Forum

I'm working to migrate a WordPress site from Apache to Hiawatha. The site currently has two .htaccess files with

deny from all

, so I've created a URLToolkit:

UrlToolkit {
    ToolkitID = deny_from_all
    Match [^?]*(\?.*)? DenyAccess
}

I then created a .hiawatha file in each directory that contained the aforementioned .htaccess files, each containing only

UseToolkit = deny_from_all

.

Using wigwam to test, it seems that my toolkits are functioning correctly (I see 403 returned). But when I try to access those paths from a browser, I get a 500 error instead of a 403. I assume I'm Doing It Wrong^TM, though, so I'd really appreciate a hand with this.

Thanks in advance.

The UseToolkit option is only allowed in a .hiawatha file located in the WebsiteRoot directory of a website. What you should do is create an UrlToolkit in which the access to the specific directies is blocked.

UrlToolkit {
    ToolkitID = wordpress
    RequestURI exists Return
    Match [^?]*(\?.*)? Rewrite /index.php$1
}

UrlToolkit {
    ToolkitID = my_website
    Match ^/directory1/ DenyAccess
    Match ^/directory2/ DenyAccess
    Call wordpress
}

VirtualHost {
    ...
    UseToolkit = my_website
}

Thanks, Hugo. Would it be simpler to use:

Directory {
    Path = /what/I/want/to/match
    AccessList = Deny All
}

Sure, there are many ways to put this in a configuration file. But in Hiawatha it's done via the UrlToolkit. Another option is via an AccessList setting in a .hiawatha file in those directories. You can also block access via the filesystem access rights.

Thanks, Hugo. I have these working correctly now.