Apache :: Setting Up URL Rewrite Rules Multiple VHs
Oct 21, 2012
I'm kinda new to apache and I have the following situation.
I have a vps, on which I have set the following:
WordPress Site A, has it's own VirtualHost and domain
WordPress Site B, has it's own VirtualHost and domain
Canvas LMS (not connected to a domain).
Canvas LMS can add multiple accounts, which may (or may not) be accessed individually using a URL that looks as follows:
{canvas_root}/accounts/{account_id}/
For example : http://....../accounts/4/
I need to add a link to each of WP sites, which points to each site's account on Canvas, such that it appears as .../learning/ folder
I do not want the users to see the /account/4/ , just /learning/
I also want to prevent accessing
Canvas LMS is located beyond the website's DocumentRoot
I want this to work with both HTTP and HTTPS
With this whole no-www thing going on. I've decided to have a look at whether I can do this for my domains.
Instead of writing a
RewriteEngine On RewriteCond %{HTTP_HOST} ^www.domain.com$ [NC] RewriteRule ^(.*)$ h77p://domain.com/$1 [R=301,L]
for every single domain I'd like to do this for across all domains as standard. I'm not too hot on rewrite rules and have in the past avoided them cos of the complexities. But I'd like to get this done, and no silently do it, but reflect the URL difference in the webbrowsers address bar too.
I am trying to redirect a request from a non-hosted domain, using a rewrite rule in our configuration file in conf.d. Our registrar has a pointer from this non-hosted domain to our domain.
I am writing a rewrite rules using mod_rewrite module. I have the same data repeating all over the rules that I would like to replace with variable and set variable once at the top of rules then use variable in the rest of rules. Then if I need to add another IP address I would just add additional IP address to the variable instead like now need to change several rules.
For example I have IP addresses that I would like to set as a variable.
Now rules are the following (simplified) in httpd.conf:
RewriteEngine Off RewriteCond %{REMOTE_ADDR} (192.168.5.20|192.168.7.15|10.10.20.50
We were recently hacked on our dedicated server and the hacker managed to insert php files that generated thousands of doorway pages in one of our images folder on our site. We have done an extensive cleanup of our site, removing all malicious files and are locking down the server. We have already updated to the latest versions of PHP and Wordpress,not to mention change all database passwords and admin password. My question is about mod_security for apache.
We were told Mod_security can prevent this from happening again but it must be configured correctly.
We have already set rules for mod_security. The rules set up are in the files in the directory, /etc/httpd/modsecurity.d/modsec. We were told that the file 10_asl_rules.conf specifically has filters to prevent SQL injection attacks.
These are are current rules: ---------------------------------------------------------------------- /etc/httpd/modsecurity.d/modsec # ls 05_asl_exclude.conf 30_asl_antispam.conf domain-blacklist-local.txt malware-blacklist.txt 05_asl_scanner.conf 30_asl_antispam_referrer.conf domain-blacklist.txt sql.txt 10_asl_antimalware.conf 40_asl_apache2-rules.conf domain-spam-whitelist.conf trusted-domains.conf 10_asl_rules.conf 50_asl_rootkits.conf domain-spam-whitelist.txt trusted-domains.txt 11_asl_data_loss.conf 60_asl_recons.conf malware-blacklist-high.txt whitelist.txt 20_asl_useragents.conf 99_asl_exclude.conf malware-blacklist-local.txt 30_asl_antimalware.conf 99_asl_jitp.conf malware-blacklist-low.txt -----------------------------------------------------------------
I can do to prevent this or tune up apache mod_security from letting this happen again. We are so paranoid that we are now checking our access log files for POST commands every day?
As a personal project I've recently began thinking about setting up a CDN (sort of) with my various servers around the world. Basically, what it will do is.. From one 'management' point or portal (you can assume one physical server), each user can update/create their webpage there..
From that main node, it will have to replicate in REAL TIME: a) userdir (public_html etc.)
b) mysql db's (circular mysql replication?)
c) Any updates to their apache.conf, php.ini etc..
Now I've been looking into several options.. drbd seems to be one that a lot of people suggest for the actual data sync, but I'm wary of implementing something like that outside of a local private LAN. I've also looked into rsync/unison which may work.. I'm just throwing this out there to see what people have tried and are using.
DNS will be handled by a GeoIP/Maxmind bind patch, and closest server will be given by my DNS servers. Closest 'mirror' of the user's site will be served via that hostname.
Anyone done this before or tried? The actual caching part of CDNs and etc. I'm thinking I could always just deal with via squid later, but for now the main guts is what I'm concerned with.
Depending on where u are at on my site (documents pages, training, main root, etc.) will depend on which type of background, footer, header and the like you'll get. Now I was thinking. Is there a way to have multiple error messages for more then one page depending on where you are at on a site? Right now it's intranet site and a modded snitz forum. What is the code and were does it go and in which apache conf file(s) does it go in?
I have all my specify modules are loaded in pache like mod_rewrite in other face I have a script need require mod_rewrite in install steps but I have in testing : Apache Mod-Rewrite Unavailable
On my website at www.jamescobban.net I have a directory which contains an ancient copy of my old static implementation of the site. It is there just in case someone has saved a old URL. However the data in that directory is several years out of date, so I would like to redirect the old static URLs to the equivalent dynamic URLs. For example: URLs.....
