I am deploying my first yii2 api on Digital ocean with ubuntu 16.04. I receive a 404 not found response for all request i make to the API. This same API works fine locally without any issues.
I have setup LAMPP and link up my DB to my API,
I have installed an SSL Certificate to the domain and it works great.
When i host the API as follows;
/var/www/html/myfolder/api/....
no request works on this API eg
https://example.com/myfolder/api/web/v1/beforeauths/trending
I have a .htaccess inside .../api/web with the following rules
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
I also have an .htaccess inside ../api folder with the following containg
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
I do not know what I have miss out surely in my configurations. Any help on this will be great
I did sudo vi /etc/httpd/conf/httpd.conf
then I added the this rule
<Directory /var/www/html>
. . .
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
. . .
</Directory>
Restarted apache as
sudo service apache2 reload
Related
I have important config.json file, contains important data (like database username, password, etc...) and I'm protecting it using htaccess.
Can anyone access this file using any method (like hacking or anything like that)?
Full htaccess code:
<IfModule mod_rewrite.c>
DirectoryIndex index.php index.html
RewriteEngine On
# RewriteBase /
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)$ index.php [QSA,L]
Options -Indexes
# protect files
<FilesMatch "\.(sql|data|conf|dat|json|inf|info)$">
Order allow,deny
Deny from all
</FilesMatch>
</IfModule>
** Related Info: The server I'm using is apache with PHP code. Also my files is in a shared hosting company. **
I have multiple web application systems in the server and can be accessible through internet using 122.0.0.1 . I want to access one system only in localhost/network without internet connection using 192.0.0.0.
example:
122.0.0.0/abc
122.0.0.0/def
122.0.0.0/ghi
can access through internet. but i dont want to access
122.0.0.0/abc through internet. i want to access it using 196.0.0.0/abc online through LAN.
Is this possible? then how?
Thank you.
In your .htaccess file, you can add these lines to only allow specific ip addresses:
Order Deny,Allow
Deny from all
Allow from YourIPAdress
You could also use this method, include this in your .htaccess or virtual host config file:
Mentioned here: https://stackoverflow.com/a/23325758/1993548
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REMOTE_ADDR} xxx\.xxx\.xxx\.xxx [OR]
RewriteCond %{REMOTE_ADDR} xxx\.xxx\.xxx\.xxy [OR]
RewriteCond %{REMOTE_ADDR} xxx\.xxx\.xxx\.xxz
RewriteRule .* - [L] #do notthing
#if we are here, the IP is not in the allowed list, redirect
RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC]
RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif) [NC]
RewriteRule .* /maintenance.html [R=302,L]
</IfModule>
I have a wordpress installation locatet at /root/website/ and a seperate, non-wordpress subpage at /root/website/subpage/ so I can simply access it by www.domain.com/subpage
I want to have the subpage protected with a htaccess file but I always get a internal server error (500) after entering the login details.
Isn't it possible to have two htaccess files or do I have to edit the Wordpress htaccess file to protect the subpage directory?
My Worpress installation has a htaccess in it's root directory containing:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Then I have the following htaccess in my subpage directory:
AuthType Basic
AuthName "NameHere"
AuthUserFile /root/website/subpage/.htpasswd
Require valid-user
And of course I have set up a htpasswd file using a generator online.
Add to .htaccess file in public_html or publicDirectory:
You can set what directory do you want allowed, with example from below:
<Directory /root/website>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
<Directory /root/website/subpage>
AuthType Basic
AuthName "NameHere"
AuthUserFile /root/website/subpage/.htpasswd
Require valid-user
</Directory>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I have two website on an Ubuntu/Apache server.
One is in directory
/var/www/html/dir1
and is configured as virtual server in apache with FollowSymlink option activated. Replies to
http://example.com
The second is a webpage index.html in
/var/www/html/dir2
To obtain a simple way to link the second page to url
http://example.com/dir2
I made a soft link inside /var/www/html/dir1 to /var/www/html/dir2 named dir1 and all went ok.
Visiting
http://example.com/dir2/
lead to the page index.html in /var/www/html/dir2.
So far so good.
Though, visiting
http://example.com/dir2
(note the lack of the trailing slash)
cause the redirect to
http://example.com:8080/dir2/
Why in this case the port gets added? How can I easily remove it?
EDIT: I need to remove the port because from index.html some post request is made and the :8080 part is causing me some cors problems.
EDIT: Virtual Host conf
<VirtualHost *:8080>
DocumentRoot "/var/www/dir1/drupal"
ErrorLog /var/log/apache2/dir1-error.log
CustomLog /var/log/apache2/dir1-access.log combined
<Directory "/var/www/dir1/drupal/">
Options ExecCGI FollowSymLinks
AllowOverride all
Allow from all
Order allow,deny
</Directory>
</VirtualHost>
htaccess in dir1
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "/fb/|/phpMyAdmin/|\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_initialize_variables() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
php_value upload_max_filesize 100M
php_value post_max_size 100M
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule "(^|/)\." - [F]
RewriteRule ^js\/(.*)$ /sites/all/modules/ets/jslib/$1 [L]
RewriteRule (.*)jslib\/\d+\/(.*)$ $1jslib/$2 [L,QSA]
RewriteRule (.*)experiments\/\d+\/(.*)$ $1experiments/$2 [L,QSA]
RewriteRule (.*)exp_packages\/\d+\/(.*)$ $1exp_packages/$2 [L,QSA]
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
Add this rule just below RewriteEngine On line:
# add a trailing slash to directories
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule [^/]$ %{REQUEST_URI}/ [L,NE,R=301]
and retest in a new browser or completely clear browser cache.
I installed wordpress in an OpenShift free small gear. Excited and trying things out. so my installation can be reached at wpapp-wpapp.rhcloud.com and it works fine. I added another alias there such as mydomain.com (no www in front). Now in my DNS I have my # host name pointing to wpapp-wpapp.rhcloud.com as CNAME and www host name is pointing to mydomain.com (no www in front) as URL Redirect since I want www.mydomain.com to go to mydomain.com. All this is working fine.
The question is when I place in address bar wpapp-wpapp.rhcloud.com it still goes to wpapp-wpapp.rhcloud.com. Can I make wpapp-wpapp.rhcloud.com go to mydomain.com. Is this even possible?
Thank you.
You can do this via .htaccess.
Edit .openshift/config/.htaccess, adding the block starting with "Redirect any host that is...":
RewriteEngine on
# Uncomment the following lines to force HTTPS
#RewriteCond %{HTTP:X-Forwarded-Proto} !https
#RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Redirect any host that is not example.com to example.com
RewriteCond %{HTTP_HOST} !^example\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://example.com/$1 [L,R]
# WordPress Defaults
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
See the Apache URL Rewriting Guide for more info on .htaccess re-writes.