homepage Welcome to WebmasterWorld Guest from 54.196.197.153
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

This 40 message thread spans 2 pages: 40 ( [1] 2 > >     
Rewrite to remove directory from URL
dlwilson007




msg:4200033
 3:10 pm on Sep 10, 2010 (gmt 0)

I am attempting to remove the directory where my web site is located from the URL. But I also need to validate my .htaccess setup.

I have an .htaccess file at the root with the following content (removed "http:" so it would display the URL):



Redirect permanent /index.html www.riococokids.com/joomla/



The site is under the joomla directory, but I want the URL to read as follows: www.riococokids.com/

I also have an .htaccess file in the joomla directory with the following content:



##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license [gnu.org...] GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

RewriteBase /joomla

########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section



The above .htaccess comes directly from the Joomla installation and provides the basic security and SEF needed to run the site.

So I have a couple of questions.

  1. Is it valid to be running two .htaccess files, one at the root doing the redirect, and the second in the Joomla folder providing the security and SEF?
  2. How do I write the rewrite rule to remove "joomla" from the url?
  3. Where would I put the rule as I seem to remember in the past that order matters?

I know bits and pieces of my problem have answers out in the forums, but I can't seem to gather enough info to make a complete answer, so I have been spinning in circles trying to solve this problem, and it seems like it should have a fairly simple solution.

Thanks for any help!

 

g1smd




msg:4200312
 10:17 pm on Sep 10, 2010 (gmt 0)

You "remove" something from a URL, by no longer including that "thing" within the links on the pages of your site.

You then compose a rewrite rule that connects requests for the correct URL with the actual place inside the server where the content actually resides.

There have been many threads with similar questions to this in the last few days; there's much prior discussion.

Finally, you add a redirect so that if someone or something asks for the old URL, they are redirected to the new URL, and will have to make a separate HTTP request for that new URL.

dlwilson007




msg:4200384
 4:05 am on Sep 11, 2010 (gmt 0)

Thanks for responding.

I'm not sure I follow. If "removing" something from my URL means I need to remove the joomla directory and move the contents to the root, then that would defeat part of my purpose. But maybe I'm not understanding.

The rewrite rule to connect requests to the correct URL to the actual content...that makes sense, although there I'm having some syntax issues due to my lack of skills...thus the start of this thread.

And the final redirect...I'm hoping there would not be a redirect as there has and will be only one request at the root (it may help to say this site is not live yet...I'm the only one that has access to it right now).

Isn't there a way to remove the directory name ("joomla") from the URL on a request, but then add it back in the rewrite rule. So for the user, all they see is the root with anything that comes after the directory name?

I admit my ignorance and appreciate any patience!

Also, as I said in my first post, I realize there are bits and pieces of my question in different threads, but it all seems very scattered. If you can direct me to a similar thread, I'd be happy to keep reading somewhere else.

jdMorgan




msg:4200521
 3:10 pm on Sep 11, 2010 (gmt 0)

Three steps:
1) Modify Joomla's configuration so that it publishes links on your site's pages to example.com/page, and not to example.com/joomla/page
2) Use a rewriterule to 'forward' requests for the URL example.com/page to the server filepath /joomla/page
3) Add a rule to redirect *only* direct client requests for the URL example.com/joomla/page to the URL example.com/page

Note the distinction here between URLs used only "out on the Web" and filepaths, used only "here inside this server." This distinction is critical to understanding rewrites and redirects -- and to preserving your sanity while thinking about them... :)

The "redirect permanent" in your top-level .htaccess file is damaging to you goals here, and must be replaced by either an internal rewrite (as mentioned in step 1 above) or by the use of mod_dir's DirectoryIndex directive -- see mod_dir documentation at Apache.org.

Jim

dlwilson007




msg:4200584
 6:11 pm on Sep 11, 2010 (gmt 0)

Thanks Jim!

I believe that you were saying something similar to what g1smd was saying, although your explanation helped me (no offense g1smd).

So the solution turned out to be pretty simple, and the key was getting the Joomla configuration correct. Joomla has a configuration.php file where a live site is set, and I had it set to the joomla directory instead of the root. After changing it to the root, then all I needed in my htaccess was the following to make it work:

RewriteCond %{REQUEST_URI} !^/joomla/
RewriteRule ^(.*)$ /joomla/$1

Could be wrong, but it looks like this takes care of the 'forward' requests that you mentioned in #2 of your response.

I haven't fully tested this yet, but the request to www.riococokids.com works properly. I'll have to test the individual pages to make sure nothing is broken down the line.

For anyone else searching for the same issue, I'll post my final htaccess that I now have at the root:


##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license [gnu.org...] GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#mod_rewrite in use

RewriteEngine On

# Rule for directing all to www : [domain.com...] vs domain.com
RewriteCond %{HTTP_HOST} ^riococokids.com [NC]
RewriteRule (.*) [riococokids.com...] [R=301,L,NC]

RewriteCond %{REQUEST_URI} !^/joomla/
RewriteRule ^(.*)$ /joomla/$1

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

RewriteBase /

########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section

dlwilson007




msg:4200586
 6:17 pm on Sep 11, 2010 (gmt 0)

Ok...did some quick testing...this takes care of the root only. The other links on the site are now broken. But at least there is progress. I'll welcome suggestions, but I'll be researching as well.

dlwilson007




msg:4200597
 6:50 pm on Sep 11, 2010 (gmt 0)

I finally found an article that addresses my situation, although my SEF links are broken...but I think that is a Joomla issue. Here is the article in case anyone else is looking:

[drichproductions.com...]

I appreciate the help!

jdMorgan




msg:4200679
 1:10 am on Sep 12, 2010 (gmt 0)

Rather than trying to use a separate rule to rewrite to /joomla, you should instead incorporate that additional path into the already-existing rewrites to joomla.

Try that, and if it helps with your current issues, we can then discuss some other needed improvements...

Jim

dlwilson007




msg:4200714
 6:14 am on Sep 12, 2010 (gmt 0)

Hey Jim,

Well, still not sure I understand, but the htaccess I have currently is working without any problems (that I know of). I have additional security added but commented out (because I couldn't get it working) but everything else is working.

If you see improvements, I'm all for it!

Here is what I have:

##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license [gnu.org...] GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#

## Deny access to extension xml files
<Files ~ "\.xml$">
Order allow,deny
Deny from all
Satisfy all
</Files>
## End of deny access to extension xml files

## Deny access to files with specified extensions
#<FilesMatch "^(exe||tif|ai|html)\.*$">
#Order deny,allow
#Deny from all
#Satisfy all
#</FilesMatch>
## End of deny access to files with specified extensions

## Restrict access to administrator page
#<Files administrator>
#Order deny,allow
#Deny from all
#AuthName "htaccess password prompt"
#AuthType Basic
#AuthUserFile /home/restrictions/.htpasswd
#Require valid-user
#</Files>
## End of restrict access to administrator page

RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

RewriteBase /

# Add trailing slash if path does not contain a period or end with a slash
RewriteCond %{REQUEST_URI} !(\.|/$)
RewriteRule (.*) [riococokids.com...] [R=301,L]

# Change [yoursite.com...] to [yoursite.com...] (Optional)
RewriteCond %{HTTP_HOST} ^riococokids.com$
RewriteRule ^/?(.*)$ [riococokids.com...] [R=301,L]

# Rewrites [yoursite.com...] to [yoursite.com...]
RewriteCond %{REQUEST_URI} !^/joomla
RewriteRule ^(.*)$ joomla/$1 [L]

########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section

jdMorgan




msg:4201227
 4:45 pm on Sep 13, 2010 (gmt 0)

This code is clearly copyrighted, so I'm sorry but I cannot re-post it here to show the needed corrections.

If you think that this code is working, keep a close eye on your URLs as listed in search engines. Unfortunately, you will see that it is not "working" at all levels... Your rules are not in the correct order [webmasterworld.com], and this is going to cause trouble with the URLs listed in your search results.

It is quite inefficient as well, and I tend to say that inefficient code [webmasterworld.com] which is likely to force an early server upgrade is not really working properly.

Jim

dlwilson007




msg:4201252
 5:14 pm on Sep 13, 2010 (gmt 0)

That's was the main thing I was afraid of, the ordering. And since the code is copywrited, then maybe it will help (maybe not) for me to extract what I custom added to the htaccess that is definitely not a part of their copyright. If the order of the items below are the ones in question, then we should be good. If the order of the copyrighted text is in question, then I need to get on Joomla support and see if they will do an htaccess review (as this is the standard out of the box recommended htaccess they include in their installs).

Let me know if this helps (or doesn't).

