The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting.
Forum Post Assistant - If you are serious about wanting help, you should use this tool to help you post.



Post new topic Reply to topic  [ 84 posts ]  Go to page 1, 2, 3  Next
Author Message
PostPosted: Tue Mar 01, 2011 3:57 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Hi there.

I was looking to redirect all non-www to www. type addresses in my Joomla website (not just frontpage), but I am too much of a newbie to handle this on my own...
Regarding configuration,I have Joomla SEF and mod_Rewrite enabled and the site's addresses contain greek characters (if that makes any difference)

I have tried doing this with the Redirect plugin I have installed, but it does not work...I had "http://domain.com" point to "http://www.domain.com" with no result...

I searched for other threads but I was unsure concerning the exact implementation..

E.g. in this page I found the following code, but it's not clear to me what of the following I must use and if I have to leave anything out
Code:
########## Begin - 301 Redirect
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^yoursite\.com$ [NC]
RewriteRule .* http://www.yoursite.com/ [L,R=301]
#
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\.yoursite\.com$
RewriteRule ^(.*)$ http://www.yoursite.com/$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteRule index\.php$ http://www.yoursite.com/%1 [R=301,L]
#
RewriteCond %{QUERY_STRING} ^option=com_frontpage&Itemid=1$
RewriteRule ^index\.php$ http://www.yoursite.com/? [R=301,L]
########## End - 301 Redirect



Also, I found this page where a part of the previous code is used but I don't know if I have to just paste it there, if I have to use some specific comment etc
Code:
RewriteCond %{HTTP_HOST} ^yoursite\.com [NC]
RewriteRule ^(.*)$ http://www.yoursite.com/$1 [R=301,L]



The contents of my own .htaccess file are the following (I have of course changed the particular domain reference)
Code:
## EOMBAK - Do not remove this line or this file
##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##

#####################################################
#  READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

##  Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
#  mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

#  Uncomment following line if your webserver's URL
#  is not directly related to physical file paths.
#  Update Your Joomla! Directory (just / for root)

# RewriteBase /

########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section

RewriteCond %{HTTP_REFERER} !^http://domain.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://domain.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com/forum/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.domain.com/forum$      [NC]
RewriteRule .*\.(.*)$ http://www.domain.com [R,NC]


If you look at the above code, you will also find at the bottom a part that I am under the impression it was planted there either by Rockettheme's Rokbridge component (which I have now uninstalled) OR by the Kunena forum I am now operating, where I have enabled all SEF relevant options in its configuration....

Could you help me out?

Million thanks...


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:58 am 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
There are multiple errors in the code above, including creating unwanted redirection chains.

Use this instead:

Code:
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]



If you need to also redirect index URLs, include this code BEFORE the non-www redirect:

Code:
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.(html?|php)\ HTTP/
RewriteRule (([^/]+/)*)index\.(html?|php)$ http://www.example.com/$1 [R=301,L]

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 1:55 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Thank you very much for your response @g1smd

I will try your code and report back

When you say
Quote:
There are multiple errors in the code above, including creating unwanted redirection chains.

What code are you referring to? Just the proposed codes above taken from linked threads or the contents of my .htaccess file also?

Cheers


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 3:18 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Some of the errors.

This code does not redirect host requests with appended port name, and therefore allows Duplicate Content.
Code:
RewriteCond %{HTTP_HOST} ^yoursite\.com$ [NC]
RewriteRule .* http://www.yoursite.com/ [L,R=301]


Consider what happens if example.com/index.php is requested in the next code. The first ruleset redirects to http://www.example.com/index.php and the second ruleset creates a second redirect to http://www.example.com/. You should avoid creating a redirection chain.
Code:
RewriteCond %{HTTP_HOST} !^www\.yoursite\.com$
RewriteRule ^(.*)$ http://www.yoursite.com/$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteRule index\.php$ http://www.yoursite.com/%1 [R=301,L]

The code also does not redirect index URLs within folders. It can only do the root.

The "referrer" code is horrible, likely able to be replaced with a single line of code. There are multiple errors in it, not least the lack of escaping on literal periods. Additionally, code like that should go ahead of all the other stuff. Why redirect some requests and then block them. Why not do the blocking first?

