Redirect direct registration page access by .htaccess

I would like to redirect registration page to homepage by using .htaccess now my code is redirecting to /component/users/?view=login&Itemid=437 which is login page. I would like to make registration and front-end login page not accessible for users.

So the target is to redirect /component/users/?view=login&Itemid=437 and /index.php?option=com_users&view=registration&Itemid=999 to “403 error page”

# RewriteBase /

# Disable calls to user registration ("register", this url ends with: view=registration))
# Send all blocked request to homepage, use Flag [F] for 403 Forbidden error!
RewriteCond %{QUERY_STRING} (view=registration) [NC]
RewriteRule .* index.php [F]

## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.

Well one way you can do this is by placing a simple rewrite rule into the .htaccess file for each…

RewriteCond %{QUERY_STRING} view=login&Itemid=437 [NC]
RewriteRule ^component/users/$ / [L,R=403]

RewriteCond %{QUERY_STRING} option=com_users&view=registration&Itemid=999  [NC]
RewriteRule ^index\.php$ / [L,R=403]

Here we are simply saying that if the query string contains the specified parameters (not case sensitive) and they are directed at the component/users directory (towards the index.php page) or the index.php page in the root directory then redirect as a 403 forbidden.

Make sure to test these out a little and tweak as necessary. I can confirm these work on my systems. Be sure these rules are alongside your other rewrite rules. :slight_smile:

1 Like

Maybe I am placing something wrong? Here is my .htaccess file and it is located in public_html folder where index.php Joomla is.

You can test yourself: http://bit.ly/2SmSJtt

##
# @package    Joomla
# @copyright  Copyright (C) 2005 - 2018 Open Source Matters. All rights reserved.
# @license    GNU General Public License version 2 or later; see LICENSE.txt
##

##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line 'Options +FollowSymLinks' may cause problems with some server configurations.
# It is required for the use of mod_rewrite, but it may have already been set by your 
# server administrator in a way that disallows changing it in this .htaccess file.
# If using it causes your site to produce an error, comment it out (add # to the 
# beginning of the line), reload your site in your browser and test your sef urls. If 
# they work, then it has been set by your server administrator and you do not need to 
# set it here.
##

## No directory listings
<IfModule autoindex>
  IndexIgnore *
</IfModule>

## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes

## Mod_rewrite in use.

RewriteEngine On

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site then comment out the operations listed 
# below by adding a # to the beginning of the line.
# This attempts to block the most common type of exploit `attempts` on Joomla!
#
# Block any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root home page
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.

## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects

##
# Uncomment the following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##

# RewriteBase /

RewriteCond %{QUERY_STRING} view=login&Itemid=437 [NC]
RewriteRule ^component/users/$ / [L,R=403]

RewriteCond %{QUERY_STRING} option=com_users&view=registration&Itemid=999  [NC]
RewriteRule ^index\.php$ / [L,R=403]

## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.

<IfModule mod_expires.c>
  FileETag MTime Size
  AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript
  ExpiresActive On
  ExpiresDefault "access plus 1 seconds"
  ExpiresByType text/html "access plus 600 seconds"
  ExpiresByType application/xhtml+xml "access plus 600 seconds"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType text/javascript "access plus 1 month "
  ExpiresByType application/javascript "access plus 1 month"
  ExpiresByType application/x-javascript "access plus 1 month"
  ExpiresByType image/x-icon "access plus 1 year"
  ExpiresByType image/jpeg "access plus 1 year"
  ExpiresByType image/png "access plus 1 year"
  ExpiresByType image/gif "access plus 1 year"
</IfModule>

Off Topic:

You should only use <IfModule> once, for testing. Once you have established that the module is enabled, remove the IfModule rule. Otherwise you are continually wasting system resources needlessly checking for the existence of the module when you already know it is there.

3 Likes

Thanks! Made an update to .htaccess

1 Like

Keep in mind that with .htaccess and other rules, order always matters. Try moving these new rules up as high in the file as possible for testing just to eliminate the possibility that another rule may be interfering. I am not saying that is the cause of why it won’t work for you, but don’t make testing harder than it needs to be.

Another thing to check is logging into Joomla and going to “Site” > “Global Configuration” and make sure that SEF URLs is activated (if activated, maybe deactivate and see if that does anything?). I get the impression that Joomla is making some additional changes to the way URLs are handled outside of htaccess.

Your suggestion works on my localhost but does not work on actual server for some reason. Any suggestions?

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.