Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Directory Privacy and mod_rewrite |
|
| Author |
|
michon
Joined: 27 Feb 2018
Posts: 1
Location: UK, Notts
|
 Posted: Thu 28 Jun '18 11:53 Post subject: Directory Privacy and mod_rewrite |
 |
|
Apache 2.4 htaccess RewriteRule issue
Just recently updated our server to Apache 2.4 from 2.2 and have had some issues with password protected directories.
The accounts affected on the server are all staging accounts.
We create a staging account as subdomain of our staging domain (clientname.example.com) then password protect the root directory (public_html) via cPanel’s ‘Directory Privacy’ option.
All this worked fine when the server ran Apache 2.2, if you hit the sub domain then see the Apache login box and you’d be asked to enter the username and password. Wrong password, cancel or no credentials entered would result in a default server ‘Authorisation Required’ message.
But since updating to Apache 2.4 when you hit a sub domain the Apache login box still appears but if you cancel it or just click login without entering any credentials you still get taken to the ‘protected’ website and are able to see all text content but it’s unstyled all links, css js and images, result in a 404.
After talking to our server manager he say the issue is the WordPress htaccess RewriteRules. It overrides Apache showing the usual .shtml files.
We’ve found a work around by adding a new RewriteCond:
| Code: | | RewriteCond %{REQUEST_FILENAME} !.shtml$ |
But that gets over written each time we access the permalink page of WP admin.
Has anyone had the same issue and found another fix?
Or has anyone got another advice?
We've tested it on non WordPress sites and same issue happens, is it an Apache / mod_rewrite issue?
Full rewrite block:
| Code: | <IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !.shtml$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule> |
WP version - 4.9.6
Server info:
cPanel Version - 68.0 (build 29)
Apache Version - 2.4.29
PHP Version - 5.4.45
MySQL Version - 5.5.58-cll
Architecture - x86_64
Operating System - linux
AlowOverrides All |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Thu 18 Oct '18 10:38 Post subject: |
|
|
| RewriteCond %{REQUEST_URI} !^/(.*)\.shtml(.*)$ |
|
| Back to top |
|
|
|
|
|
|
