Access htaccess of another website - html

How do I download an htaccess file from another website?
How do I view my own htaccess in my browser?
I have tried to go to www.website.com/.htaccess but no success for example.
I know that there is a command that can be added to the htaccess file to disable viewing but I'm talking about htaccess files that do not include this code.

By default, Apache config has
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*">
Require all denied
</Files>
So you can't, or you shouldn't be able to. It would be a security problem otherwise.

How do I download an htaccess file from another website?
That's not possible, .htaccess can contain sensitive information, that's why the default configuration prevents access to this file.
How do I view my own htaccess in my browser?
You can modify the server configuration (see how to configure apache to view hidden (.) files?) to unblock access to this file. But if you have access to this configuration, you probably have an access to the file, so you should be able to view it with another tool than your browser.

Related

How do I make a custom 'File not found(404, 500)[http error code]'for my website

I have seen some websites have their own File not found pages with their logos.
I want such a page for my website.
Please tell me how to make a such type of page that shows the user if the file is not found.
First of all you need an HTML or PHP file to show when the 404 is occurs. Let's do a simple HTML file like this:
<h2> 404 Not Found! </h2>
<pre> Seems like the resource you're looking for is not found </pre>
Let's call this file 404.html.
Now you have to configure your webserver to redirect the not found request to your new HTML document.
If you're using Apache:
You can do it in different ways, the most common and recommended would be using .htaccess file, which allows you to override Apache configuration of a virtual host. However, to be able to use the .htaccess file in your virtual hosts you need to add allowOverride all inside your apache configuration.
Example of apache config:
<Directory /path/to/your/project>
Options FollowSymLinks
AllowOverride All # This is the needed option
Order allow,deny
Allow from all
Require all granted
</Directory>
So now you're able to put a .htaccess file in your project, so just create it and put this inside:
ErrorDocument 404 /path/to/404.html/document
In case you're using Nginx:
You must add the error page inside the nginx configuration. Follow this guide in order to achieve it:
https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-to-use-custom-error-pages-on-ubuntu-14-04
if you are using Apache server
in your project folder
consider your project is in
/mySampleProject
create .htaccess file in /mySampleProject if you don't have one.
simply add this line in your .htaccess
ErrorDocument 404 /yourCustom404Template.html
I will suggest you, use a framework of whatever programming language you want to build this application. They have in-built custom arrangements for such requirement e.g.
if( file_not_found Logic ){
show 404_page
}

How to fix website internal navigation/ Joomla

I have a situation to which I cannot seem to have a fix for !
The thing is I'm hosting a website on localhost (LAMP).
The website is created using Joomla Framework. The home page loads successfully when I navigate to the website on the localhost.
As soon as I click on any navigation links, a 404 error is displayed.
eg. homepage URL -
http://localhost/PortalSources/
Nav link -
http://localhost/PortalSources/tools/safety-assessment-tool.html
As soon as I manually add 'index.php' to the nav link
http://localhost/PortalSources/index.php/tools/safety-assessment-tool.html
the link starts to work and page loads successfully.
What could possibly cause this behavior ? How do I fix it so that I don't have to manually type in for every page on the website ?
You can probably find your answer here: https://docs.joomla.org/Enabling_Search_Engine_Friendly_(SEF)_URLs
Verify .htaccess is Enabled
Check that your Apache config file allows .htaccess overrides. You must make sure overrides are enabled or the .htaccess file in your Joomla! root directory will be ignored or cause an error. In the section of your virtual host configuration file or in the main (httpd.conf) configuration file you must have something similar to the example below enabling overrides:
<Directory "/home/user/public_html">
AllowOverride All
</Directory>
<Directory "/path/to/htdocs">
AllowOverride All Options=[an option],[an option],...
</Directory>
There are other ways to test if .htaccess is enabled if you do not have access to your site's configuration files. Please refer to the .htaccess tutorial found on The Apache Software Foundation website for additional information.
Step by Step
These are step-by-step instructions. Please follow them in the order they are presented here. If a step fails, do not continue until you have solved the problem.
Rename the file "htaccess.txt" in your Joomla!'s base folder to ".htaccess".
This step may not be necessary. Open .htaccess in a text editor. Uncomment RewriteBase / (remove the first character, #). If Joomla is installed in its own folder, the enter the Joomla folder name after the backslash. e.g. RewriteBase /yourjoomlafolder.
Log on to your Back-end and open the Global Configuration.
Enable the Use Apache mod_rewrite/URL rewriting option and Save. This option uses the Apache mod_rewrite function to eliminate the "index.php" portion of the URL.
Check if your site works correctly. Your URLs should now look like:
http://www.example.com/the-­news/1­-latest-­news/1-­welcome-­to­-joomla
If this option causes errors, please see How to check if mod rewrite is enabled on your server.
If it is not enabled and you have access to the file apache/conf/httpd.conf, open that file and check if the line LoadModule rewrite_module modules/mod_rewrite.so is uncommented. If necessary, uncomment the line and restart the Apache web server.
If mod_rewrite cannot be enabled, leave this option off. It does not matter if you leave the .htaccess file renamed.
If you think this necessary, enable Add suffix to URLs and Save. This option adds .html to the end of URLs. There are different opinions on whether this is necessary or even useful. Search engines do not seem to care if your URLs end in .html or not.
Open the Plugin Manager and enable the System - SEF plugin. This plugin adds SEF support to links in your Joomla articles. It operates directly on the HTML and does not require a special tag.