There are replacement default .htaccess files for Joomla 1.5 http://joomlacode.org/gf/project/joomla ... m_id=25090 and Joomla 1.6 http://joomlacode.org/gf/project/joomla ... m_id=22425 awaiting commit. The new files fix a number of problems.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 8:19 pm 
Joomla! Hero
Joomla! Hero

Joined: Sat Feb 09, 2008 8:27 am
Posts: 2264
Location: California, USA
Using a standard .htaccess file that come with Joomla you would enter the following code directly below RewriteEngine On

Code:
RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]


This code (for me as well as many others) forces all 'non www' to 'www'

Mark


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 8:39 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Markstein wrote:
Using a standard .htaccess file that come with Joomla you would enter the following code directly below RewriteEngine On
Code:
RewriteCond %{HTTP_HOST} ^domain.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]

This code (for me as well as many others) forces all 'non www' to 'www'

That code contains a number of errors.

You must escape all literal periods in patterns, hence \.com is required.

The above code will not redirect a www request with appended port number. The code allows Duplicate Content at http://www.example.com/ and at http://www.example.com:80/ opening up your site to malicious linking from a competitor.

Try this:

Code:
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

_________________
Online since 1995.


Last edited by g1smd on Sun Mar 06, 2011 10:54 am, edited 1 time in total.

Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:10 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
g1smd wrote:
Some of the errors.

This code does not redirect host requests with appended port name, and therefore allows Duplicate Content.
Code:
RewriteCond %{HTTP_HOST} ^yoursite\.com$ [NC]
RewriteRule .* http://www.yoursite.com/ [L,R=301]


Consider what happens if example.com/index.php is requested in the next code. The first ruleset redirects to http://www.example.com/index.php and the second ruleset creates a second redirect to http://www.example.com/. You should avoid creating a redirection chain.
Code:
RewriteCond %{HTTP_HOST} !^www\.yoursite\.com$
RewriteRule ^(.*)$ http://www.yoursite.com/$1 [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteRule index\.php$ http://www.yoursite.com/%1 [R=301,L]

The code also does not redirect index URLs within folders. It can only do the root.

The "referrer" code is horrible, likely able to be replaced with a single line of code. There are multiple errors in it, not least the lack of escaping on literal periods. Additionally, code like that should go ahead of all the other stuff. Why redirect some requests and then block them. Why not do the blocking first?

There are replacement default .htaccess files for Joomla 1.5 http://joomlacode.org/gf/project/joomla ... m_id=25090 and Joomla 1.6 http://joomlacode.org/gf/project/joomla ... m_id=22425 awaiting commit. The new files fix a number of problems.

Thank you very much for your input, I really appreciate it...sadly, I cannot really understand since I am lacking necessary knowledge...

I must point out, though, that i have NEVER messed with the .htaccess file myself. This is the default Joomla file + any changes that were implemented by Joomla updates (20>21>22) and any other settings or extensions...

What prevents me form trying out the files you have linked to (besides not knowing how to work with .patch files) is that the above code may have something to do with the "Unicode-Slugs SEF" plugin I have installed, which allows me to use greek unicode characters and glyphs in the URLs...

And I don't want to do anything that could possibly mess it up...

If I use one of the files you suggested, what else would I need to add to replicate the targeted functionality of the current file's configuration?

Cheers


Last edited by PierreB on Sat Mar 05, 2011 11:19 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:18 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
I'll ignore all of the examples above. Post your current working file below.

Are you using 1.5 or 1.6?

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:29 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Thank you very much...

Actually I have not made any change to the htaccess file...tracking some plugin incompatibilities and js conflicts has taken much of the available time.

The contents of the .htaccess file are:

Code:
## EOMBAK - Do not remove this line or this file
##
# @version $Id: htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##

#####################################################
#  READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

##  Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
#  mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

#  Uncomment following line if your webserver's URL
#  is not directly related to physical file paths.
#  Update Your Joomla! Directory (just / for root)

# RewriteBase /

########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section

RewriteCond %{HTTP_REFERER} !^http://my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum$      [NC]
RewriteRule .*\.(.*)$ http://www.my-domain.eu [R,NC]



I don't know if the last part is useful at all...

I had Rokbridge (joomla-phpbb bridge) installed before, which had created a "forum" directory for redirection and passing of SEF functionality to phpbb3, but now it is uninstalled...if this code has been added by Rokbridge, it can be removed (I guess)

Right now the "forum" ALIAS (not actual folder, non-existing) is used by Kunena Forum (all its relevant SEF options are enabled).

Very very appreciating your help


Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:49 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
This snippet is very badly coded. Firstly, it should be located before all the other redirects and rewrites.

In any case, using REFERER is absolutely the worst way to block users. This is because many valid visitors will have their referrer data stripped by the "Internet Security" software running on their PC or will be behind their ISP's caching proxy. Do you really want to deny all of Norton's and AOL's customers from accessing your site?

Code:
RewriteCond %{HTTP_REFERER} !^http://my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum$      [NC]
RewriteRule .*\.(.*)$ http://www.my-domain.eu [R,NC]


Literal periods in RegEx patterns should be escaped. The trailing .*$ pattern causes the whole string to be parsed when there is no need for this.

The six conditions simplify to
Code:
RewriteCond %{HTTP_REFERER} !^http://(www\.)example\.eu [NC]



The .*\.(.*) pattern is very inefficient, causing thousands of back off and retry "trial match" attempts. There's no need to create a backreference that isn't going to be re-used.

The code also produces a 302 redirect. The redirected-to URL for the domain MUST end in a trailing slash.

Is this code redundant?

_________________
Online since 1995.


Last edited by g1smd on Sun Mar 06, 2011 12:11 pm, edited 4 times in total.

Top
 Profile  
 
PostPosted: Sat Mar 05, 2011 11:58 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Joomla 1.5 with non-www to www redirect.

Code:
## EOMBAK - Do not remove this line or this file
##
##

# @version $Id: BASED ON htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @MODIFIED 2011-03-03
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode data within the URL
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C)([^s]*s)+cript.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule .* index.php [F]
#
########## End - Rewrite rules to block out some common exploits


########## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$ http://www.example.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
########## End - Custom redirects


# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

# RewriteBase /


########## Begin - Joomla! core SEF Section
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} (/[^.]*|\.(php|html?|feed|pdf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
########## End - Joomla! core SEF Section


Edited to ADD the ! as noted below.

_________________
Online since 1995.


Last edited by g1smd on Sun Mar 06, 2011 10:14 am, edited 1 time in total.

Top
 Profile  
 
PostPosted: Sun Mar 06, 2011 2:18 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Thank you very much for taking the time to help me.

g1smd wrote:
This snippet is very badly coded. Firstly, it should be located before all the other redirects and rewrites. It could also simplify to two lines.

In any case, using REFERER is absolutely the worst way to block users. This is because many valid visitors will have their referrer data stripped by the "Internet Security" software running on their PC or will be behind their ISP's caching proxy. Do you really want to deny all of Norton's and AOL's customers from accessing your site?

Code:
RewriteCond %{HTTP_REFERER} !^http://my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.my-domain.eu/forum$      [NC]
RewriteRule .*\.(.*)$ http://www.my-domain.eu [R,NC]


Is this code redundant?

I really don't know if it is so...
I made a hypothesis, because the explicit reference to "forum" looks weird to me...and because I had a bridge extension which used such a "/forum" actual path as a redirect to the installation path of phpbb, I assumed it could have been the "residue" of that software which used redirects to connect phpbb and joomla.


I tried your code but unfortunately I could not open any page besides the front page.


Top
 Profile  
 
PostPosted: Sun Mar 06, 2011 2:34 am 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Does your site live at the www or non-www version of your domain?

There must be a simple typo somewhere in that code.

Does the "Live HTTP Headers" extension for Firefox give you any clues?

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sun Mar 06, 2011 9:56 am 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Yes, it is a stupid typo.
Quote:
RewriteCond %{HTTP_HOST} ^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

should be
Code:
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

The extra ! makes all the difference.

Using "Live HTTP Headers" would have shown you an infinite redirect loop.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sun Mar 06, 2011 10:53 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Thanks g1smd! You rock!!

I just tested the code above and I confirm that it works and that my pages seem to load faster now, like 1-2 seconds faster...the lag I used to see when I clicked on an internal link is gone!

Cheers!!

Quote:
Using "Live HTTP Headers" would have shown you an infinite redirect loop.

Sorry I did not have this installed...I have many tabs open all the time and on some of them for some reason I did not want to refresh the page (which would happen if I installed an extension and restarted firefox)


Last edited by PierreB on Sun Mar 06, 2011 10:59 am, edited 1 time in total.

Top
 Profile  
 
PostPosted: Sun Mar 06, 2011 10:56 am 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Yes, the code should be at least three times faster for any request, and up to five or six times faster for some types of request.

I submitted this code to the Bug Tracker six months ago. It's now only a few steps away from making it into the Joomla main download.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Thu Apr 07, 2011 3:43 pm 
User avatar
Joomla! Guru
Joomla! Guru

Joined: Wed Feb 20, 2008 6:50 am
Posts: 617
Location: Canada, Montreal
Incredible that the Joomla communauty don’t have a complete set of instructions for the different type of server/joomla configuration on permanent and temporary redirect.

This is crucial and basic to obtain the perfect SEF SEO...

Thanks to the participants of this discussion to bring some light... 8)

I need a little more guidance...
NOTE: my Joomla files are in a subfolder of public_html.

I guess that the configuration of 2 .htaccess files is necessary when the Joomla files are in a subfolder
—> one in the root (to point to the subfolder) and the normal one (include in all Joomla installation)

QUESTION 1:
Do we need those 2 .htaccess and how they should be use together?

—>This question will answer herself by the following....

TEMPORARY REDIRECT—302
QUESTION 2:
This is the default of my server and even the normal Joomla include is a temporary (302) redirect, How come we don’t go with a 301 right away?

This is my actual working (temporary) redirect

1 The root .htaccess — Path —> public_html/.htaccess(Complete code)

Code:
# .htaccess main domain to subfolder redirect
# Copy and paste the following code into the .htaccess file
# in the public_html folder of your hosting account
# make the changes to the file according to the instructions.

# Do not change this line.
RewriteEngine on

# Change yourdomain.com to be your main domain.
RewriteCond %{HTTP_HOST} ^(www.)?example.ca$ [NC]

# Change 'subfolder' to be the folder you will use for your main domain.
RewriteCond %{REQUEST_URI} !^/subfolder/

# Don't change these lines.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Change 'subfolder' to be the folder you will use for your main domain.
RewriteRule ^(.*)$ /subfolder/$1 [L]

# Change yourdomain.com to be your main domain again.
# Change 'subfolder' to be the folder you will use for your main domain
# followed by / then the main file for your site, index.php, index.html, etc.
RewriteCond %{HTTP_HOST} ^(www.)?example.ca$ [NC]
RewriteRule ^(/)?$ subfolder/index.php [L]


2— My Joomla .htacces file Path—> subfolder/.htaccess file (partial important code)
Code:
##  Can be commented out if causes errors, see notes above.
# For security reasons, Option followsymlinks cannot be overridden.
#Options +FollowSymLinks
Options +SymLinksIfOwnerMatch

#
#  mod_rewrite in use

RewriteEngine On


AND

Code:
#  Uncomment following line if your webserver's URL
#  is not directly related to physical file paths.
#  Update Your Joomla! Directory (just / for root)

# RewriteBase /subfolder


Note: remark that my RewriteBase command is commented out and my url DO NOT have the subfolder include


3— My Joomla configuration.php file Path—> subfolder/configuration.php file
Code:
var $live_site = 'http://www.example.ca';



PERMANENT REDIRECT — 301
This is my actual TRIAL of permanent redirect htaccess.

1 The root .htaccess — Path —> public_html/.htaccess(Complete code)
Code:
# Do not change this line.
Options +FollowSymlinks
RewriteEngine on

RewriteBase /
 
# Add trailing slash if path does not contain a period or end with a slash
RewriteCond %{REQUEST_URI} !(\.|/$)
RewriteRule (.*) http://www.example.ca/$1/ [R=301,L,NC]

# Change http://yoursite.com to http://www.yoursite.com
RewriteCond %{HTTP_HOST} ^example.ca$
RewriteRule ^/?(.*)$ http://www.example.ca/$1 [R=301,L,NC]
 
# Exclude any other directories in the site root that should NOT be affected.
# include the Joomla subdirectory
# best not to use directories in your site root that also exist in joomla e.g. images
RewriteCond %{REQUEST_URI} !^/subfolder/
#or separate multiple directories with |
#RewriteCond %{REQUEST_URI} !^/(dir1|dir2|dir3)

#if you have other domain (add-on examples) they should be added here to not affect
#RewriteCond %{HTTP_HOST} !^otherdomains.ca$

#Rewrites http://www.domain.ca/ to http://www.domain.ca/subdir
RewriteRule ^(.*)$ /subfolder/$1 [L]


NOTE:
a) I need to exclude other directories in the site root that should NOT be affected.
b) I have subdomains

Same configuration.php and Joomla subfolder .htacces

QUESTION 3:
This is a mixmatch of what I find on the web and it’s probably wrong. I think this regroup most of the normally encounter configurations and question about the redirect subject.

If some Joomla Guru can clarified this for me it will answered a extremly important (BASIC) point to have a solid base for the deployment of succesfull Joomla site...

I need direction on this one ?

Thanks in advance. :D

_________________
God help us!
Marketing, SEO, Web development - Powered by Joomla!
http://www.grafcomm.ca/


Top
 Profile  
 
PostPosted: Mon May 02, 2011 10:54 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
g1smd wrote:
Yes, the code should be at least three times faster for any request, and up to five or six times faster for some types of request.

I submitted this code to the Bug Tracker six months ago. It's now only a few steps away from making it into the Joomla main download.


Hi g1smd, sorry to bother you again...

I've been using your htaccess file ever since you posted it wit great success...it has been embedded into J1.5.23 as I understand (congrats!)

I wanted to ask you a question though if it's not too much trouble...
...I've been "discovering" my host's CPanel and I realized that it has the capability of implementing this kind of redirect from non-www to www.

Could you briefly say what the difference is between your code
Code:
#
RewriteCond %{HTTP_HOST} !^(www\.some-domain\.com)?$
RewriteRule (.*) http://www.some-domain.com/$1 [R=301,L]
#


...and Cpanel produced code?
Code:
RewriteCond %{HTTP_HOST} ^some-domain.eu$
RewriteRule ^(.*)$ "http\:\/\/www\.some\-domain\.eu$1" [R=301,L]


Also, I have another more important question to ask you...
...although I've been using this code for some time without trouble, at some point, not sure when (maybe when I updated to J1.5.23?) I began having serious issues logging in and out of Joomla from the frontend...you can read the problem here

I believe the error must lie somewhere in the "index" redirection?

EDIT
Indeed the index redirection code below causes the problem I described in the thread linked above...I point out that the code had been working without any such error ever since you posted this message...at some point it stopped doing so (I can only assume after the upgrade from J1.5.22 to J1.5.23)
Code:
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$ http://www.some-domain.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.some-domain\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#

Having been much distressed by it, today I discovered by chance that if I remove that code, I am able to login/logout properly again...

Cheers and thanks for the great and informative work


Top
 Profile  
 
PostPosted: Mon May 02, 2011 5:23 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
PierreB wrote:
I've been using your htaccess file ever since you posted it with great success... it has been embedded into J1.5.23 as I understand (congrats!)

My host's CPanel and I realized that it has the capability of implementing this kind of redirect from non-www to www.

Could you briefly say what the difference is between your code
Code:
RewriteCond %{HTTP_HOST} !^(www\.some-domain\.com)?$
RewriteRule (.*) http://www.some-domain.com/$1 [R=301,L]

My code redirects any hostname request that is not for EXACTLY www.example.com to www.example.com and re-appends the originally requested path. It therefore redirects non-canonical requests for example.com:80/ and www.example.com./ too.

PierreB wrote:
...and Cpanel produced code?
Code:
RewriteCond %{HTTP_HOST} ^some-domain.eu$
RewriteRule ^(.*)$ "http\:\/\/www\.some\-domain\.eu$1" [R=301,L]

The cPanel code redirects only non-www some-domain.eu requests, but not those with a port number.
It also fails to redirect www requests with a port number.
The required escaping of the literal periods in RegEx pattern is missing.
The redirect target has unwanted escaping on the colon.
It also has unwanted escaping on the slashes.
It also has unwanted escaping on the hyphen.
It also has unwanted escaping on the periods.
The quotes around the target are not required.

In short, the code produced by cPanel is some of the worst on the planet.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Mon May 02, 2011 5:33 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
PierreB wrote:
Although I've been using this code for some time without trouble, at some point, not sure when (maybe when I updated to J1.5.23?) I began having serious issues logging in and out of Joomla from the frontend...you can read the problem here
I believe the error must lie somewhere in the "index" redirection?

EDIT
Indeed the index redirection code below causes the problem I described in the thread linked above...I point out that the code had been working without any such error ever since you posted this message...at some point it stopped doing so (I can only assume after the upgrade from J1.5.22 to J1.5.23)
Code:
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$ http://www.some-domain.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.some-domain\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#

Having been much distressed by it, today I discovered by chance that if I remove that code, I am able to login/logout properly again...
Cheers and thanks for the great and informative work

Your rendition of my code contains a serious typo. The last block of code logically reads "if the requested hostname is not EXACTLY www.some-domain.com then redirect to www.example.com thereby suggesting the browser makes a new request. That new request (for a www.example.com URL) meets the rule "if the requested hostname is not EXACTLY www.some-domain.com then redirect to www.example.com" and therefore redirects again. And again. And again. Forever. The correct syntax is to put the same sub-domain, domain and TLD information in the RewriteCond as is found in the RewriteRule (the only difference being the escaping of literal periods in the RewriteCond pattern).

Yes, in the long rounds of testing, mostly documented in the "Master .htaccess File" thread, it was found that the index redirect code was too simplistic and needed some extra conditions and exclusions. That code was updated several times as various things were tried, and the final code ended up as this:
Code:
########## Begin - 301 Redirect
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*(index|home)\.html?\ HTTP/
RewriteRule ^(([^/]+/)*)(index|home)\.html?$ http://www.example.com/$1 [R=301,L]
#
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^(([^/]+/)*)index\.php$ http%2://www.example.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
########## End - 301 Redirect

I urge you to use the new .htaccess file that comes with Joomla 1.5.23 onwards and Joomla 1.6.2 onwards. Look for the file called htaccess.txt in the installer package. It contains a note showing exactly where the redirects should go (in addition to a number of other changes). Add your new redirect code in the file at the point it says "redirects go here", or similar.

_________________
Online since 1995.


Last edited by g1smd on Mon May 02, 2011 6:22 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Mon May 02, 2011 5:43 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
@Chacapamac Yes, it is a confusing mashup of multiple bits of code, many of which can't possibly work, or which return the wrong responses or lead to unwanted redirection chains. It would take me a long time to pick through it, and comment on it line by line.

In short, you do not need two .htaccess files. You need just one file in the root.

If you ever do find yourself with two .htaccess files, you must ensure that any and all external redirects are placed in the root .htaccess file and never in the sub-folder .htaccess file. You also need to be sure that all rewrites are listed in the root .htaccess file and are placed after the redirects OR are located in the sub-folder .htaccess file. In particular, if there are redirects in the sub-folder .htaccess file and rewrites in the root .htaccess file then the redirects will expose previously rewritten URLs back out on the web - and that would be a complete disaster.

You need to list all of the redirects before any of the rewrites.

Within the list of redirects, the order should be most specific first and most general last. The non-www to www redirect is usually the last redirect. A redirect tells the browser to make a new request for a new URL.

After the redirects, list the rewrites. These also go in order from most specific to most general. A rewrite accepts a URL request and fetches content from inside the server using an internal path that is different to that which was suggested by the path part of the original URL request.

RegEx patterns need to be properly escaped.

All of the redirects should be 301 redirects. There should be no 302 redirects.

The code you need, should firstly redirect non-canonical requests, and then should rewrite Joomla URLs to the correct internal server path. It is easy to add negative match RewriteCond lines before the RewriteRule so that the rule affects only the requests that it needs to.

You should know that mod_rewrite deals with incoming requests to the server and using your rules it either tells the browser to make a new request for a different URL (a redirect) OR it maps the incoming external request to a non-default internal server filepath to fetch the content (a rewrite). It is too late to redirect the user to a different URL after you have started rewriting the incoming request. Indeed, such a redirect will expose the previously rewritten internal filepath back out on to the web as a new URL - a disaster.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Mon May 02, 2011 6:17 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Quote:
I urge you to use the new .htaccess file that comes with Joomla 1.5.23 onwards and Joomla 1.6.2 onwards. Look for the file called htaccess.txt in the installer package. It contains a note showing exactly where the redirects should go (in addition to a number of other changes). Add your new redirect code in the file at the point it says "redirects go here", or similar.


Thank you, you have repeatedly proven obligingly helpful...

I had been using the latest version of the file (I had been following the Joomla 1.5 htaccess file thread at Joomlacode) but I kept inserting the code I pasted above...

