I have two website on an Ubuntu/Apache server.
One is in directory
/var/www/html/dir1
and is configured as virtual server in apache with FollowSymlink option activated. Replies to
http://example.com
The second is a webpage index.html in
/var/www/html/dir2
To obtain a simple way to link the second page to url
http://example.com/dir2
I made a soft link inside /var/www/html/dir1 to /var/www/html/dir2 named dir1 and all went ok.
Visiting
http://example.com/dir2/
lead to the page index.html in /var/www/html/dir2.
So far so good.
Though, visiting
http://example.com/dir2
(note the lack of the trailing slash)
cause the redirect to
http://example.com:8080/dir2/
Why in this case the port gets added? How can I easily remove it?
EDIT: I need to remove the port because from index.html some post request is made and the :8080 part is causing me some cors problems.
EDIT: Virtual Host conf
<VirtualHost *:8080>
DocumentRoot "/var/www/dir1/drupal"
ErrorLog /var/log/apache2/dir1-error.log
CustomLog /var/log/apache2/dir1-access.log combined
<Directory "/var/www/dir1/drupal/">
Options ExecCGI FollowSymLinks
AllowOverride all
Allow from all
Order allow,deny
</Directory>
</VirtualHost>
htaccess in dir1
#
# Apache/PHP/Drupal settings:
#
# Protect files and directories from prying eyes.
<FilesMatch "/fb/|/phpMyAdmin/|\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny
</FilesMatch>
# Don't show directory listings for URLs which map to a directory.
Options -Indexes
# Follow symbolic links in this directory.
Options +FollowSymLinks
# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
# Set the default handler.
DirectoryIndex index.php index.html index.htm
# Override PHP settings that cannot be changed at runtime. See
# sites/default/default.settings.php and drupal_initialize_variables() in
# includes/bootstrap.inc for settings that can be changed at runtime.
# PHP 5, Apache 1 and 2.
<IfModule mod_php5.c>
php_flag magic_quotes_gpc off
php_flag magic_quotes_sybase off
php_flag register_globals off
php_flag session.auto_start off
php_value mbstring.http_input pass
php_value mbstring.http_output pass
php_flag mbstring.encoding_translation off
php_value upload_max_filesize 100M
php_value post_max_size 100M
</IfModule>
# Requires mod_expires to be enabled.
<IfModule mod_expires.c>
# Enable expirations.
ExpiresActive On
# Cache all files for 2 weeks after access (A).
ExpiresDefault A1209600
<FilesMatch \.php$>
ExpiresActive Off
</FilesMatch>
</IfModule>
# Various rewrite rules.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule "(^|/)\." - [F]
RewriteRule ^js\/(.*)$ /sites/all/modules/ets/jslib/$1 [L]
RewriteRule (.*)jslib\/\d+\/(.*)$ $1jslib/$2 [L,QSA]
RewriteRule (.*)experiments\/\d+\/(.*)$ $1experiments/$2 [L,QSA]
RewriteRule (.*)exp_packages\/\d+\/(.*)$ $1exp_packages/$2 [L,QSA]
# Pass all requests not referring directly to files in the filesystem to
# index.php. Clean URLs are handled in drupal_environment_initialize().
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^ index.php [L]
# Rules to correctly serve gzip compressed CSS and JS files.
# Requires both mod_rewrite and mod_headers to be enabled.
<IfModule mod_headers.c>
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
Add this rule just below RewriteEngine On line:
# add a trailing slash to directories
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule [^/]$ %{REQUEST_URI}/ [L,NE,R=301]
and retest in a new browser or completely clear browser cache.
Related
I have important config.json file, contains important data (like database username, password, etc...) and I'm protecting it using htaccess.
Can anyone access this file using any method (like hacking or anything like that)?
Full htaccess code:
<IfModule mod_rewrite.c>
DirectoryIndex index.php index.html
RewriteEngine On
# RewriteBase /
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)$ index.php [QSA,L]
Options -Indexes
# protect files
<FilesMatch "\.(sql|data|conf|dat|json|inf|info)$">
Order allow,deny
Deny from all
</FilesMatch>
</IfModule>
** Related Info: The server I'm using is apache with PHP code. Also my files is in a shared hosting company. **
I am deploying my first yii2 api on Digital ocean with ubuntu 16.04. I receive a 404 not found response for all request i make to the API. This same API works fine locally without any issues.
I have setup LAMPP and link up my DB to my API,
I have installed an SSL Certificate to the domain and it works great.
When i host the API as follows;
/var/www/html/myfolder/api/....
no request works on this API eg
https://example.com/myfolder/api/web/v1/beforeauths/trending
I have a .htaccess inside .../api/web with the following rules
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php
I also have an .htaccess inside ../api folder with the following containg
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} !^public
RewriteRule ^(.*)$ web/$1 [L]
</IfModule>
# Deny accessing below extensions
<Files ~ "(.json|.lock|.git)">
Order allow,deny
Deny from all
</Files>
# Deny accessing dot files
RewriteRule (^\.|/\.) - [F]
I do not know what I have miss out surely in my configurations. Any help on this will be great
I did sudo vi /etc/httpd/conf/httpd.conf
then I added the this rule
<Directory /var/www/html>
. . .
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
. . .
</Directory>
Restarted apache as
sudo service apache2 reload
I've just begun learning CSS and HTML.
I bought a domain from HostGator to upload my tiny website.
I used CyberDuck to upload all of my things.
Then I found out about a thing called .htacces which I did not have in the WWW folder and I've tried "making" one.
Then I tested the site using Nibbler and it keeps saying "There is duplicate content" and that I should do this: "Choose one domain that you would like to use and then set a permanent (HTTP 301) redirect to forward users who visit the other."