LAMP - make directory accessible only to certain web pages

I am tinkering around with webpages on a LAMP server running Apache2 and was wondering if it was possible to make a directory accessible only to your web pages and not from outside?
Example scenario:
Directory to protect: dir1 containing images (jpg, png)
My own webpage: mypage.html that calls images from dir1
My website: www.myweb.com that contains both dir1 and mypage.html
Currently, files inside the website can be accessed via www.myweb.com/dir1/somefile.jpg or by calling mypage.html
I would like it to only be accessible by calling mypage.html
I have tried the following:
modifying .htaccess to disallow access of image types
<files "*.jpg">
deny from all
</files>
(doesn't work because mypage.html cannot access it either)
Modify apache2 conf file with:
<Directory /var/www/dir1>
AllowOverride None
<Limit GET POST OPTIONS>
Order deny,allow
Deny from all
</Limit>
</Directory>
(this actually semi-worked as it allowed me to write to directory but not read, maybe this can be modified to allow requests coming from internal web pages to go through?)
I guess to conclude, is there a way to get Apache2 to ONLY accept requests to access a directory if it is of a certain url of your choosing?
Thanks in advance.
So, I've decided that the approaches I've taken so far really don't cut it and found you could actually call a php function where
<img src='somefile.php?query=xxx' alt='pic'>
and where in the somefile.php I have that takes in img file name created from the query above.
echo file_get_contents($imgresource);
By serving the image from a php script and blocking this php script from being called without proper credentials, sessions, cookies and IP blocking, there is some security set.
So I guess it doesn't really answer the question in its entirety of blocking access only to some URLs but it works for the purpose of not being able to be accessed externally since I have buried the directory below (or above?) the web root directory where it can't be called from a url and only from internal script.

Only allow access of FIle From embed

So I am embedding a PDF file on my page:
<embed src="http://www.mywebsite.com/files/ebook.pdf" width="500" height="375">
Is there anyway to prevent any and all access to that file except for when it is being accessed via this embed?
Thanks!
More elegant way would be to prevent access to that file or better directory from .htaccess file and only allow locally. Then your php script will acss the file when you need it. You can also force download from php.
See this for php example.
And your .htaccess file will look like this and will reside in your restricted directory (where pdf is located):
#denies access to all but the allowed IP (presumably yours)
#all other users will be redirected to the ErrorDocument
ErrorDocument 403 http://www.example.com/your-login-page.php
Order deny,allow
Deny from all
Allow from 76.117.227.192
Last line is your IP address (server) or put simply Allow from localhost instead. If somebody else will try to access the directory or files in it, they will be redirected to ttp://www.example.com/your-login-page.php with status code 403 (access forbidden). Good Luck
you can use something can this from flashpaper from adobe http://www.adobe.com/products/flashpaper/ that way you can show your pdf files as flash embeddable but users cannot download it

Disable viewing directory tree via url

I bought a domain name and am trying to figure out how to configure it responsibly. I haven't set up an index.html file yet and I've noticed that if I hit my domain, I see my file directory tree and I can dive down to all the files within my browser. Is there a way that I can disable this? I am hosting it on Apache
If you are using IIS.
Right-click on your website, and choose Properties.
Select Home Directory tab.
Uncheck the Directory browsing.
You can try a few things:
create an empty file named index.html and upload it into the public_folder
create an .htaccess file with the following contents: Options -Indexes
If you have some kind of cpanel for your site, look for options to disable directory browsing.
Creating the index.html file is probably the easiest and most consistent way to go.
FYI, my .htaccess info came from techiecorner.com