I plan on having my website undergo scheduled maintenance, and simply want to restrict any access to the site or its subpages unless its coming from my IP. I would like to redirect anyone else to a temporary page instead.
I've seen the modifying the htaccess like:
order deny,allow
deny from all
allow from 98.6.000.111
But 1) this doesn't allow me to temporarily redirect users to another HTML page and 2) speaking of temporarily, in my experience users have had their browsers cache the htaccess and even after I change it, they were still being redirected and this is obviously undesirable.
Are there any other strategies, or ways to prevent the issues mentioned above with the htaccess method?
Note: I am not using a plugin for this as the site is undergoing massive changes including swapping of plugins/code/etc so I need the redirect to be more higher-level than WP-level stuff.
You can use a 302 temporary redirect:
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_HOST} !^98.6.000.111
RewriteRule .* http://www.anothersite.com [R=302,L]
or (you almost got it right)
ErrorDocument 403 http://www.anothersite.com
Order deny,allow
Deny from all
Allow from 98.6.000.111
The last option has some caveats depending on your WordPress folder structure.
In the case of redirecting to subdomain you can do:
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^98.6.000.111
RewriteCond %{HTTP_HOST} ^(www.)?yourdomain.com$
RewriteCond %{REQUEST_URI} !^/yoursubdirectory/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /yoursubdirectory/$1
RewriteCond %{HTTP_HOST} ^(www.)?yourdomain.com$
RewriteRule ^(/)?$ yoursubdirectory/index.html [R=302,L]
Explanation:
The 1st line enables Apache’s rewrite engine, mod_rewrite.
The 2nd line checks if the request is coming from your IP. If it is, then the redirect does not happen.
The 3rd line takes makes sure requests to http/https and www/non-www are used.
The 4th line prevents an infinite-loop scenario by testing the request against the name of your subdirectory.
The last line basically redirects all requests that meet all previous rewrite conditions to the specified subdirectory and file.
Related
I know this is not the first time someone has asked this, but I tried other solutions and they don't seem to work.
So I have a website with a SSL certificate and a redirect rule in my .htaccess file to point visitors to https. However, there is one specific page I want to exclude from SSL.
This is the code in my .htaccess file:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
So my question is, how do I create a rule that excludes www.example.com/shop from SSL?
Most likely you can use another RewriteCond on the redirect to block redirecting for that particular URL. However, how are you going to handle the resources loaded by that page? It will load stuff like images, CSS, Javascript, etc. Should those be loaded over plain old HTTP too? And what happens when something clicks on a like to view their shopping cart, will it go to another URL (and thus go over HTTPS again)?
I'm not entirely sure what you want to achieve, but it sounds a bit silly to me. Why would you want to exclude only one particular page from a safe & secure connection? (And why wouldn't you serve the whole site over TLS?) But maybe you tell us the reason for this so maybe we can help you find a different solution?
I've read up on several posts here and elsewhere regarding very similar questions (this one probably being the closest). The catch with our situation is that I don't want WP to be a blog that is appended to our app, but rather the thing people see when they hit our URL. The problem, of course, being that Codeigniter, since it's in the root whilst WP is in /wordpress/, has its index.php in the root. For me to set WP up to read as root without it being such requires it's index.php to be in the root.
Any ideas besides moving our application portion into a new directory? Have tons of user activity at the moment that is mission critical so don't want to fool with potential downtime, conflicts, etc. Basically we want to not touch the app if at all possible and simply have people not logged in route to the WP marketing site without seeing /wordpress/ in the URL.
Thanks for any pointers!
Basically we want to not touch the app if at all possible and simply have people not logged in route to the WP marketing site without seeing /wordpress/ in the URL.
If your main app handles authentication, you're probably using a cookie to store an authentication token. Your can use this cookie in your .htaccess in order to determine how the URL is rewritten. Something like this should work:
RewriteEngine On
RewriteBase /
# if auth cookie is not set, use /wordpress/ routes
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{HTTP_COOKIE} !^.*authcookiename.*$ [NC]
RewriteRule ^(.*)$ wordpress/index.php/$1 [L]
# otherwise, use the codeigniter routes
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
There are two caveats:
This might cause issues with wordpress routes for static resources. You might need to finagle with some RewriteConds and the Wordpress config to make this work properly.
Assuming you aren't already, you need to edit config.php such that:
$config['index_page'] = '';
I have a client project that requires a specific domain name to be redirected to another directory, while the rest of the site is a standard WordPress installation.
My redirect appears to be written properly, and is placed at the very top of the htaccess file:
Options +FollowSymLinks
RewriteCond %{HTTP_HOST} ^old_domain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.old_domain\.com$ [OR]
RewriteRule ^/?$ "http\:\/\/www\.new_domain\.com\/directory\/" [R=301,L]
The problem is that it won't redirect http://old_domain.com/index.html
Instead, it sends the user to WP's 404 page.
What am I doing wrong?
UPDATE:
After receiving an otherwise helpful suggestion, I thought some additional context would be in order.
This is a real estate project. The main WP site (new_domain.com) is for condo sales, and they have a separate external site for condo rentals.
They have a third legacy domain (old_domain.com) that they want to redirect to a portal page (new_domain.com/directory), where the user can select buy or rent, and then proceed to the appropriate site.
So, we don't want all requests to be redirected, just any that use the legacy domain.
The following rule should work. It should redirect all requests from www.old_domain.com and http://old_domain.com to http://www.new_domain.com/directory
RewriteEngine On
RewriteRule ^(.*)$ http://www.new_domain.com/directory/$1 [R=302, L]
Change 302 to 301 when you are sure the redirect works
EDIT:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^old_domian.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.old_domain.com$
RewriteRule (.*)$ http://www.new_domain.com/directory/$1 [R=302,L]
You must have RewriteEngine On. You can consolidate the two www. and non-www. tests. Don't put an [OR] after the last RewriteCond.
RewriteCond %{HTTP_HOST} ^(www\.)?old_domain\.com$
Is new_domain.com an "add-on" to old_domain.com, so that both pass through the same .htaccess file, but with different domain names? Or are these physically separate systems, with their own .htaccess files? That is, what URLs are going to pass through this .htaccess file?
Your current code will redirect anything coming in on old_domain.com to /directory/<original URI+Query String> on new_domain.com, and tell search engines and users to update their entries and bookmarks. Is that what you want?
I have a website located here: https://www.virginiaseo.org
I use a Wordpress plugin, which forces all content to be over HTTPS. Without this plugin, I get the little yellow mixed content sign, which is less than desirable. This plugin forces every page including admin to be on HTTPS.
Here is the plugin page: http://wordpress.org/plugins/wordpress-https/
I also use .htaccess rules, and include one to force HTTPS. Here is the rule:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.virginiaseo.org/$1 [R=301,L]
</IfModule>
This all works great, except for a couple of resources I can't get over http which are needed by third party crawlers and applications. A prime example is: robots.txt
How can I make robots.txt accessible over http while not messing up everything else on the site.
Also, the HTTPS configuration with the plugin is less than prime, but it seems the only way to FORCE HTTPS on my entire site. I am concerned with duplicate content issues and such by having it available on http at the same time. I am open to any suggestions about my setup, and thanks in advance!
You can try a rule like this:
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !/(robots\.txt|favicon.ico) [NC]
RewriteRule ^(.*)$ https://www.virginiaseo.org/$1 [R=301,L]
RewriteCond %{HTTPS} on
RewriteRule ^(robots\.txt|favicon.ico)$ http://www.virginiaseo.org/$1 [R=301,L]
I have domain1.tld and domain2.tld. Domain1.tld is the primary domain name and domain2.tld is merely an alias. I have domain2.tld successfully redirected to domain1.tld, via HTACCESS, but I want all subdomains on domain2.tld to likewise redirect to their parallel subdomain on domain1.tld, dynamically.