I found a lot of REWRITES AND REDIRECTS but I could not to make any of them work.
What do I need to write to not have a "duplicate" site (or to solve the Canonical Website Address (This is how it's called I think)) ???
Let's say my site name is: http://www.FirstSite.net and I want all "FirstSite" searches to go to https://FirstSite.net or FirstSite.net but still being a https.
I wrote https with an s because I want to make the site secure (if that is even possible).
I've been modifying the .htacces from gator's cPanel and I am using Google Chrome.
Thank you for reading this manuscript !
This is all that I've copy-paste into it (I forgot what those without a # do (the last 2 paragraphs)) :
# MAIN DEFAULTS
Options +ExecCGI -Indexes
DirectoryIndex index.html
DefaultLanguage en-US
AddDefaultCharset UTF-8
ServerSignature Off
# compress text, HTML, JavaScript, CSS, and XML
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
# remove browser bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
#HTACCES Security
<Files ~ “^.*\.([Hh][Tt][Aa])”>
order allow,deny
deny from all
satisfy all
</Files>
# 1 WEEK 1 DAY
<filesMatch “.(jpg|jpeg|png|gif|swf|ico)$”>
Header set Cache-Control “max-age=691200, public”
</filesMatch>
# 1 WEEK 1 DAY
<filesMatch “.(xml|txt|js)$”>
Header set Cache-Control “max-age=691200, proxy-revalidate”
</filesMatch>
# 1 WEEK 1 DAY
<filesMatch “.(html|htm|css|php)$”>
Header set Cache-Control “max-age=691200, private, proxy-revalidate”
</filesMatch>
Options +SymLinksIfOwnerMatch
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
</IfModule>
To make your website secure you must have a valid SSL certificate. It's not just putting s with http
If you already have one installed with your domain. You can use the code below for you domain address to force SSL(redirect).
RewriteCond %{HTTP_HOST} firstsite\.net [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.firstsite.net/$1 [R,L]
To resolve the canonical or duplicate website issue, please use
# Fix the non-www to www canonicalization issue:
RewriteCond %{HTTP_HOST}^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
# Fix the canonical issue vecause of index files
RewriteCond %{REQUEST_URI} ^(.*)//(.*)$
RewriteRule . http://www.firstsite.net%1/%2 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(([^/]+/)*)index\.html\ HTTP/
RewriteRule index\.html$ http://www.firstsite.net/%1 [R=301,L]\
Change firstsite.net with your domain name and the name and extension of the index file based on your server settings.
If Using ngnix Server Redirect www to non-www
Strip www from url with nginx redirect
server {
listen 80;
server_name www.example.com;
return 301 http://example.org$request_uri;
}
server {
listen 80;
server_name example.com;
...
#The rest of your configuration goes here#
}
So you need to have TWO server codes.
I have a wordpress installation locatet at /root/website/ and a seperate, non-wordpress subpage at /root/website/subpage/ so I can simply access it by www.domain.com/subpage
I want to have the subpage protected with a htaccess file but I always get a internal server error (500) after entering the login details.
Isn't it possible to have two htaccess files or do I have to edit the Wordpress htaccess file to protect the subpage directory?
My Worpress installation has a htaccess in it's root directory containing:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Then I have the following htaccess in my subpage directory:
AuthType Basic
AuthName "NameHere"
AuthUserFile /root/website/subpage/.htpasswd
Require valid-user
And of course I have set up a htpasswd file using a generator online.
Add to .htaccess file in public_html or publicDirectory:
You can set what directory do you want allowed, with example from below:
<Directory /root/website>
# All access controls and authentication are disabled
# in this directory
Satisfy Any
Allow from all
</Directory>
<Directory /root/website/subpage>
AuthType Basic
AuthName "NameHere"
AuthUserFile /root/website/subpage/.htpasswd
Require valid-user
</Directory>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I have a site I'm making with purely static html pages and I'd like to not have the .html extension on the webpages. I've read dozens of links with different ways to edit the .htaccess file to rewrite urls without the extension, but with no luck.
The strange thing is, I had the .htaccess file on my other site (bradleyoesch.com) and I can access pages without .html at the end (e.g. bradleyoesch.com/projects). However, I deleted the .htaccess file on that site and it still works (bradleyoesch.com currently has no .htaccess file), suggesting to me that I did something else two years ago to get it to work, or I need to restart something to pick up the changes (I've restarted apache on both servers with sudo service apache2 restart).
What am I missing or forgetting to do, or otherwise why would my .htaccess changes not work? My current .htaccess file contents are below.
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
Ok here's what finally worked. There were some edits to apache2 files I needed to do to get everything to work together. This assumes you're running apache2 version 2+ on your server with some form of linux.
Edit /etc/apache2/sites-available/000-default.conf to have the following lines, just append them to the end (I put them after this line: # vim: syntax=apache ts=4 sw=4 sts=4 sr noet).
<Directory /var/www>
Options Indexes FollowSymLinks Multiviews
AllowOverride All
Order allow,deny
allow from all
</Directory>
Create or edit the .htaccess file in your root html directory (mine is /var/www/html and note the similar directory path above) with the following lines:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
When you make any changes to an apache2 conf file, you have to restart apache2, and if you have not yet, you want to create some symlinks with a2enmod. Otherwise just restart apache2.
sudo a2enmod rewrite && sudo service apache2 restart
You do not need to restart anything when making changes to .htaccess. An easy way to check if it's loading .htaccess at all is to type gibberish in there to force a syntax error, then your pages will 500 error.
With rewrite rules you can use MultiViews to allow Apache to load pages with .html or .php extensions. Just use this line in your Apache config or site root .htaccess:
Options +MultiViews