I have a Wordpress site that responds with JSON to every request, i.e. the following pages:
/
/about
/about/team
All respond with json. The htaccess file looks like this:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
I'd like to keep what I have now, but also respond with the same data when index.json is added to the url:
/index.json
/about/index.json
/about/team/index.json
How can I update my htaccess to also respond to these urls in the same way?
Based on what #MrWhite said in comments (gonna quote here, because comments might get removed later),
However, the "problem" here is WordPress. WP routes URLs based on the REQUEST_URI, which does not change during a URL rewrite. So you really need to implement this within WordPress itself.
you could probably just “reset” the value of $_SERVER['REQUEST_URI'] in PHP, if it ends with /index.json. (Relatively easy string manipulation / regex job.)
The remaining problem would just be to figure out a “correct” way to do this – I guess trying to do this via any hooks from inside the theme’s functions.php or a plugin, might be too late. You can give that a try anyway, if you like - the order of hooks as described here is what I would go by, https://wordpress.stackexchange.com/a/162869
The init hook is pretty far down, even after the current user was determined, etc. – but maybe plugins_loaded or setup_theme might be suitable for stuff like this.
If that doesn’t work, still some possible alternatives:
If you can influence the PHP configuration, auto_prepend_file would allow you to specify a script that gets automatically run before anything else PHP does - so you could fix the value before the index.php code even executes.
You could write your own little “wrapper” file, say index2.php, that fixes the value, and then simply includes the original index.php afterwards. Only problem with that - you probably wouldn’t want to change the default WP rewriting between the BEGIN and END WORDPRESS comments in the .htaccess, because WP will overwrite that part, when you flush your permalink settings. But an additional internal rewrite of index.php to index2.php after, could probably solve that.
If mod_proxy is available, you could proxy the request internally. Probably not the best in terms of performance, but at least an alternative to an external rewrite, if you wanted to avoid that at all cost.
Related
TL;DR: I want to redirect https to http on all pages except for admin/login, where I want the exact opposite to happen. I also want www redirected to bare domain name. (UPDATE: Check Update 3 for the answer)
As is probably clear from the title, I have a Wordpress blog hosted on OpenShift for free. I have a custom domain bought from GoDaddy. I'm using cloudflare so I can have free SSL.
Here's my configuration:
CloudFlare DNS:
CloudFlare Page Rules:
This is what worked best. I actually wanted to have this rule:
*ghostlessmachine.com/* -> https://ghostlessmachine.com/$1
But I ran into even more problems like that, even though it seems to be pretty much what I'm supposed to do according to this CloudFlare article. Actually, initially I wanted to only force SSL in admin pages, but I didn't even know how to attempt that. I thought of using two page rules, like this:
*ghostlessmachine.com/* -> http://ghostlessmachine.com/$2
*ghostlessmachine.com/wp-* -> http://ghostlessmachine.com/$2
But I had no luck.
Here's my OpenShift configuration:
When I write ghostlessmachine.com in my address bar, it correctly takes me to https:.... I have shared a link, however (https://ghost...), and one person has reported not being able to access it. I couldn't reproduce locally.
When I try www.ghost..., I get:
This webpage has a redirect loop
ERR_TOO_MANY_REDIRECTS
Does anybody have any idea what I'm doing wrong? I've lost track of how many different configurations I've tried, but nothing seems to work.
Thanks!
UPDATE
OK, so following the advice in the comment I managed to get the situation a bit better. Still it's counter intuitive for me how the article I initially linked to just didn't get the job done while the other SO question did. So here's what I've changed:
Deleted the www.ghost... alias from OpenShift.
Changed CloudFlare's CNAME record from www -> blabla.rhcloud.com to www -> ghostlessmachine.com
Created this Page Rule: www.ghostlessmachine.com/* -> http://ghostlessmachine.com/$1
Now both ghost... and www.ghost... work and take me to http://ghost.... However, if I type https://ghost..., it also works without redirecting me to simple http. This is a problem.
I tried using this Page Rule instead:
ghostlessmachine.com/ -> http://ghostlessmachine.com/$2
So that I got https://, http://www, www, everything redirected to http://ghost..., but it doesn't work. I can't access my blog anymore and whatever address I try I get ERR_TOO_MANY_REDIRECTS.
UPDATE 2
Here's my full setup after all suggestions:
htaccess:
wp-config.php:
CloufFlare:
Result:
https -> http on non-admin/login pages: WORKING ✓
Trying to access admin/login pages: ERR_TOO_MANY_REDIRECTS
Update 3
This did the trick:
I still don't understand why this works and the rest doesn't though. This was basically a series of rather blind trial and error with some input from Allen here and Simon in the CloudFlare support page. In any case, all my requirements are respected now, thanks!
make sure following in your wp-config.php file:
define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
look over here: Force non-WWW but force https across all of wordpress & the entire domain
for redirect everything else to non-https, you can add following into your root .htaccess file, before the wordpress rewrite:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{REQUEST_URI} !^/wp-admin.*
RewriteCond %{REQUEST_URI} !^/wp-login.*
RewriteCond %{HTTP_REFERER} !^https://.*
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1 [L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Update:
CloudFlare's Page rule has following "Page rule priority is determined by their position in the list. If multiple rules match a URL, rules at the top take higher priority. "
let's see what happens before:
request to https://www.ghostlessmachine.com/wp-admin hit the first
rule, match found, then it goes to
http://www.ghostlessmachine.com/wp-admin!
now here comes http://www.ghostlessmachine.com/wp-admin, first rule,
no rewrite, goes down to 3rd rule, oops, it needs goto
https://www.ghostlessmachine.com/wp-admin!
this is how the loop comes
I am using the following to prevent unauthorized access to files. (This is an .htaccess question, but may also require familiarity with WP Jetpack)
RewriteRule ^wp-content/uploads/archive/(.*)$ /wp-content/plugins/paid-memberships-pro/services/getfile.php [L]
It redirects request for files through a module that checks to see if the requestor has access.
The problem is that a specific requestor, Wordpress Jetpack is locked out and I want to let them in to generate thumbnail images.
If you are familiar with Wordpress Jetpack, you know it generates image thumbnails such as http://i0.wp.com/www.example.com/wp-content/uploads/archive/2015/10/SH3_2173.jpg
To solve this, I assume I need two pieces of information:
How to identify when Jetpack is the one making the request (perhaps it is identified as coming from the wp.com domain?)
How to exclude a specific entity (e.g. wp.com) from the above RewriteRule
Part 1 is really a WP Jetpack question, and part 2 is an .htaccess question; so not sure the best place to post this, but I felt keeping them together would be helpful for context.
I solved it with this:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} !Photon.+ [NC]
RewriteRule ^wp-content/uploads/(.*)$ /wp-content/plugins/paid-memberships-pro/services/getfile.php [L]
There's a critical security breach in Revolution Slider, a plugin for WordPress. It works by accessing a certain URL that let's download the config files eg.
www.domain.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
I've been trying to make a rewrite condition so that url wouldn't be accessible anymore. This is what I have now in my .htaccess file
RewriteEngine on
RewriteCond %{QUERY_STRING} ^action=revslider_show_image&img=(&.*)?$ [NC]
RewriteRule ^wp-admin/admin-ajax\.php$ /?%1 [R=301,NE,NC,L]
but it doen't work, I'm not very familiar with rewrites, any suggestions on what I'm doing wrong here?
Instead of redirecting to protected file, you should forbid it (with F flag, equivalent to 403).
Also, you have an error in your condition's pattern.
Put this code in your htaccess before Wordpress' main rule
RewriteCond %{QUERY_STRING} ^action=revslider_show_image&img=[^&]*$ [NC]
RewriteRule ^wp-admin/admin-ajax\.php$ - [F]
Justin's answer will work and directly answers your "how do i" question, BUT...
This will prevent Rev Slider from working entirely, since you're forbidding the ajax call which is used to get and display an image.
I know you're looking for a quick fix until you get the plugin updated (which I did confirm myself today, patching to 4.6 works just fine), but be careful about HOW you're doing it. The best thing for you to do is update the plugin, not to implement this.
I have a website done in Wordpress and I need to make some changes in the fiendly URLs.
