Image url being treated as a page request in yii2 - yii2

I am working on a project which is developed in Yii2. Today I came across a weird and funny issue of image url being treated as a page request.
When I try accessing image with url as https://www.websitename.com/images/image1.jpg, it shows me the image. And when I try accessing image with url as https://www.websitename.com/images/image1-lockdown.jpg then it shows 404 Error. On checking I found that internally the request was changed to "/site/images/image1.jpg". As we all know to access images no controller call is made.
Same issue was generated on local machine (Ubuntu 16.04). Just added "lockdown" into the name of image url.
I am using Yii2 Advanced Template. OS: For production CentOS and for development Ubuntu 16.04.
Note: I couldn't verify if the same issue exists for windows or not.
Kindly Help!
Edited: .htacess (root folder on production)
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule admin(.+)?$ /backend/web/$1 [L,PT]
RewriteRule gamer/(.+)?$ /gamer/web/$1 [L,PT]
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ /frontend/web/$1 [L]
</IfModule>
.htaccess (frontend/web on production)
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php

Related

Removing .html extension from URL

So I would like to be able to go to example.com/page.html from example.com/page (without the .html extension). I've been looking around and it seems to have something to do with the .htaccess file, but I have no idea how to actually configure the rule. Thanks for the help!
Update:
I've only really tried various suggestions I found online, for example:
RewriteCond %{THE_REQUEST} \s/+(.+?)\.html[\s?] [NC]
RewriteRule ^ /%1 [R=302,L,NE]
# To internally forward /dir/file to /dir/file.html
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{DOCUMENT_ROOT}/$1\.html -f [NC]
RewriteRule ^(.+?)/?$ /$1.html [L]
This probably is what you are looking for:
RewriteEngine on
RewriteCond %{REQUEST_URI} -f
RewriteRUle ^/?(.+)\.html$ /$1 [R=301]
RewriteCond %{REQUEST_URI} !-f
RewriteCond %{REQUEST_URI} !-d
RewriteCond %{REQUEST_URI}.html -f
RewriteRule ^/?(.+)/?$ /$1.html (END)
This rule will work likewise in the http servers host configuration or inside a dynamic configuration file (".htaccess" file). Obviously the rewriting module needs to be loaded inside the http server and enabled in the http host. In case you use a dynamic configuration file you need to take care that it's interpretation is enabled at all in the host configuration and that it is located in the host's DOCUMENT_ROOT folder.
And a general remark: you should always prefer to place such rules in the http servers host configuration instead of using dynamic configuration files (".htaccess"). Those dynamic configuration files add complexity, are often a cause of unexpected behavior, hard to debug and they really slow down the http server. They are only provided as a last option for situations where you do not have access to the real http servers host configuration (read: really cheap service providers) or for applications insisting on writing their own rules (which is an obvious security nightmare).
In case you get an "internal server error" (http status 500) using above rule set chances are that you operate a very old version of the apache http server. You will find a definite hint to an unsupported [END] flag in your http servers error log in that case. Either upgrade your http server to a more or less current version or try using the older [L] flag in that case, it should work the same, though that depends a bit on your setup.
URL example.com/page will be loading content from file /page.html
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_URI} !-f
RewriteCond %{REQUEST_URI} !-d
RewriteRule ^(.*)$ $1.html [L]

Web page is refressing again and again

I have google cloud storage hosting. I have made changes to google search console to where I have verified my domain name with www and without www so that my website will be available to access trough both. I have also tried to put redirect code in .htaccess file in cloud storage. After this changes when I am reloading my website it is automatically refreshing it self again and again?
Code written in .htaccess file is:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^turtlelabs\.co.in\
RewriteRule (.*) http://www.turtlelabs.co.in\ [R=301,L]
maybe this will help:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^turtlelabs.co.in\
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}\$1 [R=301,L]

ERR_TOO_MANY_REDIRECTS when loading images

A few weeks ago, my ISP installed an SSL certficiate on my website. To force all URL's (www and non-www, http and https) to the same URL (https://domain.com/), I used the following .htaccess code:
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteRule ^(.*)$ https://domain.com/$1 [L,R=301]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Now, this works just fine for redirecting URL's correctly. However, sometimes, images won't load correctly and spit out "Failed to load resource: net::ERR_TOO_MANY_REDIRECTS" in Chrome's console. Other browsers fail to load the images too.
A temp fix is to rename the images on my server and try to load them again. The error seems to be occurring at random. The images could have been loading correctly for days and then suddenly refuse being loaded at all.
Anyone have any idea why this could be happening?
Please try to this
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Also, you can also redirect based on port number, for example:
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

Moving From Development to Live Site breaks CSS

Using CodeIgnitor to manange this site I have configured the css in the following location:
{link rel="stylesheet" type="text/css" href="<? echo base_url();?>application/assets/css/public.css" />
Firebug shows me that the link points exactly where it should, unfortunately,
The problem is I keep getting 403 errors when it tries to load it.
my .htaccess file looks like this, and by the way, I don't really know what I'm looking at here:
RewriteEngine on
RewriteCond $1 !^(index\.php|images|robots\.txt|application/assets/js|application/assets/css|application/assets/images)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ./index.php/$1 [L,QSA]
RewriteCond $1 ^(images|js|css)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ./public/$1 [L,QSA]
How do I get this CSS to load?
Additional Info:
In that the assets folder there is also a js folder and an images folder and the favicon is NOT being pulled from that images folder either.
It sounds like the configuration on that folder and/or the server are refusing you access to read the file.
http://en.wikipedia.org/wiki/HTTP_403
Try navigating directly to the css file and you can easily confirm that you are getting a 403 error, if so it is to do with permissions.
Try accessing your development site remotely rather than from the same machine and you may see the same error there.

How to force http- NOT https using htaccess

I have ONE directory for my entire domain that I want to force https, which is "/docs". In the /docs folder, I have the following htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
This is forcing https to everything in the /docs directory, which is what I want it to do. The problem I am having is trying to force REMOVE https back to http for all other areas of my site. In the root folder of the site (which is running wordpress), I have the following htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
RewriteCond %{HTTPS} on
RewriteCond %{REQUEST_URI} !^/docs/?.*$
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [R=301,L]
Unfortunately, this is not working. I can still access other areas of my site over https.
What do I need to change to get this to work correctly?
Since the accepted answer doesn't actually answer the question, I figured I'd post my solution to this. Add this to your .htaccess file to force HTTP instead of HTTPS:
# BEGIN Force HTTP
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ http://yourdomain.com/$1 [R=301,L]
# END Force HTTP
Try the Force non-SSL plugin for wordpress.
The "WordPress Force HTTP" plugin was the only thing that worked for me. It changes https to http for not just the front page like most of the answers out there, but also changes https to http for all sub-directories in your website.
https://en-au.wordpress.org/plugins/wp-force-http/
Why do you need to revert back to http? If you have the proper SSL certificates you might as well keep your access secure. Unless you are concerned about the load on your system.
I know this is not answering the question, but I want to emphasize that the question is asking on how to do a bad practice, which shouldn't be done in the first place.