_____________________________________

RewriteEngine On

## Deny access to files with specified extensions
#<FilesMatch "^(exe||tif|ai|html)\.*$">
#Order deny,allow
#Deny from all
#Satisfy all
#</FilesMatch>
## End of deny access to files with specified extensions

## Restrict access to administrator page
#<Files administrator>
#Order deny,allow
#Deny from all
#AuthName "htaccess password prompt"
#AuthType Basic
#AuthUserFile /home/restrictions/.htpasswd
#Require valid-user
#</Files>
## End of restrict access to administrator page

RewriteBase /

# Add trailing slash if path does not contain a period or end with a slash
RewriteCond %{REQUEST_URI} !(\.|/$)
RewriteRule (.*) [riococokids.com...] [R=301,L]

# Change [yoursite.com...] to [yoursite.com...] (Optional)
RewriteCond %{HTTP_HOST} ^riococokids.com$
RewriteRule ^/?(.*)$ [riococokids.com...] [R=301,L]

# Rewrites [yoursite.com...] to [yoursite.com...]
RewriteCond %{REQUEST_URI} !^/joomla
RewriteRule ^(.*)$ joomla/$1 [L]
_____________________________________

dlwilson007




msg:4201265
 5:27 pm on Sep 13, 2010 (gmt 0)

By the way, Jim, I failed to realize you posted links to relevant threads. So I am now reading those as well where you have provided some excellent documentation.

jdMorgan




msg:4201269
 5:31 pm on Sep 13, 2010 (gmt 0)

The thread about WP inefficiencies also applies directly to Joomla. So you can see my problem with posting the code...

Jim

dlwilson007




msg:4201276
 5:41 pm on Sep 13, 2010 (gmt 0)

Gotcha. I'll see if I can get the message to the joomla developers (of course, I'm sure they have heard it all before).

In my own code, I did find one problem you addressed in the other forum...the use of two external redirects. So my first job will be to remove one.

Since it is so common for people to want to use a 301 to force traffic to the www prefix, do you guys recommend alternatives?

dlwilson007




msg:4201281
 5:47 pm on Sep 13, 2010 (gmt 0)

Jim, if you (or anyone reading this post who knows htaccess) wants to contribute to the pre-configured htaccess discussion on the Joomla boards, you can do so here: [docs.joomla.org...]

g1smd




msg:4201301
 6:38 pm on Sep 13, 2010 (gmt 0)

Remove the trailing period from the end of the docs URL in order to find the correct page.

g1smd




msg:4201337
 7:36 pm on Sep 13, 2010 (gmt 0)

[webmasterworld.com...] also contains useful information.

dlwilson007




msg:4201349
 8:10 pm on Sep 13, 2010 (gmt 0)

Wow...the reorder of the SEF code in the link you provided is great. It's one thing to say performance doubles...but to see the page load that more quickly is great.

Thanks, g1smd! And thanks Jim for providing that rework! That should be posted on the Joomla docs site I mentioned above.

g1smd




msg:4201365
 8:38 pm on Sep 13, 2010 (gmt 0)

I posted it in their wiki, and then posted a tracker item and patch for this.

[joomlacode.org...]

[edited by: g1smd at 9:23 pm (utc) on Sep 13, 2010]

dlwilson007




msg:4201366
 8:39 pm on Sep 13, 2010 (gmt 0)

Hey Jim - g1smd is already contributing to the Joomla cause by submitting changes to the pre-configured htaccess (thanks g1smd). This is your chance to help erradicate the ".*" pattern you dislike! I found this funny quote from you:

"I'm on a crusade to banish the easy-to-understand, but very-greedy, ambiguous, and promiscuous(1) ".*" pattern from servers world-wide... ;) "

Not sure how easy it is to determine if the .* is absolutely necessary or not without knowing the goals, but maybe there's a chance for you to affect a very large number of Joomla installs! Not to mention any other "magic" you guys can provide.

dlwilson007




msg:4201374
 8:51 pm on Sep 13, 2010 (gmt 0)

Thanks g1smd! Extremely helpful!

dlwilson007




msg:4201387
 9:07 pm on Sep 13, 2010 (gmt 0)

Update: in case any Joomla users are reading this thread, I removed the redirect of domain.com to www.domain.com to get it out of the htaccess. Instead, I have a DNS redirect to handle it. I'm not sure if that is the right or best solution, but that's a discussion for another forum.

dlwilson007




msg:4201396
 9:25 pm on Sep 13, 2010 (gmt 0)

Another quick update: I just saw this post on the document site:

"All of the files are copyrighted but they are GPL so you are free to post them where ever you would like."

Jim...posting is ok...does the copyright prevent you from editing and reposting?

jdMorgan




msg:4201411
 10:08 pm on Sep 13, 2010 (gmt 0)

Please provide the exact link for the "free to post" quote that you cited. If included in the code itself, that would get us off the hook.

You can and should include the non-www to www hostname canonicalization redirect in your .htaccess. But it is quite important to put your rules in the precise order required.

