www.webdeveloper.com
Results 1 to 14 of 14

Thread: URL rewrites

  1. #1
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131

    URL rewrites

    I have been bangin my head on this for a couple of months.

    I have been to the apache site on the subject of URL rewriting and read and read until I am nearly blind and I still havent a clue.

    The server I am on is an Apache 2 on a Linux install and it is a shared host.

    The host provide a widgit to put in to play .htaccess and .htpasswd files to restrict access to folders. The host also confirms that the particular Apache engine is the 2.0 engine.

    I want to take "ANY" request for .php and .db files in a folder called "data" to be rewritten to the site root so that the request serves up a new URL and the site loads.

    http://my.website.com/data/{adbname}.db

    where {adbname} is a random set of letters or numbers

    I have tried looking at the REQUEST_URI to match ^/data/ or ^/data/*.\.php as well as ^data/[a-z0-9]+\.db or a straight forward ^\.php and ^\.db look for the extentions and then redirect.

    Simply put, its still allowing download of the .db files stored in the folder. Something that I am trying to prevent.

    I have lost count of the number of sites that profess to help and TBH, as a beginner in theis URL rewriting game, help is very very thin on the ground, thes sites are either "baby talk" or "Uber geek" and no happy medium nor do any of the sites so far give any practical examples of real working .htaccess.

    Even trying examples, they are not working.

    I have asked the host several times now and I think that they are getting fed up of me asking them to check the config for the server.

    Any .htaccess & .htpasswd files written by the web host CGI program work fine. When I upload a file I have written... flat on its face.

    Can some one give me an example of what I need to be looking at?

  2. #2
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    Well this is completely retarded way of offering support to people, the "link" to the support forum does not go anywhere except the page I am currently viewing in FAQ's on the Apache site and trying to sign up to a mailing list for support... They don't have any support for .htaccess.

    How is someone supposed to get this stuff running if both avenues of support are fruitless?

    Seriously, can anyone see anything wrong with the following? Which I might add is taken right out of the Apachee site and modded for my needs.

    RewriteEngine On
    RewriteBase /data/
    RewriteCond %{REQUEST_URI} ^\.db [NC]
    RewriteRule ^(.*)$ ^/index.php [NC,L]

    the .htaccess which currently asks for a password login works fine, when I add this in its place, the access to the file is still allowed and it appears that it does not matter what I put, even forcing everything requested in to a index.php file within the same folder has no effect at all.

    Ideas?

  3. #3
    Join Date
    Sep 2004
    Posts
    398
    You want /directory/anything.db and /directory/anything.php to be rewritten to /?

    Try the following in a .htaccess file in /directory
    Code:
    Options +FollowSymLinks
    
    RewriteEngine On
    
    RewriteRule ^.+\.(db|php)$ / [QSA,L]
    Seriously, can anyone see anything wrong with the following? Which I might add is taken right out of the Apachee site and modded for my needs.

    RewriteEngine On
    RewriteBase /data/
    RewriteCond %{REQUEST_URI} ^\.db [NC]
    RewriteRule ^(.*)$ ^/index.php [NC,L]
    The %{REQUEST_URI} variable for the URL http://www.example.com/directory/fil...b&c=d#fragment would be "/directory/file.ext".
    ^ means "the beginning".
    ^\.db cannot match the REQUEST_URI because it means "begins with .db" and the REQUEST_URI always begins with a /.
    The substitution part of the RewriteRule (the second part) should not be a regular expressions (^/index.php should be /index.php).

  4. #4
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    Thanks for the input.

    All I am looking to do is to do this for one particular directory
    Code:
    RewriteEngine On
    RewriteRule ^.*$ / [R]
    and this will match any request for this particular directory and Rediredct to the site root.

  5. #5
    Join Date
    Sep 2004
    Posts
    398
    Is it working?

    You could use RedirectMatch in a .htaccess file in your document root
    Code:
    RedirectMatch 302 ^/directory(/.*)?$ /

  6. #6
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    Yep, thanks.

    I have a few rules I want to put in place. I installed a CMS tool for a friend to use and TBH the security is a bit lax and I want to beef it up a bit and force people in to using the correct URL.

    What the web stats are showing is that the URL for the edit page (which serves up the site as well) is being requested more than the site index page. the site is getting around 25,000 hits a month and I would like the requests to stop requesting the edit page URL and push them on to the site root.

    Would this force any request for admin.php that does not arrive on edit. subdomain get rewritten to the site root?
    Code:
    Options +FollowSymLinks
    RewriteEngin On
    RewriteCond %{HTTP_HOST} !^edit\.(.*) [NC,C]
    RewriteCond %{REQUEST_URI} ^admin.php [NC]
    RewriteRule ^edit\.$1 / [L]

  7. #7
    Join Date
    Sep 2004
    Posts
    398
    There are a few errors with what you have.

    %{REQUEST_URI} starts with a slash.
    C(hain) is not a RewriteCond flag.
    A RewriteRule matches a similar part of the URL to the value of REQUEST_URI. It does not include the HTTP_HOST (the (sub) domain name). In a .htaccess file it is the path relative to the directory that the .htaccess file is in. So if it's /abc/.htaccess and the URL is http://www.example.com/abc/def/ghi.jkl?mno=pqr the RewriteRule would match "def/ghi.jkl".

    Try
    Code:
    Options +FollowSymLinks
    
    RewriteEngin On
    
    RewriteCond %{HTTP_HOST} !^edit\.example\.com$ [NC]
    RewriteRule ^admin\.php$ http://www.example.com/? [R=301,L]

  8. #8
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    I stuffed this in my friends site root
    Code:
    Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^edit\. [NC]
    RewriteCond %{REQUEST_URI} ^/admin.php [NC]
    RewriteRule ^.*$ / [R]
    and it appears to work.

    if I go to http://edit.mydomain.tld/admin.php I get the admin page, if I go to http://mydomain.tld/admin.php I get pushed to http://mydomain.tld/

    Problem is, query string is appended if one exists and was wondering if a little trick is up your sleve to remove it.

    I tested login and it worked, the URL has ?do=login appended to the admin.php but if I edit out the URL and request http://mydomain.tld/admin.php?do=login I get pushed on to http://mydomain.tld/?do=login but its the index.php page

    I need to remove any query string for this part of a rule.

    Any ideas?

  9. #9
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    I just noticed some weird side effect as well, especially when logging out, the edit. portion of the URL remains, that needs to be removed.

    Any ideas as I tried testing for a URL that begins with edit. and does not conatain admin.php and to rewrite the hostname to http://mydomain.tld/ but it wasn't working and I have no idea why?
    Code:
    RewriteCond %{HTTP_HOST} ^edit\.(.*)/$ [NC]
    RewriteCond %{REQUEST_URI} !^/admin.php [NC]
    RewriteRule ^.*$ http://$1/ [R]

  10. #10
    Join Date
    Sep 2004
    Posts
    398
    I need to remove any query string for this part of a rule.
    Add a ? or an empty query string.

    I just noticed some weird side effect as well, especially when logging out, the edit. portion of the URL remains, that needs to be removed.
    $n from RewriteRules, %n from RewriteConds.

    Code:
    Options +FollowSymLinks
    
    RewriteEngine On
    
    RewriteCond %{HTTP_HOST} !^edit\.(example\.com)$ [NC]
    RewriteRule ^admin\.php$ http://%1/? [R=301,L]

  11. #11
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    OK, thanks, your help is appreciated.

    Not allot I can do ATM as my friend is on his site.

    L8rz.

  12. #12
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    OK, I have been playing around with this and the logic is sound but the results are problematic.

    Code:
    Options +FollowSymLinks
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^edit\. [NC]
    RewriteCond %{REQUEST_URI} ^/admin\.php [NC]
    RewriteRule ^.*$ / [R]
    RewriteCond %{HTTP_HOST} ^edit\. [NC]
    RewriteCond %{REQUEST_URI} !^/admin\.php [NC]
    RewriteRule ^.*$ / [R]
    But, this is giving the server a headache I think. The above rule is, when you look long and hard at it several things in a few lines. You poke these URL requests for example

    Request : http://edit.yourdomain.tld/admin.php
    Result : http://edit.yourdomain.tld/admin.php

    Request : http://yourdomain.tld/admin.php
    Result : http://yourdomain.tld/

    Request : http://edit.yourdomain.tld/
    Result : http://yourdomain.tld/

    Request : http://yourdomain.tld/anything/goes.php
    Result : http://yourdomain.tld/anything/goes.php

    Request : http://edit.yourdomain.tld/anything/goes.php
    Result : http://yourdomain.tld/anything/goes.php

    I am not getting the results I would expect. Links and other link dependent things fail like css & images fails to load as soon as you request the edit.yourdomain.tld/admin.php. Any suggestions on what to do about testing if the request is a real image regardless of the requesting URL?

    The idea behind the logic is looking for specific subdomain and admin page request, if either fail the match, the URL is to be left untouched.

    what have I forgot?

  13. #13
    Join Date
    Jan 2009
    Location
    Insanity
    Posts
    1,131
    Maybe:

    RewritRule .* - [L]

    at the end.

    I found an intresting site that gives good examples that are easily understood so I hope to have this nut cracked soon. Cheers for your help Scleppel, it was useful.

  14. #14
    Join Date
    Sep 2004
    Posts
    398
    Code:
    # If the request isn't for /admin.php (including CSS, images, JavaScript, etc.)
    RewriteCond %{REQUEST_URI} !^/admin\.php [NC]
    You could ignore existing files with
    Code:
    RewriteCond %{SCRIPT_FILENAME} !-f
    or all .css, .js, etc. files
    Code:
    RewriteCond %{REQUEST_URI} !^/.+\.(css|js|etc.)$ [NC]
    Code:
    Options +FollowSymLinks
    
    RewriteEngine On
    
    RewriteCond %{HTTP_HOST} !^edit\.exmaple\.com$ [NC]
    RewriteRule ^admin\.php$ http://www.exmaple.com/? [R=301,L]
    
    RewriteCond %{HTTP_HOST} ^edit\.exmaple\.com$ [NC]
    RewriteCond %{SCRIPT_FILENAME} !-f
    RewriteRule !^admin\.php$ http://www.exmaple.com/? [R=301,L]

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles