I have a HTML file that is full of IP addresses from a PHP script that logs all IP's of vistiots. The only thing is that I don't want people to be able to go to
https:// mydomain.us/ips.html to see all of the IP's logged. What are my options to hide this ONE file.
I read all of these things with a code you put in your .htaccess, but none of them worked!
All I need is a way to hide this HTML file!
Sorry if this a bad question also, I'm really new to all of this :P
PHP Script:
(Used to write to the HTML File)
http://pastebin.com/jKDHeArb
Final Output (ips.html)
http://imgur.com/VWPmuSt
I suggest you put this page in a folder, and protect it with a password. There are many examples here or on the Internet.
But like you do not really want to block the page, but just to hide, You can do this by adding a code at the end of link. With this root .htaccess:
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{QUERY_STRING} !^c=pass$ [NC]
RewriteRule ^ips\.html$ - [NC,F,L]
After it's possible to visit the page only with the following https link:
https:// mydomain.us/ips.html?c=pass
You can do the same in the php code.
you can add this to either an .htaccess or your Vhost
<Files ~ "ips.html">
Order allow,deny
Deny from all
</Files>
Related
I want to access the image folder which is located in (e.g "example.com/images/one.jpg").
I have created the subdomain named (e.g "subdomain.example.com").
Both domain folders are in same public_html.
How i can authoize my subdomain, which can access files using htaccess rules or anything else. i tired this "../../" before file name, but not working.
Note: i dont want to put a whole path to access the files from root domain, such as https://......
Thanks
Browsers deal in URLs, not the paths on your filesystem.
It sounds like you have configured your server so that the images are only available on example.com and are not available on subdomain.example.com.
You therefore need to tell the browser to access the images from the other hostname.
src="//example.com/images/one.jpg"
If you have a domain.com and sub.domain.com, these are two completely different paths. You cannot get data from each other using reference as path like '../images/foo.png'.
In this case, you have to put all the path https://www.sub.domain.com/images/foo.png. This is the same way you need to do when uses a subdomain as resource in order to decrease the number of request in your website for images and sources in general.
I did a little bit of server configuration in the .htaccess file. I write the rule that no image can be publicly accessible. but I want to authorize my subdomain which can access the image URL.
:
Note: both domains are in the same public_html directory
You would seem to require an exception for the subdomain and block other hostnames?
It's a bit of a guess how you are currently doing this - either with mod_authz_core and a <FilesMatch> container perhaps? Or using mod_rewrite? Or an Apache <If> expression??
You could do something like the following using mod_rewrite, near the top of the root .htaccess file to block access to all images, except when accessed via the subdomain.
RewriteEngine On
# Block (403 Forbidden) all image requests unless accessed through the subdomain
RewriteCond %{HTTP_HOST} !^subdomain\.example\.com
RewriteRule \.(jpe?g|png|webp|gif)$ - [F]
Now, a request of the form https://example.com/images/one.jpg will be blocked, but https://subdomain.example.com/images/one.jpg will be accessible.
i dont want to put a whole path to access the files from root domain
But you will need to use an absolute (or protocol-relative) URL to access the files from the subdomain.
UPDATE:
Current rules in my parent domain "example.com"
RewriteCond %{HTTP_REFERER} !^https://example.com/ [NC]
RewriteRule \.(gif|jpg|jpeg|png|mp4|mov|mkv|flv|svg)$ - [F,L]
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Ah, so you've implemented a form of hotlink protection! In that case you would seem to just need to modify the first condition to allow requests from the subdomain as well. For example:
RewriteCond %{HTTP_REFERER} !^https://(subdomain\.)?example.com/
To allow requests from both example.com and subdomain.example.com. The NC flag should be omitted. All browsers will lowercase the hostname in the request.
No other rules are required to "allow" access. You do not need to use the absolute URL to access these resources - since that does not appear to be what you are blocking. You simply need to be able to access these resources from another host (ie. the subdomain).
In summary:
RewriteEngine On
# Hotlink protection
RewriteCond %{HTTP_REFERER} !^https://(subdomain\.)?example.com/
RewriteRule \.(gif|jpg|jpeg|png|mp4|mov|mkv|flv|svg)$ - [F]
# HTTP to HTTPS redirect
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
The L flag is not required with the F flag, since it is implied.
The ^(.*)$ is unnecessary since the backreference is not being used. Simply having ^ is sufficient and more efficient - to be successful for everything without having to actually match everything.
I'm a newby on using the .htaccess file for making changes on my website.
I want to change a URL automatically by adding the "www." at the begining of the domain name. To do so I enter the following code on the .htaccess file:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.arnaldpedros.com$ [NC]
RewriteRule ^(.*)$ http://www.arnaldpedros.com/$1 [L,R=301]
I see allover the web that this is the proper way to do it but when I type arnaldpedros.com in my browser it takes me to:
http://www.arnaldpedros.com/public_html/
Whis is a 404 Not Found page, with the message:
Not Found
The requested URL /public_html/ was not found on this server.
What I want to do is to type arnaldpedros.com and to automatically go to www.arnaldpedros.com.
It's driving me crazy cause the same happens on many websites I mange.
Any help please?
Today I tried to write a .htaccess file for first time in order to remove .html extension from url bar along with some other things that I wanted to do. Since I was unfamiliar with all this I read several articles before coding.
I ended up with the following code. I also removed .html from all links. The problem is that when visiting my domain I get the following error.
//The resource you are looking for has been removed,
//had its name changed, or is temporarily unavailable.
Is my code correct?
UPDATED .htaccess
//Rewrite to www
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
//Remove .html UNTIL NOW THIS IS THE ONLY PART
//OF THE CODE THAT ACTUALLY WORKS.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
//Caching schema
<FilesMatch "\.(jpg|png)$">
Header set Cache-Control "private, max-age=160704000"
</FilesMatch>
//Prevent viewing of .htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>
In a separate .htaccess
//Prevent directory listings
Options All -Indexes
MAIN ERRORS
If I click on link like:
Home
Then I get the same error.
Thank you all in advance.
This is native in Apache without using mod_rewrite by using MultiViews option.
Documentation states:
The effect of MultiViews is as follows: if the server receives a request for /some/dir/foo, if /some/dir has MultiViews enabled, and /some/dir/foo does not exist, then the server reads the directory looking for files named foo.*, and effectively fakes up a type map which names all those files, assigning them the same media types and content-encodings it would have if the client had asked for one of them by name. It then chooses the best match to the client's requirements.
I finally managed to resolve a part of the problem. For starters I changed my server from windows to linux.
Then to remove html extension I used this code in .htaccess (the other codes didn't work well, giving me an error message)
//Remove .html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
I also removed any .html instances from all links.
Now it works like a charm.
I am struggling to get my head around an htaccess rule to redirect requests for an html file to go to a custom post. I have looked on here and in other places and nearly got there.
I want to redirect ONLY mydomain.com/profiles/.html to mydomain.com/name_profile/
So mydomain.com/profiles/smith.html to mydomain.com/name_profiles/smith. There are some 900 html files to be redirected and they are all contained in this directory. Other html files in the domain I need to leave correctly associated.
I currently have
RedirectMatch 301 ^/([^/]+)/([^/.]+)\.html$ /$1/$2/
RedirectMatch 301 ^/([^/]+)/([^/]+)/([^/.]+)\.html$ /$1/$2/$3/
But this redirects all html pages not just the ones in the profiles directory.
I am new at htaccess and have found several tutorials but none at a level I can understand, so any help is most welcome.
Place this rule just below RewriteEngine On line:
RewriteRule ^profiles/([^.]+)\.html$ /name_profiles/$1 [L,NC,R=301]
Use this rule:
RewriteEngine On
RewriteRule ^profiles/([^.]+)\.html/? name_profiles/$1 [DPI,L,R]
Or better, remove your RewriteMatch rules and replace with this:
RewriteEngine On
RewriteRule ^([^/]+)/([^/.]+)\.html/? $1/$2 [DPI,L,R]
RewriteRule ^([^/]+)/([^/]+)/([^/.]+)\.html/? $1/$2/$3 [DPI,L,R]
This assumes that mod_rewrite is both installed and activated for htaccess files.
If you are not sure, to check if mod_rewrite is installed, look at the list of installed modules in the output of phpinfo();
By default, mod_rewrite is not enabled for htaccess files. If you are managing your own server, open httpd.conf
and make sure that the webroot directory block contains one of these lines: AllowOverride FileInfo or AllowOverride All
Hi I don't know much about htaccess and can't understand how the codes work.
Can someone help me do this
www.site.com/forums/index.php?/cp/3-welcome/
will only change the text itself to
www.site.com/forums/welcome
Not redirect it.
You will first want to ensure rewrite rules are enabled. You can do this through your .htaccess file using code similar to:
<Directory /var/www/website/html>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/images/
RewriteRule ... ...
RewriteRule
</Directory>
Once that is done then you should be able to run your RewriteCond command so that it will successfully redirect as the rewrite engine will be enabled.
Your redirect within the .htaccess file should look something like:
RewriteRule ^http://([^/]*)/forums/welcome(\d+)/(.*)$
http://$1/index.php?/cp/3-welcome/
Of course you may need to update/edit this as required for your specific needs, but this should at least give you a general idea.