Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Create subdomain from a folder, but deny folder access

Tags:

regex

apache

.htaccess

mod-rewrite

Okay, I've spent almost 4 hours searching the site for a solution, and another 2 hours searching google, wich is not quite useful when most sites copy paste the data. So here I decided to ask for a little help.

I created a subdomain successfully, let's say http://admin.myhost.com, wich basically take the data from the folder admin. The problem is that when I put http://myhost.com/admin the scripts are still accessible. Let's say I want to make this folder unaccessible, throwing a redirect to a custom file, for example index.php?template=error404 when some file is executed via the url http://myhost.com/admin. I've added this line to the .htaccess

RewriteRule ^admin(.*) /index.php?template=error404 [L]

and it ended up like this.

Options +FollowSymlinks

Options -Indexes

<FilesMatch "\.(tpl|ini|log)">
 Order deny,allow
 Deny from all
</FilesMatch>

RewriteEngine On

RewriteBase /
RewriteRule ^sitemap.xml$ index.php?map=google_sitemap [L]
RewriteRule ^googlebase.xml$ index.php?map=google_base [L]
RewriteRule ^download(.*) /index.php?template=error404 [L]
RewriteRule ^admin(.*) /index.php?template=error404 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !.*\.(ico|gif|jpg|jpeg|png|js|css)
RewriteRule ^([^?]*) index.php?seo_url=$1 [L,QSA]

It actually works only if I delete the empty .htaccess on the admin folder (It only says RewriteEngine on), but when I do that, the site http://admin.myhost.com throws an http error 500, and it is not accessible anymore. If I add again the .htaccess on the admin folder stating the RewriteEngine on rule, the subdomain starts to work again, but again, the folder is accessible via URL adding /admin

I can't seem to find the solution to this problem after several hours. Is there any way to do this? Am I doing something wrong?

like image 852
user3153340 Avatar asked Jan 24 '14 22:01

user3153340

Video Answer

1 Answers

In the /admin/.htaccess have this rule:

RewriteEngine On

# block access if HOSTNAME is not starting with admin.    
RewriteCond %{HTTP_HOST} !^admin\. [NC]
RewriteRule ^ - [F]

OR if you want to show /index.php?template=error404 then

RewriteCond %{HTTP_HOST} !^admin\. [NC]
RewriteRule ^ /index.php?template=error404 [L,QSA]
like image 181
anubhava Avatar answered Sep 28 '22 07:09

anubhava
Sign in to Comment

Related questions

Use javascript to find email address in a string
Regex matching closing bracket not in quotes
split string separated by commas and equal sign in php with escaping
python how to extract operators from string
RegExp that match everything except letters
Remove begining punctuation from a word
PowerShell regex grouping
A PHP Regex Query
Match only a newline character
'string-match' does not work in 'org-map-entries'
Extract every complete word that contains a certain substring
Regex to match ampersands in a URI that are followed by an equals and not another ampersand
How to remove empty arrays from preg_split result?
Make one or zero regex operator greedy
Regex not working in Velocity Template
What does this Javascript statement (regular expression) mean?
POSIX regex alternate not working
Append string if not already present
the difference between `\\s|*` and `\\s|[*]` in regular expression in r?
get div from HTML with Python

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!