301 redirect rewrite query string in .htaccess

RewriteRule ^/contact/?view=full$ /contact/ (R=301,L)

The RewriteRule pattern matches against the URL-path only, which notably excludes the query string. So, the above directive won’t match the required URL. To match the query string you need to use an additional condition and check against the QUERY_STRING server variable.

Also, in .htaccess (directory context) the URL-path matched by the RewriteRule pattern does not start with a slash, because the directory-prefix that is first removed from the URL that is matched by the pattern ends with a slash. So, again, the directive will not match the requested URL because of the slash prefix.

Also, the query string from the request is copied through to the substitution string by default – unless you explicitly discard or create a new query string. So, the above directive won’t remove the query string either.

Try the following instead, near the top of your .htaccess file:

RewriteCond %{QUERY_STRING} ^view=full$
RewriteRule ^(contact/)$ /$1 (QSD,R=302,L)

This matches the URL /contact/?view=full exactly. And redirects to /contact/. The QSD (Query String Discard) flag (Apache 2.4) on the RewriteRule directive discards the query string from the substitution string.

The $1 is a backreference to the captured group in the RewriteRule pattern, ie. the value contact/. This simply saves typing/repetition.

Note that this is currently a 302 (temporary) redirect. If this is intended to be permanent then only change it to a 301 once you have tested that it works OK. 301s are cached persistently by the browser, so can make testing problematic.

You should clear your browser cache before testing.

Reference:

htaccess – How to block access with certain string in the URL?

/404.html?page=/wp-content/uploads/2020/03/...

I assume the ... is “anything that follows”. To block this URL, you could use mod_rewrite in your root .htaccess file. But you need to use a condition (RewriteCond directive) to match the query string.

The RewriteRule pattern matches against the URL-path only (less the directory prefix), ie. 404.html. To match the query string (ie. page=/wp-content/uploads/2020/03/...) you need to use a RewriteCond directive and match against the QUERY_STRING server variable.

For example, at the top of your root .htaccess file (before any other WordPress directives):

RewriteCond %{QUERY_STRING} ^page=/wp-content/uploads/2020/03/
RewriteRule ^404.html$ - (F)

This matches the exact URL /404.html?page=/wp-content/uploads/2020/03/, followed by anything. Note the absence of the slash prefix in the RewriteRule pattern.

The F flag triggers an immediate 403 Forbidden response. The L flag is not required here.

(You don’t need to repeat the RewriteEngine On directive, if it is already present in the WordPress section of the .htaccess file, even if this appears later in the file.)

If you need to be more general and match the page URL parameter anywhere in the query string, and allow for variations in case then you could modify the above directive like so:

RewriteCond %{QUERY_STRING} (^|&)page=/wp-content/uploads/2020/03/ (NC)
RewriteRule ^404.html$ - (NC,F)

To match /wp-content/uploads/2020/03/... as well, a separate rule is required. For example:

RewriteRule ^wp-content/uploads/2020/03/ - (F)

(Or use mod_auth… blocking directives in the respective directory – as you mention – but note that Deny from all is an Apache 2.2 directive. If you are on Apache 2.4+ you should be using Require all denied instead.)


Aside:

I read the .htaccess Cheat Sheet but find no result there.

Yes, there doesn’t appear to be any mention of matching against the query string portion of the URL in the .htaccess “cheat sheet”. (A common requirement and source of error. eg here, here and here)

You would use the same method (ie. RewriteCond w/ QUERY_STRING server variable) for redirects and rewrites (eg. “clean URLs”).


UPDATE:

Stephen: Presumably that URL would return a 404 Not Found status …

Must admit, I kinda overlooked this! If one (or even both) of these URLs are already returning a 404 then there is really nothing more you need to do in terms of SEO. The difference is just a 403 (“blocked”) or 404 (not found) response. Neither of which will be indexed by search engines (over time any previously indexed URLs will drop from the SERPs).

The only thought (with this being WordPress/CMS) is that these 404s would be processed by WordPress, which could potentially put an increased load on the server if these URLs are being hammered. In this case it might be preferable to handle this in .htaccess (or preferably your server config).

Instead of returning a “403 Forbidden”, you could instead return a “404 Not Found”, by changing the F flag in the above directives to R=404. Note that this will return Apache’s 404 response, not WordPress.

php – htaccess rewriterule dá 404

Estou a desenvolver um novo website e gostava de melhorar os urls. Para o index.php funciona, mas não funciona mais nenhuma.

Exemplo funcional: http://exemplo.com/novo_website/index.php reescrevi a regra para http://exemplo.com/novo_website/inicio/

Exemplo não funcional: http://exemplo.com/novo_website/pedido_orcamento.php reescrevi para http://exemplo.com/novo_website/orcamento/

Este ultimo exemplo dá erro 404. De salientar que a pagina 404 também não funciona.

htaccess:

RewriteEngine On
    RewriteBase /novo_website/

    ErrorDocument 404 /novo_website/404_not_found.html


    RewriteRule ^orcamento/?$ pedido_orcamento.php [NC,L]
    RewriteRule ^registo/?$ registo.php [NC,L]
    RewriteRule ^entrar/?$ area_empresa.php [NC,L]
    RewriteRule ^inicio/?$ index.php [NC,L]

Alguem me consegue ajudar?

htaccess – What is the best way to create default page when access to a protected directory is Cancelled through onclick?

I have a protected directory on an hosted IONOS server. It correctly works when the correct credentials are entered, but when a user hits cancel, it redirects that user to the hosting provider’s promo default page.

eg. https://initiostar.co.uk/ticker/OmniTicker.7z

eg current htaccess

AuthUserFile /path/to/the/password/file/.htpasswd
AuthType Basic
AuthName "Protected Page"

<Files "index.php">
Require valid-user
</Files>

If the user hits cancel you are redirected to the host’s default page. Tried adding a default, but I doubt this is the way to it.

DefaultIndex [filename]

Preferred outcome: popup box opens in a small window on the web page and where cancel is executed, it closes the popup and stays on the same page.

For anyone working with Apache I assume this is standard stuff, but not for me.

.htaccess – Two sites on the same server with unwanted redirection

I have two different sites
domain1.com
domain2.com

Problem : I only can access domain2.com by using www.domain2.com
If i try domain2.com it redirects to domain1.com.

Configuration files:
domain1.com.conf

  <VirtualHost *:80>     
     ServerName domain1.com
     ServerAlias www.domain1.com
     DocumentRoot /var/www/html
   </VirtualHost>
   <IfModule mod_ssl.c>
     <VirtualHost *:443>
       DocumentRoot /var/www/html
       ServerName www.domain1.com
       Include /etc/letsencrypt/options-ssl-apache.conf
       SSLCertificateFile /etc/letsencrypt/live/domain1.com/fullchain.pem
       SSLCertificateKeyFile /etc/letsencrypt/live/domain1.com/privkey.pem
     </VirtualHost>
   </IfModule>

domain2.com.conf

   <VirtualHost *:80>
           ServerName domain2.com
           ServerAlias www.domain2.com
           DocumentRoot /var/www/public_html/domain2.com/wordpress
   </VirtualHost>
   <IfModule mod_ssl.c>
   <VirtualHost *:443>
           ServerAdmin gneri94@gmail.com
           DocumentRoot /var/www/public_html/domain2.com/wordpress
           ServerName www.domain2.com
           Include /etc/letsencrypt/options-ssl-apache.conf
           SSLCertificateFile /etc/letsencrypt/live/domain2.com/fullchain.pem
           SSLCertificateKeyFile /etc/letsencrypt/live/domain2.com/privkey.pem
   </VirtualHost>
   </IfModule>

.htaccess in both sites

# BEGIN WordPress                         
  RewriteEngine On 
  RewriteBase / 
  RewriteRule ^index.php$ - [L] 
  RewriteCond %{REQUEST_FILENAME} !-f 
  RewriteCond %{REQUEST_FILENAME} !-d 
  RewriteRule . /index.php [L] 

command certbot certificates returns:

Certificate Name: domain1.com
Domains: domain1.com www.domain1.com
Certificate Path: /etc/letsencrypt/live/domain1.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/domain1.com/privkey.pem

Certificate Name: domain2.com
Domains: domain2.com www.domain2.com
Certificate Path: /etc/letsencrypt/live/domain2.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/domain2.com/privkey.pem

htaccess – How to change where the abuse email’s get sent?

