So I have a setup that looks as follows:
www.mydomain.com - runs a complex multisite Wordpress install
www.mydomain.com/othersite - for various reasons this needs to run a totally separate install of Wordpress, but the URL must be in this format for historic reasons.
I'd like the "othersite" install of WP not to have to sit in the directory of the main multisite install, eg
/var/www/main-multisite
/var/www/othersite and NOT /var/www/main-multisite/othersite
My understanding is that I couldn't create a separate virtualhost for othersite, so I created an alias in the main virutalhost:
Alias /othersite /var/www/othersite
However when doing that, it seems the .htaccess file in /var/www/othersite is being ignored - I first noticed this as the permalinks in Wordpress don't work. I tried adding other directives into .htaccess but none work...so I then put gibberish into .htaccess to try and induce an error...but that didn't happen. So taht confirms my thinking that .htaccess is being ignored.
However, if I remove the alias from the Virtual host, and move things so we have
/var/www/main-multisite/other
everything works fine, and the .htaccess in the folder works ok! But this is not how I want things.
Can anyone help me shed any light on what I'm missing here?
Thanks in advance.
After you have set the Alias, you should set the group of directives to apply to the directory. You should add the <Directory> directive in apache config. The default config AllowOverride None will completely ignore .htaccess on the directory. You should also check the documentation about the <Directory> directive.
<Directory "/var/www/othersite">
Options FollowSymLinks Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Related
I noticed that if I go to mysite.com/wp-includes/ then it shows all the files in that folder and I would like to disable it (I think that it's a security vulnerability).
After searching online I found an easy solution (adding Options –Indexes in the .htaccess file) but I'm wondering if this may cause any problems with Wordpress or with Google indexing my website?
I use that (along with plenty other htaccess security measures) with all my WordPress sites:
I use:
Options All -Indexes
In my root .htaccess file and have never had issues with either WordPress or search crawlers.
I also have an additional .htaccess file in my /uploads directory for additional security precautions. Some of it may be overkill, so your mileage may vary.
If you want to block from your Apache put this in your virtualhost:
<Directory /var/www/mysite.com/public>
Options -Indexes
AllowOverride All
Require all granted
</Directory>
Restart your apache and it is done.
This very popular security plugin blocks directory listing by adding to htaccess file:
Options -Indexes
According to this answer, this is more secure than:
Options All -Indexes
We've tried a few things that we found around Google for this, but can't seem to get anything to work.
The Problem
We have a server with around 500 Wordpress websites on it. We're trying to lock down all the wp-login.php pages for every instance to the IP address of our office using a global htaccess - but the individual Wordpress htaccess files are overriding this.
The Environment
We're hosted on an AWS Linux server running Plesk to manage each website / Wordpress instance.
The Question
Is there a way we can set one htaccess file on the server to lock down all of the Wordpress login pages without the individual htaccess files overriding this?
any help or suggestions for a good way to do this, would be appreciated.
Thanks in advance
I assume that you have read up on the RewriteOptions directive. As I explain in Tips for debugging .htaccess rewrite rules and as you have found with WP which generates its own .htaccess files, by default the current path is scanned for .htaccess and the rewrite rules in the lowest are applied unless a higher one specifies a RewriteOptions Inherit in which case it's rules are executed after rules specified in the child scope, and this is the catch-22 in that WP access file generates a [L] flag on all its execution paths preventing the parent rules from firing.
So the answer is to do this with an Apache mechanism other than rewrite and you can use the SetEnvIf directive:
SetEnvIf Remote_Addr "!^192\.168\." forbidden
<Files *>
Order allow,deny
Allow from all
Deny from env=forbidden
</Files>
or
SetEnvIf Remote_Addr "!^192\.168\." forbidden
<Directory /var/www/wproot>
Order allow,deny
Allow from all
Deny from env=forbidden
</Directory>
Clearly you'll need to change the Regexp to your local needs but this should do the biz. The Apache docs give other variants on this, but you should be able to find one which works in your case. Just put this in the a per-virtual server context -- within a Directory(Match) directive if necessary -- or in a common parent directory .htaccess file.
I ended up getting this to work with your first suggestion, but actually without the SetEnvIf line being required, so thanks very much! this was my .htaccess in the /var/www/vhosts folder for anyone else needing this:
<files wp-login.php>
order deny,allow
deny from all
Allow from xxx.xxx.xxx.xxx
</files>
Nice and simple and completely different from the previous routes I was trying to take for this.
I have two Wordpress installations I need to serve:
/ to /var/www/sales
/blog/ to /var/www/blog
There are a couple caveats:
/ is a brand new installation.
/blog is being migrated over from another server.
We're using Apache 2 with a basic (default?) configuration to serve files from /var/www/.
How do we server these applications so that legacy /blog URLs are served exactly the same as they were (i.e /blog/category/yada -> /blog/category/yada), while all other requests are handled by the brand new installation.
First, make sure your permissions are good if your root is ./sales/ and you're trying to go to ./blog
Second,
Alias /blog "/var/www/blog" (? i'm not totally sure I understand your'e set up)
<directory "/var/www/blog">
(Whatever rules you're after)
allow from all
order allow, deny
allow override all
</directory>
you could also do it with a symlink in the install and add
<directory /var/www/>
options +followsymlinks
</directory>
Sorry in advance for typing like someone who got 2 hours of sleep.
This was working for years until I did something that has now jacked this up....
Searching on this topic landed me in several places that basically said: You need to check the Wordpress URL and the site URL in the general settings in Wordpress. I have done so and they are both: http://www.petesworkshop.com/blog_wp . Yet, when I hit that URL I am redirected to my internal IP and get a error http://10.0.10.206/blog_wp (yep, that would be wrong!
Interestingly enough, I can get to the admin page just fine and it is just a subfolder of blog_wp. So, somehow things directed to /blog_wp return the IP but everything else is OK. Wierd.
Wordpress sits behind an Apache proxy which has this directive for the virtual host:
<VirtualHost *:80>
ServerName www.petesworkshop.com
ServerAlias petesworkshop.com
ProxyPass / http://10.0.10.206:5080/
ProxyPassReverse / http://10.0.10.206:5080/
</VirtualHost>
The server running the website behind the proxy has this:
DocumentRoot "/www/petes/htdocs/petesworkshop/"
ServerName www.petesworkshop.com
ServerAlias petesworkshop.com
DirectoryIndex index.html index.php index.htm
ErrorLog logs/petesworkshop.log
Options FollowSymLinks
Alias /blog_wp /www/petes/htdocs/petesworkshop/blog_wp
<Directory /www/petes/htdocs/petesworkshop/blog_wp >
Order Allow,Deny
Allow From all
</Directory>
<Directory /www/petes/htdocs/petesworkshop >
Order Allow,Deny
Allow From all
</Directory>
I am not sure how I jacked this up...it is probably something that I did to the Apache configuration but I can't be sure since everything else behind the proxy works fine. I even tried adding specific ProxyPass entries for /blog_wp but that didn't make any difference.
Stumped...
Check your wp-config.php for correct urls
like below
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
This one turned out to be an Apache proxy issue. What I needed was to add 'ProxyPreserveHost On' to the configuration, which I thought I had in there originally but I either removed it in an edit or had it placed in the wrong virtual host. In any case, adding the ProxyPreserveHost On flag, took care of the issue. Not sure why other entries in the same virtual host DID work without it but I am not going to worry about it.
I had a similar problem some time ago, whenever I wrote my domain in the browser it was solved correctly but my domain name was changed by the IP, after much research it turned out that the problem was in the hosting, not in the server, so which only change the configuration of my domain in GoDaddy since I was only doing a redirection but the correct thing was to create an A record that points to # (which represents your domain name) and everything started to work correctly. I hope it's help
Although I’ve found related articles on stackoverflow, I have seen various suggestions which I’ve tried out but I still experience problems, so that’s the reason why I’m posting this.
I have a question which involves DNS, Debian, Apache2 and Wordpress. I’ve been struggling with this for some time now and haven’t been able to solve it. My current conclusion is that 2there is something with my dns and apache virtual host definitions”, but, as I said I’m far from sure.
This is what my config looks like:
two domains which I “own” hosted by moniker.com - let’s call them domaina and domainb
a hosted vps with Debian, apache2 and wordpress. The vps has ip x.y.z.t
each domain has three ‘A’ records defined: ‘*’, ‘#’ and ‘www’
URL rewrite enabled (a2enmod rewrite)
Wordpress installed and links created to the wordpress directory for both document directories specified in the virtualhost directives below
Both ‘domaina’ and ‘domainb’ point to my vps and this is working ok. However, what I’ve been unable to solve is to have the vps handle “multiple virtual hosts”. I thought I would be able to handle this by using virtual hosts in Apache. For that purpose I’ve defined two sites under /etc/apache2/sites-available which looks like this:
(file: /etc/apache2/sites-available/domaina.com)
<VirtualHost x.y.z.t:80>
ServerName domaina.com
ServerAdmin me#domaina.com
DocumentRoot /var/www/domaina.com
DirectoryIndex index.php
<Directory /var/www/domaina.com/>
AllowOverride all
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
(file: /etc/apache2/sites-available/domainb.com)
<VirtualHost x.y.z.t:80>
ServerName domainb.com
ServerAdmin me#domainab.com
DocumentRoot /var/www/domainb.com
DirectoryIndex index.php
<Directory /var/www/domainb.com/>
AllowOverride all
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
Now, when I try to address the sites above from a web-browser I end up at the default apache directory with the index.html file rendered in the browser instead of arriving at the two different wordpress configurations. Obviously there’s something wrong with my thinking around “VirtualHosts” and/or DNS-configurations…
I forgot to mention that I've made loads of /etc/unit.d/apache2 restarts... Sorry...
Frankly speaking I’m lost here and any help on this would be very much appreciated.
Cheers
If you did restart apache and its still not working please respond, as I have experienced similar issues with Apache, especially when getting the virtual host to work. I realise your running on Debian which is different to WAMP, but this is what I do when opening a new virtual host.
First I add the domain to the windows system 32 drivers etc hosts file, it allows for intranet
127.0.0.1 domainname and this stops the url from looking to the web.
Then I have to add the corret directories to the www/your folder.
Just inside the root folder there ought to be a directory called vhosts,
I had to make totaly empty instances of the conf files with just the filename of the virtual hosts inside it so that the changes you made to the httpd-vhosts.conf works.
So what you will need to do is find the wamp/bin/apache/Apache2.2.21/conf/extra/httpd-vhosts makes sure that you have the one from the conf/axtra and not conf/orginal.
<VirtualHost *:80>
DocumentRoot "c:/wamp/www/**name of the folder**"
ServerName **as_inserted_in_hosts**
<directory "c:/wamp/www//**name of the folder**">
Options Indexes FollowSymLinks
AllowOverride all
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</directory>
</VirtualHost>
Save. Apache stop all services, I also have to restart the service running the intranet in windows to update the changes to the hosts file and then restart apache.
This is what I have to do so that when I open localhost from Apache it allows me to see the links appear under virtual hosts as well as the directories appearing under your projects.
Have a look at this tutorial... Explains how to set up virtual hosts
Do you have a NameVirtualHost directive in your apache2.conf anywhere? You'll need that to enable virtual hosting. It can go in apache2.conf or any file included by apache2.conf. On my server I've got it in ports.conf.
NameVirtualHost *:80
See http://httpd.apache.org/docs/2.2/vhosts/name-based.html#using