I wasn't warned that the <Directory> in the Apache conf file has to specify AllowOverride All whereas the default that is created when I install Ubuntu is AllowOverride None.I wasn't warned that I have to enable the mod_rewrite using a2enmod or else the rewrite commands are rejected.I am testing this on my private copy of the web-site where I can fiddle with options like that in the config file, but when I migrate this to my public server I do not have that privilege, so I want to try setting up the URL rewriting in .htaccess.
I would like to write a rewrite rule that does the following:
RewriteEngine On
Redirect 301 URL...
So what I want is that the first url is rewritten to go to the second ..I have a whole bunch of links that I have to redirect, so I would like to place them all into one .htaccess file or into the default configuration file of apache. So what I do not want is to create SomeFolder1 and someOtherFolder2 and to place a .htaccess file into that place in order to make it work. In fact I want to ignore the folders of the old link and only use the pagename.
I have some instructions written in the .htaccess of root directory for my website. So how to force those rules to apply to all sub directories even if those sub directories have .htaccess that overwrite the rules of the mother .htaccess on the root directory ? For example the root .htaccess deny access to all *.log files, so how to force that rule even if in some subdirectories there is some .htaccess files that allow access of *.log files.
I'm running Apache 2.4.4 Win32 on a Windows 2008 server. When trying to optimize a website I noticed a random reoccurring 2550ms delay in Time To First Byte. A file could have a TTFB of 200ms several times but suddenly it would get 2750ms. This could be a static file (image, html, js) or php. I've measured using ApacheBench (locally and remotely), webpagetest.org and bytecheck.com. After much trial and error I found the problem was with mod_rewrite. Disabling this and everything is fine.
I have setup a blank/new install with only basic config change (Listen, ServerRoot etc) to replicate result without anything else interfering. Following is the rewrite section I add to config.
Code: <IfModule mod_rewrite.c> RewriteEngine on RewriteRule (^/Pictures.*) /$1 [L] </IfModule>
After Apache has started I execute "ab http://my.example.com/Pictures/Thumbnails/tmb_400X400_FFFFFF_660.jpg" and always get the delay. If I execute again it's normal. If I wait at least 30 seconds I get the delay. Following is a section from error.log with trace8 logging.
Code: [Tue Mar 12 23:28:56.123519 2013] [rewrite:trace3] [pid 7624:tid 888] mod_rewrite.c(468): [client 69.x.y.90:36279] 69.x.y.90 - - [my.example.com/sid#42c748][rid#26df0d0/initial] applying pattern '(^/Pictures.*)' to uri '/Pictures/Thumbnails/tmb_400X400_FFFFFF_660.jpg'
[Code] ....
As you see from line 3 to line 4 the time skips 2550ms. When the TTFB is normal then the log is identical except time doesn't change from line 3 to line 4. If I delete the rewrite section in config then TTFB is always normal, no matter what.
When I testet on the live server the time for fully loaded increase from 3800-4000ms to 8500-10500ms when mod_rewrite is enabled. And that is about 30 requests (php+css+js+images). So the impact is significant.
What can this be? I'm having a hard time believing it's a bug. Isn't mod_rewrite used a lot? I'm running Ubuntu (linux) at home, I'm going to install Apache there and see if I get the same result.
In my web site I have several index pages in different languages in the following format
[URL] ....
Two days ago I noticed increased, many times. Google bot activity on my site and when I checked my log file I found that all pages crawled were wrong web addresses: to the above index were added existing files from my site like
/folder1/folder2/file.html
So, the strings looked like
[URL] ....
And surprisingly all they returned code "200".
My question is: is there any way to rewrite such requests to the first ".html" found in the string.
I am trying to capture 3-4 digits when sent as part of a URL, for them to be proxied to another URL. I have no control over how the source sends this data, I am supposed to redirect it. Which works.
The problem is this works for all URLs that have digits to this server. I am expecting to trap URLs that send digits as part of the first call to the server, but this also affects URL calls that are part of other server call transactions, once digits appear, it gets redirected. What can I do to stop this interference?
I want to make it an internal rewrite though, not an external redirect. If I remove the [R=303] I still end up with a redirect (a 302). I assume mod_rewrite is forcing an external redirect because it's to a different [sub]domain.
Is there any way I can overcome this and make the change internal?
I am using apache with subversion and need to redirect a request for a file to a different file based on the user that has made the request. It appears that the URL for the requested file could be changed on the fly using RewriteMap; however, is there any way to get the User (as typically given in the request_rec available to apache hooks) making the request in the program used?
I am running a few different web servers on my home network and have found a way of binding each wb server (and any virtual hosts) to domain names and having a "central" web server rerouting a request to the appropriate server using reverse-proy. at the moment, this central web server is IIS (Windows Server 2008 R2) based and it works perfectly. I want to change the central server to an Apache based one.
As an example; I want the central server to see an incoming http request (e.g sub.domain.com) and reroute it using reverse-proxy to a different web server that wouldn't normaly be accessible from the Internet (e.g 192.168.1.122/index.html).
My question is how do you reverse-proxy to a different server on the LAN with mod_rewrite in Apache?
After a few years with apache 2.2 I decided to try apache 2.4 Both are running on windows 7. I had to recompile my modules against the new api, but that was succesful. I am now confronted that the rewrite rule for one of my locations :