So now I just have to copy the 301 redirect code that you posted above in the designated area in the .htaccess file, right?
Code:
########## Begin - 301 Redirect
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*(index|home)\.html?\ HTTP/
RewriteRule ^(([^/]+/)*)(index|home)\.html?$ http://www.example.com/$1 [R=301,L]
#
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^(([^/]+/)*)index\.php$ http%2://www.example.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
########## End - 301 Redirect


Maybe a foolish question (like I have smart ones)...when I updated to J1.5.23, the new "htaccess.txt" file was copied to the root of my Joomla site....does it cause any problems to have both the ".htaccess" and the "htaccess.txt" file in the same folder, given that that the former should normally be the renamed latter (when enabling "mod_rewrite") in Joomla settings?


Top
 Profile  
 
PostPosted: Mon May 02, 2011 6:27 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
The file called htaccess.txt is ignored by Joomla and by the server. Whenever you update Joomla, that file will be overwritten.

Only the file called .htaccess will be used by the server, and it needs to be manually updated to include whatever rules you want to include. If you update Joomla, this file does not get updated unless you manually do it yourself.

In this case, it is simply a case of pasting in the above block of redirect code into the .htaccess file. If you use the file that comes with Joomla 1.5.23 onwards or Joomla 1.6.2 onwards then there is a note inside the file that says "redirects go here". Place the new redirect code at exactly that point in the .htaccess file.

Some sites need to merge the code from their old .htaccess file with the code found in the new htaccess.txt file in order to end up with the correct operation.

This is the code that performs domain canonicalisation for Joomla sites:
Code:
########## Begin - 301 Redirect
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*(index|home)\.html?\ HTTP/
RewriteRule ^(([^/]+/)*)(index|home)\.html?$ http://www.example.com/$1 [R=301,L]
#
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^(([^/]+/)*)index\.php$ http%2://www.example.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
########## End - 301 Redirect

_________________
Online since 1995.


Last edited by g1smd on Wed May 04, 2011 10:38 am, edited 3 times in total.

Top
 Profile  
 
PostPosted: Mon May 02, 2011 6:31 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Tue Sep 21, 2010 2:39 pm
Posts: 152
Much obliged @g1smd...

I have copied the new code in the designated area in the .htaccess file, I have tested and works great...


Top
 Profile  
 
PostPosted: Mon May 02, 2011 6:42 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
There's still the possibly that some non-conforming extensions may be blocked by this code, but the chances are now incredibly small.

Please do report any and all such issues so that a solution can be found.

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Fri Jun 03, 2011 10:58 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Oct 25, 2010 12:38 am
Posts: 30
@g1smd thanks, for the great effort...

i have some interesting things here.

i had joomla 1.5.21 but updated, to 1.5.23, but i just discovered now there is a new .htaccess, but mz joomla still used the old one, after i have changed to the new one written by you my site began working faster, but i have several other problems now

I just wanted to work only with www. but now... :(


my htaccess file is the following one :
Code:
## EOMBAK - Do not remove this line or this file
##
##

# @version $Id: BASED ON htaccess.txt 14401 2010-01-26 14:10:00Z louis $
# @MODIFIED 2011-03-03
# @package Joomla
# @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
#####################################################

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
## Deny access to extension xml files (uncomment out to activate)
#<Files ~ "\.xml$">
#Order allow,deny
#Deny from all
#Satisfy all
#</Files>
## End of deny access to extension xml files
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode data within the URL
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C)([^s]*s)+cript.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule .* index.php [F]
#
########## End - Rewrite rules to block out some common exploits


########## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteRule ^(([^/]+/)*)index\.php$ http://www.mysite.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.mysite\.com)?$
RewriteRule (.*) http://www.mysite.com/$1 [R=301,L]
#
########## End - Custom redirects


# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)

# RewriteBase /


########## Begin - Joomla! core SEF Section
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} (/[^.]*|\.(php|html?|feed|pdf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
########## End - Joomla! core SEF Section


Problems:

1. i can't log in to administrator, it just reloads the admin login page
2. after every article appears this code:
Code:
Options +FollowSymlinks RewriteEngine on rewritecond %{http_host} ^domain.com [nc] rewriterule ^(.*)$ http://www.domain.com/$1 [r=301,nc]

This happens only in full text mode when reading an article.(if you push read more.)
3. my sef urls got totally crazy.
When i access an article the menu urls are ok, but when i am on front page, or on some otther blog view page the sef urls stop working ( /index.php?Itemid=40 ), if i access an other article then everything works again nicely

what could be the prob?

_________________
picpac


Top
 Profile  
 
PostPosted: Fri Jun 03, 2011 11:39 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
That's a lot of errors. All are easily explained.

