Think I have domain.com that redirects into some.otherdomain.com.
I don't want to show exact url some.otherdomain.com to my sites visitors.
I need to mask my URL, so that it will look like domain.com
Any possible way? .htaccess / javascript?
The best way to hide your domain is to use a reverse proxy (apache, nginx, ...) and provide rewrite rules to it.
Assuming domain.com and some.otherdomain.com are on two physically different servers, and you can't change the DNS information for any of them, you'll need to install a reverse proxy on domain.com. You can use mod_proxy for this. The docs are at:
http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
The following information is what you need to pay attention to:
A reverse proxy, by contrast, appears to the client just like an
ordinary web server. No special configuration on the client is
necessary. The client makes ordinary requests for content in the
name-space of the reverse proxy. The reverse proxy then decides where
to send those requests, and returns the content as if it was itself
the origin.
There's an example of a reserve proxy in the docs, but you'll want something like this:
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://some.otherdomain.com/
ProxyPassReverse / http://some.otherdomain.com/
Basically, any request that domains in will be proxied over to some.otherdomain.com - The local web server will forward the request over, buffer the data from otherdomain.com, then write the same data back out as if it were local data. Hope this helps!
I always think the best way is doing such things via mod_rewrite (or similar) in the server configuration (Apache or whatever is used)
On the Apache webserver of domain.com you have to enable:
mod_proxy
mod_rewrite
.htaccess
Once these requirements are completed then put this code in your .htaccess under DOCUMENT_ROOT of domain.com:
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC]
RewriteRule ^ http://some.otherdomain.com%{REQUEST_URI} [L,P]
Important flag here is P (Proxy) which will basically make domain.com proxy all the requests to some.otherdomain.com without showing it in the browser. See here for more documentation on this flag: http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewriterule
The easier way would be to set up a page on domain.com with an iframe on it and set the source of the iframe to some.otherdomain.com. However, a user will be able to view source of the page and see that your iframe is pointing to some.otherdomain.com.
<iframe src="http://some.otherdomain.com/">...
The other option is to use a mod_rewrite in your .htaccess as shown in this thread.
Related
I need to direct my domain www.abc.com to www.xyz.com/folder/form/ and pass parameters to the form, but I need to mask the path so that when users go to www.xyz.com that's all they see along with any passed parameters in the url. Is the possible? How can I achieve this?
I do not own both domains. I own www.abc.com and the folder in www.xyz.com, but not the naked domain. The domains are on different servers.
I have tried the solution setting the DNS to *.abc.com and the CNAME to www and www.xyz.com. But, CNAME's do not allow pointing to a path. If I do a 301 or 302 forward the domain is not masked. What else can I do. I've been pouring over this for days.
Few ways to achieve url masking without using DNS setting.
On server level: Setting up reverse proxy.
If you are using apache, you can use the module named mod_proxy.
Once you have enabled the module, Add following to your .htaccess which is in your abc domain root.
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.example.com/folder/form/
ProxyPassReverse / http://www.example.com/folder/form/
Another way to achieve similar result would be, as follows which does pretty much same thing under the hood.
Options +FollowSymLinks -MultiViews
# Turn mod_rewrite on
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?abc\.com$ [NC]
RewriteRule ^ http://www.example.com/folder/form/%{REQUEST_URI} [L,P]
On language level: Using a scripting language like php and then pipe the data to and fro via. the second domain using curl. Kinda mix of 'man in the middle attack" and "phishing". But most importantly, it's pretty much possible.
Then we have other run of the mill solutions like using <iframe>. etc.
First Of all i want to tell that I am using XAMPP.
I have access to a folder in htdocs folder named mywebsite.
I want to wrote some sort of URL Masking Script in htaccess by which when every i visit localhost/mywebsite/index.php , content shown from another domain withour changing the URL.
I wrote below code yet but not able to do that.
RewriteEngine On
RewriteRule ^(.*)$ https://www.google.co.in/$1 [P]
It showing me
Server error!
The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
Kindly Clear me, Is it possible or not.
& if yes then how it will be.
If you have enabled the http servers proxy module as you confirmed in the comments to the question then you also need to enable the SSL proxy feature it offers. So I guess this is what you are looking for:
RewriteEngine On
SSLProxyEngine On
RewriteRule ^(.*)$ https://www.google.co.in/$1 [P]
If that external resource does not only consist of a single document, but has relative links, then you also need a reverse proxy, otherwise the client will break out of your proxy:
RewriteEngine On
SSLProxyEngine On
ProxyPass / https://www.google.co.in/
ProxyPassReverse / https://www.google.co.in/
However that is something you cannot do inside dynamic configuration files, you need to place such directives inside the http servers host configuration.
And a general hint: you should always prefer to place such rules inside the http servers (virtual) host configuration instead of using dynamic configuration files (.htaccess style files). Those files are notoriously error prone, hard to debug and they really slow down the server. They are only provided as a last option for situations where you do not have control over the host configuration (read: really cheap hosting service providers) or if you have an application that relies on writing its own rewrite rules (which is an obvious security nightmare).
With Apache and PHP, what's the best way to know it, and to force using HTTPS?
I searched in phpinFO() for $_SERVER variables and found nothing that could help.
Edit: thanks for answers and suggestions! I can't force it on server level because it's only for login page.
$_SERVER['HTTPS'] is non-empty if HTTPS was used. But you'd be better off doing the HTTPS enforcement at the webserver level, e.g.
<virtualhost example.com:80>
redirect permanent https://example.com
</virtualhost>
<virtualhost example.com:443>
blah blah blah
</virtualhost>
In an .htaccess file, add the following:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://YOUR_URL/$1 [R,L]
</IfModule>
Also, consider adding the HSTS HTTP header. This tells browsers to not even try to visit the HTTP version, and to go directly to HTTPS. This prevents a possible man-in-the middle attack, where your redirect could be intercepted.
(Provided the user has visited the site before, or your website is added to the builtin HSTS list.)
See http://dev.chromium.org/sts for how to get added to the builtin list, and an example of what the header looks like.
The only right answer is because you configured your server to behave that way.
If you don't know, with absolute confidence, by the time a request is sent to PHP whether it has been sent via HTTP or HTTPS then your system is not secure.
today im playing with domains with php,
example
www.wordpress.com is our main site
www.friend1.com is my new domain
www.friend2.com is my new domain
www.friend3.com is my new domain
to
www.friend1.com the same as www.wordpress.com/profile/friend1 ?
www.friend2.com the same as www.wordpress.com/profile/friend3 ?
www.friend3.com the same as www.wordpress.com/profile/friend2 ?
how do wordpress, etc do things like that? are they doing that in the server side ?
or there is a way doing stuff like that in php?
*edit
if you still dont get it,
heres a example. lets say you have a friend deviantart id at myfrienddeviantartid.devaintart.com and lets say you are the admin on deviantart. you want to make a addon service that your friend can park his own domain into deviantart.com.
This is traditionally done using mod_rewrite inside Apache's configuration. It remaps URLs.
For apache http server, it uses ProxyPassReverse directive from mod_proxy or directives from mod_rewrite
The directive ProxyPassReverse lets Apache adjust the URL in the
Location header on HTTP redirect responses. For instance this is
essential when Apache is used as a reverse proxy to avoid by-passing
the reverse proxy because of HTTP redirects on the backend servers
which stay behind the reverse proxy.
Suppose the local server has address http://wibble.org/; then
ProxyPass /mirror/foo/ http://foo.com/
ProxyPassReverse /mirror/foo/ http://foo.com/
will not only cause a local request for the
http://wibble.org/mirror/foo/bar to be internally converted into a
proxy request to http://foo.com/bar (the functionality ProxyPass
provides here). It also takes care of redirects the server foo.com
sends: when http://foo.com/bar is redirected by him to
http://foo.com/quux Apache adjusts this to
http://wibble.org/mirror/foo/quux before forwarding the HTTP redirect
response to the client.
For MS(R) IIS use Re-Write Module:
Easily replace Web application URLs to produce user and search engine >friendly results.
URL Rewrite permits Web administrators to easily replace the URLs >generated by a Web application in the response HTML with a more user friendly and search engine friendly equivalent. Links can be modified in the HTML markup generated by a Web application behind a reverse proxy. URL Rewrite makes things easier for outbound response content and headers rewriting with outbound rewrite rules that work with HTTP request and response headers and with IIS server variables.
Additionaly, you must make sure that subdomain is setup with DNS provider to pass all requests to main.
DNS Record Sample:
NAME TYPE VALUE
--------------------------------------------------
exampleXYZ.com. CNAME example.com.
example.com. A 192.0.2.23
Ref:
https://en.wikipedia.org/wiki/CNAME_record
http://www.akadia.com/services/apache_redirect.html
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
http://www.iis.net/downloads/microsoft/url-rewrite
Here's the deal. Basically I've got multiple domains, and I would like one of the domains to point to the regular base of the site, but the other domains to point to a subsection of the site without modifying the url in the address bar. The idea is that each of the extra domains are branded for their section.
Example:
www.domain.com Top level of site
www.domain2.com points to www.domain.com/abc
www.domain3.com points to www.domain.com/def
etc.
Also note that in the example 'abc' and 'def' are not real directories on the filesystem, but are virtual areas defined in a database.
I've spent quite a bit of time looking around and couldn't find anything that fits this. I do not want to use domain cloaking because it uses frames. Regular redirects obviously are easy to point to the right thing, but they change the url in the address bar.
Is there any way to accomplish this?
Edit:
I've added the alias as Mark suggested below, but can anyone shed light on how I could then use mod_rewrite to make this work?
First, your DNS records need to point to the IP of the web server.
Second, you have to set up Apache to serve multiple domains from the same VirtualHost. Enable mod_alias and then use the ServerAlias directive in your VirtualHost definition. For example:
ServerName www.domain.com
ServerAlias domain.com www.domain2.com domain2.com www.domain3.com domain3.com
If you've done that correctly, you should see the exact same content at each domain, without any redirection.
What you do next is an architectural decision. You can use mod_rewrite to hard-code URL routing rules based on domain, or you can use PHP to do the routing, based on the value of $_SERVER['HTTP_HOST'].
A mod_rewrite solution might involve adding something like this to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} domain2\.com$
RewriteRule ^(.*)$ /abc/$1 [L]
RewriteCond %{HTTP_HOST} domain3\.com$
RewriteRule ^(.*)$ /def/$1 [L]
This is a high-level overview. Please comment on my answer if you need details on a particular part of the process.