Aside from the mod_rewrite syntax and regular expressions patterns, there are many additional complications to "getting it right." One must inspect the rules from the viewpoint of what server response headers will be returned under various conditions, and what effect the rules will have on search engine listings. There is far more to this than "just a few silly little lines of code..." :)

I believe I gave the example in one of the threads already cited here, but one example of a latent disaster is to put an internal rewrite (that is, a URL-to-filepath translation) ahead of an external redirect -- a URL-to-URL redirection. If a condition can occur that invoked both rules, the result will be that the previously-rewritten internal filepath (say a long, ugly search-engine-unfriendly URL with a query string appended) will be exposed to clients by the subsequent redirect and get indexed by search engines, despite the fact that the internal-rewrite rule's sole purpose was to enable the use of search-friendly URLs on the site...

Jim

dlwilson007




msg:4201422
 10:29 pm on Sep 13, 2010 (gmt 0)

Here is the link: [docs.joomla.org...]

And assuming this is sufficient, I'm going to post my new and improved htaccess file. I now only have one htaccess located in the root.

I removed the domain.com to www.domain.com 301, so I want to add that back in, but like you were saying...in the right order.

____________________________________


##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license [gnu.org...] GNU/GPL
# Joomla! is Free Software
##

#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#

## Deny access to extension xml files
<Files ~ "\.xml$">
Order allow,deny
Deny from all
Satisfy all
</Files>
## End of deny access to extension xml files

## Deny access to files with specified extensions
#<FilesMatch "^(exe||tif|ai|html)\.*$">
#Order deny,allow
#Deny from all
#Satisfy all
#</FilesMatch>
## End of deny access to files with specified extensions

## Restrict access to administrator page
#<Files administrator>
#Order deny,allow
#Deny from all
#AuthName "htaccess password prompt"
#AuthType Basic
#AuthUserFile /home/restrictions/.htpasswd
#Require valid-user
#</Files>
## End of restrict access to administrator page

RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F]
#
########## End - Rewrite rules to block out some common exploits

# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

RewriteBase /

# Add trailing slash if path does not contain a period or end with a slash
RewriteCond %{REQUEST_URI} !(\.|/$)
RewriteRule (.*) [riococokids.com...] [R=301,L]

# Rewrite [yoursite.com...] to [yoursite.com...]
RewriteCond %{REQUEST_URI} !^/joomla
RewriteRule ^(.*)$ joomla/$1 [L]

########## Begin Joomla! SEF Section
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html?|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ index.php [L]
########## End Joomla! SEF Section
______________________________________

jdMorgan




msg:4201854
 11:24 pm on Sep 14, 2010 (gmt 0)

The hostname canonicalization redirect is usually the least-specific external redirect rule, so put it after the trailing slash redirect rule and before any of the internal rewrites.

Jim

g1smd




msg:4201889
 12:48 am on Sep 15, 2010 (gmt 0)

The Joomla code you posted in the original question is not the latest version.

I have had to resubmit the patch; the new version is at: [joomlacode.org...]

jdMorgan




msg:4202264
 4:56 pm on Sep 15, 2010 (gmt 0)

You might also want to "minus out" or comment-out the <IfModule> container if its present in the Joomla code (as it is in the WordPress code). The comment should read something like "Uncomment the following <IfModule> directive and its closing directive below if you want this code to fail silently on servers which do not have mod_rewrite loaded."

Jim

dlwilson007




msg:4202287
 5:28 pm on Sep 15, 2010 (gmt 0)

I don't have that code in mine.

However, I have a new challenge. Joomla is all contained within one folder in my public_html folder. I also have a rails application that is completely contained within another folder (not under public_html). I have a symlink in public_html to the rails application. Finally, I created a subdomain that I want to point to the rails application.

My goal is to have (www).riococokids.com rewrite to the joomla subdir, which is what is happening currently and appears to be working properly (although the SEF friendliness may still be in question). My next goal is to have my app subdomain to point to my app.

The problem is the way my htaccess is written. While it is improving for Joomla, it hurts my rails application. The rails application only needs two rules applied in the htaccess file, which are as follows:

RailsBaseURI /
PassengerAppRoot /home/riococok/railsapps/riochilddev/current

This code breaks Joomla, and without it, the rails application won't work.

But this code also doesn't go under mod_rewrite.

So the question is how can I address this to have both Joomla and the rails app running using the same htaccess file?

And now that I am getting out of the scope of Joomla to some extent, if you would recommend I create a new thread, let me know and I will.

Thanks!

g1smd




msg:4202399
 8:07 pm on Sep 15, 2010 (gmt 0)

So the question is how can I address this to have both Joomla and the rails app running using the same htaccess file?

The mod_rewrite code in the .htaccess file deals with URLs, so the rules need to be able to distinguish from the URL itself which application the URL request will be rewritten to.

There will need to be a distinguishing "feature" in the URLs that address one application or the other, and then the RewriteConds can test for the presence or absence of this feature.

This 40 message thread spans 2 pages: 40 ( [1] 2 > >
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved