LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 09-14-2013, 09:02 PM   #1
compused
Member
 
Registered: Oct 2006
Location: Melbourne Australia
Distribution: centos and redhat 8
Posts: 76

Rep: Reputation: 15
RewriteCond not working


I think there is something obvious that I've overlooked, in relation to restricting access to a particular reports.php file, via the RewriteCond directive

The public URL is:
http://www.user-viewed-domain.com/ph...in/reports.php
(although just http://www.user-viewed-domain.com/phone would be better)

This is intended to be rewritten to:
http://www.source-server-domain.com:...in/reports.php


But, once the RewriteCond directive is added, browsing to
http://www.user-viewed-domain.com/ph...in/reports.php advises that
"The requested URL /phone/admin/config.php was not found on this server"
(http://www.source-server-domain.com:...min/config.php is the default page)

Rewriting does occur successfully, without the RewriteCond directive

This is the relevant section in httpd.conf:
Code:
<Directory /var/www/phone/>
	 AllowOverride                  None
      	 Options                        FollowSymlinks
        Order          Allow,Deny
        Allow          From all
        RewriteEngine                  On
        RewriteBase                    /phone

RewriteCond %{REQUEST_URI} ^(.*)reports\.php$ # the RewriteRule directive does work without this directive
RewriteCond  %{REQUEST_FILENAME} !-f  # tried this to stop 'File does not exist' messages ie /var/www/phone/admin, referer: http://www.viewed-domain.com/phone/admin/reports.php, does not exist
RewriteRule  ^(.*)$      http://www.source-server-domain:88/$1	[QSA,P]

       ProxyPassReverseCookieDomain   www.source-server-domain.com:88        www.user-viewed-domain.com
       ProxyPassReverseCookiePath     /                             /phone

</Directory>

/var/www/phone has a .htaccess file with:
Code:
DirectoryIndex index.html index.htm reports.php config.php
Options +Indexes
Anyway, hoping someone can shed some light on this

Last edited by compused; 09-18-2013 at 08:57 AM.
 
Old 09-15-2013, 08:35 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Your rewrite should work if it's in httpd.conf. Are you sure you've restarted apache and cleared your browser cache before testing?
Please not hat you have:
Quote:
AllowOverride None
With this setting whatever is in a .htaccess will not take effect

Regards
 
Old 09-18-2013, 09:35 AM   #3
compused
Member
 
Registered: Oct 2006
Location: Melbourne Australia
Distribution: centos and redhat 8
Posts: 76

Original Poster
Rep: Reputation: 15
Hi
I enabled the rewrite log and discovered there are other required directories, that may not be covered by the directive to limit to:
'/admin/reports.php' and result in matching problems, eg from the rewrite.log
Code:
[perdir /var/www/phone/] strip per-dir prefix: /var/www/phone/admin/common/mainstyle.css -> admin/common/mainstyle.css
[perdir /var/www/phone/] RewriteCond: input='/phone/admin/common/mainstyle.css' pattern='^(.*)(reports\.php)$' => not-matched
[perdir /var/www/phone/] pass through /var/www/phone/admin
What can I do?
Compused
 
Old 09-19-2013, 12:50 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
If you want to redirect everything under /phone/admin to the other server, change the RewriteCond to
Code:
RewriteCond %{REQUEST_URI} ^/phone/admin
...
Regards
 
Old 09-19-2013, 09:38 AM   #5
compused
Member
 
Registered: Oct 2006
Location: Melbourne Australia
Distribution: centos and redhat 8
Posts: 76

Original Poster
Rep: Reputation: 15
Thanks a lot...that helps
I have tried:
Code:
RewriteCond %{REQUEST_URI} ^/phone/admin/(reports|config|images|common)
to further restrict accessibility to /phone/admin/reports.php only, but I want to stop direct access to:
/phone/admin/config.php
other than when first accessed via /phone/admin/reports.php
(totally blocking access to the config.php stops access to /phone/admin/reports.php)

Compused=1
 
Old 09-19-2013, 11:29 AM   #6
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Use HTTP_REFERER like:
Code:
RewriteCond %{HTTP_REFERER} !http://www.domain.com/phone/admin/reports.php
RewriteRule ^phone/admin/config.php - [F]

Last edited by bathory; 09-19-2013 at 11:30 AM.
 
Old 09-24-2013, 03:08 AM   #7
compused
Member
 
Registered: Oct 2006
Location: Melbourne Australia
Distribution: centos and redhat 8
Posts: 76

Original Poster
Rep: Reputation: 15
Thanks
HTTP_REFERRER would be an elegant solution but I can't get it to work; the RewriteRule, ie
RewriteRule ^phone/admin/config.php - [F]
might be causing problems as .../phone/admin/config.php only exists on the machine the browser is meant to be redirected to

Compfused
 
Old 09-24-2013, 04:31 AM   #8
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Quote:
Originally Posted by compused View Post
Thanks
HTTP_REFERRER would be an elegant solution but I can't get it to work; the RewriteRule, ie
RewriteRule ^phone/admin/config.php - [F]
might be causing problems as .../phone/admin/config.php only exists on the machine the browser is meant to be redirected to

Compfused
Did you try it?
I guess it should work, as the RewriteCond checks the referer and forbids parsing if it/s not the correct one. If the referer is correct, the rewrite to the backend should happen:
Code:
RewriteCond %{HTTP_REFERER} !http://www.domain.com/phone/admin/reports.php
RewriteRule ^phone/admin/config.php - [F]
RewriteRule ^phone/admin/config.php http://www.source-server-domain:88/$1
Attn: It's HTTP_REFERER (with one "R"), not HTTP_REFERRER
 
Old 09-28-2013, 08:16 AM   #9
compused
Member
 
Registered: Oct 2006
Location: Melbourne Australia
Distribution: centos and redhat 8
Posts: 76

Original Poster
Rep: Reputation: 15
Hi...HTTP_REFERER will not restrict access as advertised. Cannot find any clues in the rewrite logs. Php.ini seems to be properly configured to send http_referer information.

Some promise seems to be in:
Code:
 RewriteCond %{REQUEST_URI} ^/phone/admin/(reports|config|images|common) #'images' and 'common' are required dirs
 RewriteRule         ^(.*)$		http://www.second-domain.com/$1	[QSA,P]
if...there is a way to make 'config' conditional on 'reports' having been prior requested??

Compfused
 
Old 09-28-2013, 10:00 AM   #10
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,907

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Quote:
Hi...HTTP_REFERER will not restrict access as advertised. Cannot find any clues in the rewrite logs.
...
if...there is a way to make 'config' conditional on 'reports' having been prior requested??
HTTP_REFERER is your way to do what you want.
It should work if the actual referer is the one used in the RewriteCond. Use the following to log what mod_rewrite does:
Code:
RewriteLogLevel 9
RewriteLog logs/rewrite_log
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] mod_rewrite problem with RewriteCond SkyerSK Programming 8 05-27-2011 01:39 PM
Apache rule loop - make RewriteCond explicit timmywo Linux - Software 7 04-18-2010 08:50 AM
Doubt about RewriteCond? your_shadow03 Linux - Newbie 8 12-18-2009 03:29 PM
Correct Apache RewriteCond to stop proxying ... curtisa Linux - Security 1 07-21-2009 10:38 AM
RewriteCond & Rewrite Rule Problemo sea-bass Linux - Server 0 04-07-2008 10:44 AM


All times are GMT -5. The time now is 11:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration