SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Member
    Join Date
    Oct 2013
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Folder content request redirect to root or specified URL

    Running WordPress web sites, some stand –alone others multi-site.

    Goal: Any request for files in a folder directly by their URL be redirected to root or specified URL. If requests for those same files come from a link or a call via WordPress within the domain allow it.

    Since WordPress uses rewrite rules in root, I am concerned that using rewrite rules in htaccess files in subfolders may cause issues with WordPress. Hence, my thought to redirect back to root thinking that the rewrite rules there will over ride previous rules from a subfolder. However, this may not be an issue since my goal is for requests that do not go through root, that is, through WordPress be redirected.

    And, I’m really weak on htaccess use. I assume that an htaccess file in root can set up rules between the server and the visitor, and these are the rules to abide by while communicating with the server until another set of rules come into play via another htaccess file with new instructions or conditions. Then these new rules remain intact until changed once again. Is this assumption correct? Or does a new htaccess add to, rather than replace the previous set of rules?

  2. #2
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,656
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    LSB,

    Welcome to SitePoint!

    The rule for .htaccess files is that they are accessed and parsed in order of the path of the request, i.e., the DocumentRoot's .htaccess is acted upon first, then the next directory's .htaccess until the file is served.

    What you described told me a few things:

    1. WP will pass any request to an existing file or directory without redirecting to its index.php (request handler).

    2. There is something wrong with your subdirectory's .htaccess if it's looping back to the DocumentRoot. It does not replace the DocumentRoot's .htaccess but only adds to it ... within its directory!

    More information gets a better answer (i.e., what's wrong with the subdirectory's .htaccess logic).

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  3. #3
    SitePoint Member
    Join Date
    Oct 2013
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, there is no htaccess in the folders of concern - yet. WP will deliver up page content when called by itself, such as images, PDF, Doc, etc. And, the same content can be accessed and called by a direct link without having to even visit root, and it is this I want to prevent, but also if such a direct request is made, redirect to root which will cause the WP home page to come up. (or perhaps instead of root, the WP log in page).

    My inquiry is figure out "how to" create a htaccess file with the proper content to accomplish this before going on a long trial and error process. And I am concerned that having such a htaccess file in a sub-folder causing a redirect to root that it would conflict with the root's htaccess file. Root htaccess file has rewrite rules and conditions, and I assume that to accomplish what I looking for would also require the sub-folder haccess file to contain rewrite rules and conditions.

    I suppose I could just cause any request to the sub-folder to be disallowed via a htaccess file, but it is the redirect I'm looking for.

  4. #4
    SitePoint Wizard bronze trophy Jeff Mott's Avatar
    Join Date
    Jul 2009
    Posts
    1,278
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by dklynn View Post
    The rule for .htaccess files is that they are accessed and parsed in order of the path of the request, i.e., the DocumentRoot's .htaccess is acted upon first, then the next directory's .htaccess until the file is served.
    It actually goes in the opposite direction.

    http://httpd.apache.org/docs/2.4/how...ccess.html#how

    Example:

    In the directory /www/htdocs/example1 we have a .htaccess file containing the following:

    Options +ExecCGI

    In the directory /www/htdocs/example1/example2 we have a .htaccess file containing:

    Options Includes

    Because of this second .htaccess file, in the directory /www/htdocs/example1/example2, CGI execution is not permitted, as only Options Includes is in effect, which completely overrides any earlier setting that may have been in place.
    "First make it work. Then make it better."

  5. #5
    SitePoint Wizard bronze trophy Jeff Mott's Avatar
    Join Date
    Jul 2009
    Posts
    1,278
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by LSB View Post
    Since WordPress uses rewrite rules in root, I am concerned that using rewrite rules in htaccess files in subfolders may cause issues with WordPress.
    Indeed, it will cause an issue. For any request to that subfolder, none the rewrite rules from the root will run.

    The simplest solution is to keep all your rewrites in the same root htaccess file.

    # Any request for files in a folder be redirected to root or specified URL
    RewriteRule ^your/special/folder/ /specified/url [R,L]
    "First make it work. Then make it better."

  6. #6
    SitePoint Member
    Join Date
    Oct 2013
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Jeff Mott View Post
    Indeed, it will cause an issue. For any request to that subfolder, none the rewrite rules from the root will run.
    This is what I was concerned with, and your answer makes sense.

    The simplest solution is to keep all your rewrites in the same root htaccess file.

    # Any request for files in a folder be redirected to root or specified URL
    RewriteRule ^your/special/folder/ /specified/url [R,L]
    OK. But wouldn't this prevent WP from accessing ^your/special/folder/ as well?

    Here is the content of htaccess in root:

    Code:
    # BEGIN s2Member GZIP exclusions
    <IfModule mod_rewrite.c>
    	RewriteEngine On
    	RewriteBase /
    	RewriteCond %{QUERY_STRING} (^|\?|&)s2member_file_download\=.+ [OR]
    	RewriteCond %{QUERY_STRING} (^|\?|&)no-gzip\=1
    	RewriteRule .* - [E=no-gzip:1]
    </IfModule>
    # END s2Member GZIP exclusions
    
    # BEGIN WordPress
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    
    # add a trailing slash to /wp-admin
    RewriteRule ^wp-admin$ wp-admin/ [R=301,L]
    
    RewriteCond %{REQUEST_FILENAME} -f [OR]
    RewriteCond %{REQUEST_FILENAME} -d
    RewriteRule ^ - [L]
    RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
    RewriteRule ^(.*\.php)$ $1 [L]
    RewriteRule . index.php [L]
    
    # END WordPress
    And this is the folder I want to be inaccessible except by WP itself:

    /public_html/wp-content

  7. #7
    SitePoint Wizard bronze trophy Jeff Mott's Avatar
    Join Date
    Jul 2009
    Posts
    1,278
    Mentioned
    18 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by LSB View Post
    OK. But wouldn't this prevent WP from accessing ^your/special/folder/ as well?
    Ahh, yes. I forgot about the second half of your goal, that the request should be allowed if the user came from a link on your site. For that, we'll check the referrer.

    Code:
    # If this request did not come from your site
    RewriteCond %{HTTP_REFERER} !^[^:]+://your-domain.com/
    # Then redirect any request for files in a folder be redirected to root or specified URL
    RewriteRule ^your/special/folder/ /specified/url [R,L]
    FYI, though, that the referrer can be spoofed.
    "First make it work. Then make it better."


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •