Can I use htaccess to make a site temporarily unavailable to everyone

Forum Moderators: phranque

Message Too Old, No Replies

Can I use htaccess to make a site temporarily unavailable to everyone

but me

lorax

7:35 pm on Dec 11, 2004 (gmt 0)

I need to put a site into 'maintenance mode' so I can switch shopping carts. I'm hoping there's a simple way I can send everyone but me (using my IP address) to a 'down for maintenance' page. I'm not quite sure how to Google for this so a nudge in the right direction would be appreciated.

The Contractor

7:46 pm on Dec 11, 2004 (gmt 0)

lorax I believe the easiest way is customize your 403.html to state you are down for service etc.

Then put this in your .htaccess

order deny,allow
<Files *>
deny from all
allow from my.ip.address.#
</Files>
Options +FollowSymLinks
RewriteRule .* - [F]

lorax

8:27 pm on Dec 11, 2004 (gmt 0)

Hola,
Ok, I see where you're going with it.

So here's a hybrid of what you offered and what I already had.

ErrorDocument 403 /403.php

Order Deny,Allow
<Files *>
Deny from all
Allow from IP ADDRESS
</Files>

<Files /403.php>
Allow from all
</Files>

Options +FollowSymLinks
RewriteEngine on
RewriteRule ^(.*)\.htm$ $1.php [T=application/x-httpd-php]
RewriteRule ^(.*)\.html$ $1.php [T=application/x-httpd-php,L]

That last part is necessary for me to do my testing on the cart. I wasn't sure why you used the RewriteRule you did.

jdMorgan

9:24 pm on Dec 11, 2004 (gmt 0)

How about a one-line rewrite instead of two?


Options +FollowSymLinks
RewriteEngine on
RewriteRule ^([^.]*)\.html?$ /$1.php [T=application/x-httpd-php,L]

I'm fighting a one-man war against the use of the easy-but-inefficient ".*" pattern ... ;)

Jim

The Contractor

10:12 pm on Dec 11, 2004 (gmt 0)

well..hmm
You can just have the following and it works just fine by putting in the root of the site (as long as you have your error doc (403) defined. Not sure why you want to rewrite and not just deny since it was for just a very short time? I have denied googlebot for a couple days on a couple sites before and then it came right back.

I thought the below is as easy as it gets ...hehe

order deny,allow
<Files *>
deny from all
allow from my.ip.address
</Files>

uncle_bob

11:14 pm on Dec 11, 2004 (gmt 0)

If you are closing your site for maintenance, shouldn't you use a "503 Service Unavailable" response rather than a "403 Forbidden" or "404 Not Found" response?

Not quite sure how you'd implement it though.

lorax

6:19 pm on Dec 12, 2004 (gmt 0)

Hm...

Ok, jdMorgan - dope slap accepted and the code duly updated.

Re: 403
It's not working. <snip>

I just realized it was choking because my 403 page is calling external resources like an include and header images which are denied!

So the next question becomes do I use multiple FILES directives or can I combine them?

lorax

6:42 pm on Dec 12, 2004 (gmt 0)

Voila, the final working result:

Order Deny,Allow
<FilesMatch (.*)>
Deny from all
Allow from my ip address
</FilesMatch>
<FilesMatch (403\.php�footer\.php�style\.css�header\.gif�nav\.php)>
Allow from all
</FilesMatch>
Options +FollowSymLinks
RewriteEngine on
RewriteRule ^([^.]*)\.html?$ /$1.php [T=application/x-httpd-php,L]
ErrorDocument 403 /403.php

The odd bit is that I had to explicitly include the nav file in the FilesMatch Allow section.

jdMorgan

7:14 am on Dec 13, 2004 (gmt 0)

Is it odd that you had to explicitly include the nav.php *and* the footer.php file? Otherwise I don't understand. You might want to examine the mechanism used to "include" those files in your "main" pages... I would think that they would be direct file includes (done "inside" the server), rather than being done via HTTP. As such, they should not be affected by .htaccess restrictions. But I'm far from a PHP guru, so I may be way off in my assumptions here...

Jim

lorax

1:28 pm on Dec 13, 2004 (gmt 0)

>> rather than being done via HTTP

Bingo! As soon as I read that I gave myself a dope slap. ;)