Forum
URL rewrite rules for Joomla! 1.7
Benji
3 August 2011, 14:02
Hi @ all, hi Hugo 
The Joomla! 1.7 is out and has new URL rewrite rules.
Please, someone can customize these rules to Hiawatha?
Hiawatha version: 7.5
Operating System: FreeBSD 8.0
The Joomla! 1.7 is out and has new URL rewrite rules.
Please, someone can customize these rules to Hiawatha?
##
# @version $Id: htaccess.txt 21101 2011-04-07 15:47:33Z dextercowley $
# @package Joomla
# @copyright Copyright (C) 2005 - 2011 Open Source Matters. All rights reserved.
# @license GNU General Public License version 2 or later; see LICENSE.txt
##
##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
##
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
## Mod_rewrite in use.
RewriteEngine On
## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.
## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects
##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##
# RewriteBase /
## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for something within the component folder,
# or for the site root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.
Hiawatha version: 7.5
Operating System: FreeBSD 8.0
Hugo Leisink
3 August 2011, 14:56
Have you tried the existing UrlToolkit rule in the HOWTO page? It looks like nothing changed in the 1.7 version.
Benji
3 August 2011, 18:25
no, not really 
was removed in version 1.7 and
was changed by
With best regards
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]was removed in version 1.7 and
RewriteCond %{REQUEST_URI} (/[^.]*|\.(php|html?|feed|pdf|raw))$ [NC]was changed by
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]With best regards
Nicolas de Leon
4 August 2011, 00:56
UrlToolkit {
ToolkitID = joomla
Match base64_encode.*\(.*\) DenyAccess
Match (<|%3C).*script.*(>|%3E) DenyAccess
Match GLOBALS(=|\[|\%[0-9A-Z]{0,2}) DenyAccess
Match _REQUEST(=|\[|\%[0-9A-Z]{0,2}) DenyAccess
RequestURI exists Return
Match /index.php Return
Match ^/component/ Skip 2
Match ^(/|\.php|\.html|\.htm|\.feed|\.pdf|\.vcf|\.raw|/[^.]*)$ Skip 1
Skip 1
Match .* Rewrite /index.php
}I only added |\.vcf to the rewrite rules found in the HOWTO.
Benji
4 August 2011, 12:20
OK, thank you very much, but do you think is it right?
I thought it is right:
Match ^/component/ Skip 2
I thought it is right:
Match ^/component/(/|\.php|\.html|\.htm|\.feed|\.pdf|\.vcf|\.raw|/[^.]*)$ Skip 1
Nicolas de Leon
4 August 2011, 14:36
Match ^/component/ Skip 2
Match ^(/|\.php|\.html|\.htm|\.feed|\.pdf|\.vcf|\.raw|/[^.]*)$ Skip 1
is the equivalent of the .htaccess line:
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]It is split across two lines for readability.
Benji
4 August 2011, 21:20
OK thanks
Benji
4 August 2011, 21:41
I have another question,
with help of this topic [www.hiawatha-webserver.org], I redirect mydomain.com to www.mydomain.com
But what if I want to insert an exception from these rules, for example test.mydomain.com and everything else should be redirected.
with help of this topic [www.hiawatha-webserver.org], I redirect mydomain.com to www.mydomain.com
UrlToolkit {
ToolkitID = redirect_domain
Match ^/(.*) Redirect http://www.mydomain.com/$1
}
VirtualHost {
Hostname = mydomain.com
WebsiteRoot = /usr/local/www
UseToolkit = redirect_domain
}
VirtualHost {
Hostname = www.mydomain.com
WebsiteRoot = /usr/local/www
StartFile = index.php
..............
But what if I want to insert an exception from these rules, for example test.mydomain.com and everything else should be redirected.
Hugo Leisink
4 August 2011, 22:02
Easy, just specify the exception first and the catch-all last.
VirtualHost {
Hostname = test.mydomain.com
...
}
VirtualHost {
Hostname = *.mydomain.com
UseToolkit = redirect_domain
...
}
Benji
5 August 2011, 10:59
Yes, thank you hugo
determined it would work, only if the domains would have not different web roots. I forgot to mention it, sorry.