The main .htaccess file you are using is not the latest version. Get a new htaccess.txt file from the Joomla 1.5.23 (or later) package or from the Joomla 1.6.2 (or later) package and use that. It is compatible with all older versions of Joomla.

The redirect code you added to the .htaccess file contains a number of errors. The code was posted in some thread a few months ago, and then modified several times in later posts in that thread. The new redirect code you need is posted below.

The code that now appears at the bottom of your content pages has obviously been posted into the wrong file. That sort of code normally goes in the .htaccess file. However, on this occasion do not move it there because the code contains many errors. Use new the code below in your .htaccess file. Remove the code you quoted from whichever template it got added to.


Once you have obtained the correct htaccess.txt file from a recent Joomla package, add this code in the section marked "redirects go here" upload the file to your server, then rename it to .htaccess so that the server can use it.
Code:
########## Begin - 301 Redirect
#
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*(index|home)\.html?\ HTTP/
RewriteRule ^(([^/]+/)*)(index|home)\.html?$ http://www.example.com/$1 [R=301,L]
#
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^(([^/]+/)*)index\.php$ http%2://www.example.com/$1 [R=301,L]
#
RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
########## End - 301 Redirect

_________________
Online since 1995.


Top
 Profile  
 
PostPosted: Sat Jun 04, 2011 12:58 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Mon Oct 25, 2010 12:38 am
Posts: 30
Thank's for the fast answer...but still i`m facing some issues, but at least i can access the admin page now..:)

g1smd wrote:
Get a new htaccess.txt file from the Joomla 1.5.23 (or later) package or from the Joomla 1.6.2 (or later) package and use that.

g1smd wrote:
Once you have obtained the correct htaccess.txt file from a recent Joomla package, add this code in the section marked "redirects go here" upload the file to your server, then rename it to .htaccess so that the server can use it.


I did that, but i have the same sef url problem, in article view everyting works, when i am browsing from the front page, or sections, the url-s are not sef(/index.php?Itemid=5).


g1smd wrote:
The code that now appears at the bottom of your content pages has obviously been posted into the wrong file.


Actually it's strange, because i face this problem only since yesterday, when i put in the rewrite rule to be www. in htaccess, so i didnt put in to template files to show there..

i am a beginner, but still, i figured out many things.. but this prob, have beaten me :-[

_________________
picpac


Top
 Profile  
 
PostPosted: Sat Jul 30, 2011 12:24 pm 
User avatar
Joomla! Guru
Joomla! Guru

Joined: Wed Feb 20, 2008 6:50 am
Posts: 617
Location: Canada, Montreal
I want to praise g1smd to bring some light on the subject. I’m writing a tutorial for myself that I will put here after to be Check and/or modified to help everybody with the same questions.

I will post some question and statement to verfied that I understand well.

Most of the shared hosting (e.g. Bluehost) create a htaccess at the creation of the domain name.

g1smd said that
Quote:
1— you do not need two .htaccess files (Root and joomla). You need just one file in the root


Tell me if I’m right ?
This mean...
Question 1— I can and I should replace the htaccess created by the hosting service by the Joomla htaccess

Note: In my case I probably have to transfer special code inserted in the htaccess (FastCGI) in that Host automatic created file e.g.
Code:
 # Use PHP5CGI as default
AddHandler fcgid-script .php
to my Joomla htaccess replacement or any other code needed by the hosting service.

Question 2—In the case of subfolder Joomla installation should I remove the Joomla htaccess from the subfolder and replace (in the same way that above) the automatically created one (from the host) to have only one htaccess in the root www or public_html folder?

Question 3— What part and how the original Joomla htaccess have to be modified to redirect properly to a subfolder?

_________________
God help us!
Marketing, SEO, Web development - Powered by Joomla!
http://www.grafcomm.ca/


Top
 Profile  
 
PostPosted: Sat Jul 30, 2011 10:17 pm 
Joomla! Guru
Joomla! Guru

Joined: Mon Feb 21, 2011 4:02 pm
Posts: 951
Location: UK
Question 3 - Do you really mean redirect or do you mean rewrite?

There's several things that interact here. You're installing the Joomla software in a sub-folder, but do you want the folder name to appear in the URL or not?

_________________
Online since 1995.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 84 posts ]  Go to page 1, 2, 3  Next



Who is online

Users browsing this forum: No registered users and 21 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group