I’ve created a page from the admin panel named detail, this page reads the template file detail.php from the templates folder.
The URL that is currently mounted is http://www.domain.com/detail/1234/ and I need that it could be accessed as http://www.domain.com/anything/1234/.
The following lines have been generated by Wordpress but I don’t understand them and I don’t know how to modify them for my purpose:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
First you should really understand what those rules are doing and what you really want to achieve. Then you can try to change the system to fit your needs.
IfModule ensures everything inside is processed only when mod_rewrite Apache module is present. All the other directives are from this module.
RewriteEngine On enables URL rewriting.
RewriteBase / tells the engine that the rules operate inside root. See also the general question on how RewriteBase works.
RewriteRule ^index\.php$ - [L] means that no more rules should be processed ([L]) if the current URL to be rewritten is index.php. No rewrite takes place. RewriteRule directive accepts a regex. See also regex tag here on SO.
All RewriteCond directives apply to the following RewriteRule. Unless [OR] flag is added, they must be all satisfied at the same time to execute the rule. In this case they mean:
Requested resource is not a regular file.
Requested resource is not a directory.
Rewrite any (at least one character long) URL to index.php. This is the last ([L]) rule to be processed.
When adding new RewriteRules, you probably want to use the WordPress way of doing this, as described in Zac’s answer. Figuring out the right rule by analogy to the many examples in the manual or here on SO should not be hard.
Put into functions.php maybe a better idea:
functions.php
function setRewriteRule($orgRules){
return array( '/([^/]+)/([0-9]+)/?' => 'index.php?post=$matches[1]' ) + $orgRules;
}
add_filter('rewrite_rules_array', 'setRewriteRule');
Then you just need flush the rewrite rules, I usually use 'rewrite-rules-inspector' plugin.
This should solve your problem give it a try ... you can write your own custom permalink without adding any code also if someone tries to access the page via old URL they will be redirected to the new one.
WordPress Custom Permalinks
After installing this you just have to go into pages and type your own URL below the heading
I am planning on migrating a blog that is currently hosted at
www.blog.com
to a subdirectory in a new domain such as
newdomain.com/blog
So far I've seen several tips on how doing this and [in particular from Yoast (Joost) is helpful but not identical to my situation 1.
Any suggestions?
The main steps on Joost's article are as follows:
[1 ] Edit wp-config.php
define('WP_SITEURL', 'http://www.newdomain.com');
define('WP_HOME', 'http://www.newdomain.com');
[2 ] Use the Search and Replace plugin to replace old URLs
[3 ] Update .htaccess to
Redirect 301 /blog/ http://www.newdomain.com/ // <== note this is NOT my situation
// I likely need the reverse
However, this won't address my particular need, in which a different change in .htaccess and wp-config.php may be necessary.
Any suggestions?
Wordpress has some RewriteRules that it wants to use in an .htaccess file. It should look something like this:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
I think that all you need to do is take this and place it in an .htaccess file in your document root (where http://www.newdomain.com/ is). If you don't have any special rewrite rules or options in your .htaccess file, you could just move the file out of /blog/ and into /. You don't want these rules in both places.
Then in wordpress' admin panel (you'll need to go here: http://www.newdomain.com/blog/wp-admin/options-general.php ) there are 2 fields, one for WordPress address (URL) (this should say http://www.newdomain.com/blog/ ) and one for Site address (URL) (this should say http://www.newdomain.com/ ). And I think that's all you need to do.
If you are using custom themes you may want to double check any absolute URIs you have in the headers/footers/etc.
There's some more information about doing this here: Giving Wordpress It's Own Directory
EDIT: I forgot to mention that you need to create an index.php in your document root. In the link above, under the section Using a pre-existing subdirectory install, you need to follow the steps to create an index.php. You only need 2 lines.
As for the code-igniter/wordpress conflict. You may need to get the 2 rules to jive with each other, and that may not be so easy to do. You either have to move code-igniter's rules into their own directory or use RewriteCond to make sure they don't step on each other. For example, adding a RewriteCond !/index.php so wordpress' rewritten URI won't get re-rewritten by code-igniter's.
I would suggest a clean install. Just export your blog posts as XML, and copy over the uploads.