And it does not work with "Hostname = *.mydomain.com" it works without (*.) only. So: Hostname = mydomain.com
I'm added from the "ToolkitID = redirect_domain"
determined it would work, only if the domains would have not different web roots. I forgot to mention it, sorry.
# DEFAULT WEBSITE
Hostname = 127.0.0.1
WebsiteRoot = /usr/local/www/site
VirtualHost {
Hostname = test.mydomain.com
WebsiteRoot = /usr/local/www/test
...
}
VirtualHost {
Hostname = mydomain.com
UseToolkit = joomla
WebsiteRoot = /usr/local/www/site
...
}
And it does not work with "Hostname = *.mydomain.com" it works without (*.) only. So: Hostname = mydomain.com
I'm added from the "ToolkitID = redirect_domain"
match ^/(.*) http://www.mydomain.com/ redirect $ 1to "ToolkitID = joomla"
Benji
6 August 2011, 18:42
anyone have an idea?
Hugo Leisink
7 August 2011, 08:33
How about this?
VirtualHost {
Hostname = test.mydomain.com
DocumentRoot = /usr/local/www/site
...
}
VirtualHost {
Hostname = mydomain.com, *.mydomain.com
DocumentRoot = /usr/local/www/site
...
}
VirtualHost {
Hostname = www.mydomain.com
DocumentRoot = /usr/local/www/site
UrlToolkit = redirect_domain
...
}
UrlToolkit {
ToolkitID = redirect_domain
Match ^/(.*) Redirect http://www.mydomain.com/$1
}
Benji
8 August 2011, 11:25
This does not work unfortunately. In your example have the domain and subdomain same WebRoot, that is not the case for me.
In my case have domain and subdomain different web roots. Here is my Config:
When I type test.mydomain.com, I get error "Error: Server not found"
In my case have domain and subdomain different web roots. Here is my Config:
UrlToolkit {
ToolkitID = redirect_domain
Match ^/(.*) Redirect http://www.mydomain.com/$1
}
# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 127.0.0.1
WebsiteRoot = /usr/local/www/site
StartFile = index.php
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
UseFastCGI = PHP5
EnablePathInfo = yes
ExecuteCGI = yes
TimeForCGI = 480
#ErrorHandler = 404:/error.cgi
# VIRTUAL HOSTS
VirtualHost {
Hostname = test.mydomain.com
WebsiteRoot = /usr/local/www/test
StartFile = index.php
AlterGroup = www
AccessLogfile = /usr/local/www/site/logs/access.log
ErrorLogfile = /usr/local/www/site/logs/error.log
ExecuteCGI = yes
FollowSymlinks = yes
EnablePathInfo = yes
TriggerOnCGIstatus = no
TimeForCGI = 60
UseFastCGI = PHP5
UseGZfile = yes
ErrorHandler = 403:/error.php
}
VirtualHost {
Hostname = mydomain.com, 186.IP.Address.45
WebsiteRoot = /usr/local/www/site
UseToolkit = redirect_domain
}
VirtualHost {
Hostname = www.mydomain.com
WebsiteRoot = /usr/local/www/site
StartFile = index.php
AlterGroup = www
AccessLogfile = /usr/local/www/site/logs/access.log
ErrorLogfile = /usr/local/www/site/logs/error.log
ExecuteCGI = yes
FollowSymlinks = yes
EnablePathInfo = yes
TriggerOnCGIstatus = no
TimeForCGI = 60
UseFastCGI = PHP5
UseToolkit = joomla1.5
UseGZfile = yes
ErrorHandler = 403:/error.php
}When I type test.mydomain.com, I get error "Error: Server not found"
Hugo Leisink
8 August 2011, 11:27
Does test.mydomain.com resolve to a valid IP address?
Benji
8 August 2011, 12:13
Oh no... the subdomain resolve to a different IP 
I will look my DNS settings. Thanks for the tip Hugo
I will look my DNS settings. Thanks for the tip Hugo
Benji
8 August 2011, 12:42
Hugo you're my hero, I just forget the DNS. 
Now everything works perfect.
Now everything works perfect.
Hugo Leisink
8 August 2011, 13:34
No problem. Good to hear everything works as it should.
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