I have a domain called example.com which is registered with namecheap.

example.com is hosted on a VPS with the hosting company XYZ (make up company) with WHM and cPanel

Nameservers are being dealt on Cloudflare which is linked to my XYZ to protect my VPS’s IP.

My email’s (eg. support@example.com) are hosted on a different company called Tmail (make up company).

How can I forward all the abuse emails received directly to me and not to XYZ? I cannot host the website myself as I do not want to buy a server.

htaccess – All pages are not being redirected to HTTPS when accessed using HTTP

I’m running a WordPress blog that has an issue with HTTPS redirect. Except home page, no other URL is being redirected to HTTPS if you visit via HTTP.

I want to redirect all HTTP traffic to HTTPS. Currently, only the Home page(http://www.example.com) is being redirected to HTTPS if you try with HTTP.

but if you visit http://www.example.com/page1, then it won’t be redirected to HTTPS and stays at HTTP.

I don’t want to use any plugin such as “really simple SSL”. After a lil’bit of searching over net, I found that I can modify the .htaccess file to do that. Then I tried to understand .htaccess file (considering I never worked with PHP or WordPress or even Apache before). I got to know that RewriteEngine On should appear only once in your file but in my case, it’s appearing twice. maybe some plugin or theme had modified this that i’m not aware of. below is the content of my .htaccess file.

# BEGIN WordPress
# The directives (lines) between `BEGIN WordPress` and `END WordPress` are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 24 hours"
    ExpiresByType image/jpeg "access plus 24 hours"
    ExpiresByType image/gif "access plus 24 hours"
    ExpiresByType image/png "access plus 24 hours"
    ExpiresByType text/css "access plus 24 hours"
    ExpiresByType application/pdf "access plus 1 week"
    ExpiresByType text/javascript "access plus 24 hours"
    ExpiresByType text/html "access plus 5 minutes"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 24 hours"
</IfModule>
<ifModule mod_headers.c>
Header set X-Endurance-Cache-Level "2"
</ifModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - (L)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php (L)
</IfModule>

# END WordPress
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} (L,R=301)

I don’t have any subdomains. only a single domain.
So to clear my doubts, I have two questions.

1) Is this .htaccess file correct? I mean can we have two RewriteEngine On lines? that too outside the , again I’m not very familiar with this syntax.

2) What should I change to reflect HTTPS redirection on all of my pages?

PS: these are one of the links that I have visited-

htaccess

.htaccess syntax multiple RewriteEngine on

https://www.hostinger.com/tutorials/ssl/forcing-https

For Magento2 how to apply a redirect rewrite in .htaccess file for all URL’s from .html to /

For Magento2 how to apply a rewrite in .htaccess for all URL’s from .html to / URL structure. The M1 store has .html as the end, the new M2 store has / as the URL ending for all products and categories.

We have tried the below:

############################################
## Redirect .html to /
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.html -f
RewriteRule ^((^/)+)/$ $1.html

RewriteCond %{THE_REQUEST} ^(A-Z)+ /((^/)+/)*(^.)+.html(?(^ )*)? HTTP/
RewriteRule ^(((^/)+/)*(^.)+).html$ https://%{HTTP_HOST}/$1 (R=301,L)

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !(.(a-zA-Z0-9){1,5}|/)$ 
RewriteRule (.*)$ https://%{HTTP_HOST}/$1/ (R=301,L)

But it breaks the checkout and some other parts of the site. Any ideas on how to correct please? Looks to be https error on checkout I think.

.htaccess for websoftware & wordpress

Hi everyone,

I am currently running a PHP based software and a WordPress-installation from the same directory.

Because the WordPress … | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1808617&goto=newpost

htaccess – Different URL redirects to a unique web page

I was wondering if there is a way via PHP, HTML, .htaccess, or javascript to, given an URL in the form of www.mysite.com/redirect/*my-url* where *my-url can be everything and can change, redirects always to the same page that could be www.mysite.com/redirect* but keeping the URL bar on the browser in the form of www.mysite.com/redirect/*my-url*

I want to do that to create a sort of “we’re redirecting you, please wait” page

Hopefully, I was able to explain my problem