found error. I discovered that I need to add index.php to my url for it to work.
so it will be like that:
mydomain.somee.com/myWebsite/index.php/anotherPage
When I was working locally using Xamp as a server, I didn't get any of those problems.
I got those problems after I uploaded the website to some.com which apparently doesn't use .htaccess file (editing or removing has no effect).
How to add this index.php automatically and hide it from the user?
I didn't change any of the system files or the htaccess
please tell me if you need anymore files or description.
You need to redirect all your all pages through index.php file but remove it from URL.
Write below rules in your root .htaccess file:-
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?/$1 [L]
OR
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?$1 [L,QSA]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s(.*)/index\.php [NC]
RewriteRule ^ %1 [R=301,L]
To understand, How htaccess rules are working, This link will help you :)
Hope it will help you :)
I have implemented my small website on a live server, however I want to use url-rewrite for some links to make it clean. I try this on my localhost server:
http://localhost/cb/2/login.php to http://localhost/cb/2/login
I manage to make it work on my localhost server by editing the httpd.conf of apache and enable url-rewrite. Here's the rule I added to apache:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/cb/2/login$ /cb/2/login.php
</IfModule>
However, when I upload my files to a live server, obviously I do not have privilege to edit httpd.conf of that server, so I just put my rewrite rule on .htaccess file and here's the content of it:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/login$ /login.php [L,QSA,NC]
But when I try to test it, 404 not found is the response of server. I also try to implement in on my localhost server assuming I cannot edit the apache config and same error occurs, Object not found!
I have no idea what will I do next. I'm new to this url rewrite rule so any help will be much appreciated :)
UPDATE
After a lengthy discussion with the OP it seems there is a lot more going on behind the scenes.
The end result is no matter what is placed in the .htaccess file... it doesn't function.
OP was advised to contact the web host, but I will leave my original answer below for others on the site.
Remove the forward slashes from your rewrite rule
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^cb/2/login$ cb/2/login.php [L,QSA,NC]
You changed your rewrite rule used on localhost when you put it on a live server. Assuming your directory structure is the same you should keep your rewrite rule the same (minus the forward slashes).
Remember in rewrite rules...
The text between ^ and $ is what the visitor will input into the url bar, is what your link will be and is what the visitor will see in the url bar.
The next block is the location where the actual file exists.
UPDATE
If you want your visitor to go to www.examplewebsite.com/login.php and you want the url to look like www.example.com/login... your rewrite rule would be simply...
RewriteRule ^login$ login.php [L,QSA,NC] # Handle log-in
Now... let's say that your login.php is inside another directory called admin...
RewriteRule ^login$ admin/login.php [L,QSA,NC] # Handle log-in
These two lines mean...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
If the url is not a "real" directory or the url is not a "real" file... then process the rule.
That's why using RewriteRule ^login$ index.php causes your url to be rewritten as www.examplesite.com/login.php because the rewrite rule cannot be processed (index.php could not be found), BUT login.php is a "real" file.... so it goes to it.
please try:
Options All -Indexes
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_URI} !(\.png|\.jpg|\.gif|\.jpeg|\.bmp)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) /index.php
I am trying to rewrite the subdomain request to a subfolder in my server using .htaccess. I want mail.domain.com to look into mail folder located in the root. I am able to achieve this with the below code
RewriteEngine on
RewriteCond %{HTTP_HOST} mail.domain.com$
RewriteCond %{REQUEST_URI} !^/mail
RewriteRule ^(.*)$ /mail/$1 [L]
This WORKS correctly. When i browse to mail.domain.com i am getting the contents of domain.com/mail/index.php.
However this doesn't work with the subfolders inside the subdomain. ie when i browse to mail.domain.com/installer it DOESN'T give the contents from domain.com/mail/installer/index.php. Instead it shows 404 error. I also tried the code from htaccess subdomain pointing . Somehow I am unable to get the output. That method also gives the same problem. What am I doing wrong?
Note:
I do not want redirect conditions. Want to achieve via rewrite rules.
I am using openshift server. created domain.com & mail.domain.com aliases.
Root folder contains wordpress with no below .htaccess rules.
Edit
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
When I remove the above wordpress htaccess all works well. So it is causing 404 error in subdomain subfolders. Please help what i can do for both wordpress pretty urls and subdomain subfolders to work?
Note: I am really sorry. Wordpress added this via web interface and i failed to notice that.
Keep your root .htaccess like this:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} =mail.domain.com
RewriteRule ^((?!mail).*)$ mail/$1 [L,NC]
RewriteRule ^(index\.php$|mail) - [L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
A client of mine had me redesign his old asp.net website and I have developed it using WordPress. Same domain name. It is finished and live.
During this transition, I had to re-create nearly 250 landing pages and name them using the same url structure that they were named previously, primarily for SEO purposes and the fact that these pages and links are numerous places on the web.
Although, I suspected this would require a RewriteRule in the .htaccess file, this hasn't been a seamless transition for us at all.
I need to have to redirect:
http://website.com/pages/about-us.aspx to http://website.com/pages/about-us/
Currently, my .htaccess file includes the following:
AddHandler php-stable .php
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{REQUEST_FILENAME}\.aspx -f
RewriteCond %{HTTP_HOST} ^mysite.com$ [NC]
RewriteRule ^/?(.*)$ mysite.com/$1 [R=301,L]
</IfModule>
# END WordPress
This is having no affect and I still get a 404 error when going to these .aspx pages.
Any help would be greatly appreciated.
Thanks!
Changing
RewriteCond %{REQUEST_FILENAME}\.aspx -f
RewriteCond %{HTTP_HOST} ^mysite.com$ [NC]
RewriteRule ^/?(.*)$ mysite.com/$1 [R=301,L]
to:
RewriteRule ^(.*).aspx$ /$1 [R=301,L]
should work.