For example: bla.domain2.tld should redirect to bla.domain1.tld, and foo.domain2.tld should redirect to foo.domain1.tld.
This solution needs to be dynamic, not hard-coded to specific subdomains.
Haha, I guess what I'm writing is a catch-all, one-to-one, subdomain-inclusive, alias domain redirection script in HTACCESS.
Information:
I am on Bluehost, without access to VHOSTS, HTTPD.CONF, etc.
I have a Wordpress subdomain network (multisite). This means my domain1.tld subdomains are virtual. Wordpress handles this, so as long I can get foo.domain2.tld fully redirected to foo.domain1.tld, Wordpress should be none-the-wiser and work properly. Right?
Wordpress has the "Professional Domain Mapping" plugin. This allows the sites on my network to have their own domain names. But the issue at hand only concerns sites on my network that don't have their own domain names, and thus utilize subdomains on my primary domain (domain1.tld).
Thus, I have a wildcard subdomain set up for domain1.tld.
But I also have a wildcard subdomain set for domain2.tld, just to make sure that all subdomains on domain2.tld are going to the same IP address as domain1.tld: my thinking being that then these subdomains should be readable by the HTACCESS in my root folder.
This is the rule in my HTACCESS that I'm expecting to do this:
RewriteCond %{HTTP_HOST} ^(www\.)?([a-z0-9-]+\.)?domain2\.com$ [NC]
RewriteRule ^(www\.)?([a-z0-9-]+\.)?(.*) http\:\/\/%2domain1\.com\/ [L]
But this isn't working. What am I missing?
I have also tried using an environmental variable, like this:
RewriteCond %{HTTP_HOST} ^(www\.)?[E=subdm:([a-z0-9-]+\.)]?domain2\.com [NC]
RewriteRule ^(.*) http\:\/\/%{ENV:subdm}domain1\.com\/ [L]
...but this just plains breaks both domains. :D
I'm relatively proficient with regular expressions, hence how comfortable I am working with HTACCESS, but I'm actually quite new to the world HTACCESS. I need another pair of eyes!
↓ UPDATE (2011-11-08 9:33am EST) ↓
I tried the first solution Jon Lin suggested, and had to edit it slightly. Originally, it wouldn't handle domain2.com without a subdomain until I put the period inside the second match parenthesis pair and followed the pair with a question mark.
As you can see below, I have gone ahead and provided the entire contents of my HTACCESS, in case you can tell that something is conflicting.
Currently redirecting properly with the suggested RewriteRule: www.domain2.com, domain2.com, and domain2.com/foo
Currently NOT redirecting with the suggested RewriteRule: foo.domain2.com
# Use PHP5 Single php.ini as default
AddHandler application/x-httpd-php5s .php
Options +SymLinksIfOwnerMatch
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.)?([^\.]+\.)?domain2\.com$ [NC]
RewriteRule ^(.*)$ http\:\/\/%2domain1\.com\/$1 [L,R]
# BEGIN WordPress
RewriteBase /
RewriteRule ^index\.php$ - [L]
# uploaded files
RewriteRule ^files/(.+) wp-includes/ms-files.php?file=$1 [L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule . index.php [L]
# END WordPress
You're on the right track with %{HTTP_HOST} but you need to use backreferences (%1, %2, etc) to access the match against it. You want to do something like this:
RewriteCond %{HTTP_HOST} ^(www\.)?([^\.]+)\.domain2\.com$ [NC]
RewriteRule ^(.*)$ http://%2.domain1.com/$1 [L,R]
Note that if you try to access: http://www.sub.domain2.com/foo it will redirect you to http://sub.domain1.com/foo, The "www." of the original request is gone. If you want the www, change the rule to:
RewriteRule ^(.*)$ http://%1%2.domain1.com/$1 [L,R]