University of Oregon

Redirect an entire Drupal site – .htaccess

I’ve migrated several Drupal sites to new servers lately and since some of those sites were in development they didn’t have a proper cName. So I’ve been using a .htaccess redirect to channel all traffic from the old site to the new ones.
Here’s an example of the new .htaccess file I placed in the /hr_diac directory on my old server:
##Redirect everything that pointed to /hr_diac to http://access-guide.hrstg.uoregon.edu/$1

RewriteEngine on
RewriteCond %{REQUEST_URI} /hr_diac [nc]
RewriteRule ^(.*)$ http://access-guide.hrstg.uoregon.edu/$1 [r=301,nc]

To clarify; I completely replaced the drupal .htaccess file with this file.
It’s pretty simple but it works.

sh script to update multiple .htaccess files

I have a couple of personal sites that I don’t use much but they have been getting pounded by hackers or at least hacker’s scripts.
So I grown tired of watching the same IP addresses bombard my different sites looking for vulnerabilities. They usually generate about 100 404’s at a time and those are only the attempts that failed. So to stop repeat offenders I wrote this script.
Many thanks to some code examples at cyberciti.biz and gabeanderson.com.

Here’s my file called blockip:
#!/bin/sh

if [ $# -lt 1 ] ; then
echo
echo Wrong number of params.
echo Try again using the following format:
echo "./blockip 91.121.83.100"
echo
exit 1
fi

FILES="$HOME/URL1.com/.htaccess
$HOME/URL2.com/.htaccess
$HOME/sub.URL3.com/.htaccess"

echo updating the following files:
for f in $FILES
do
echo "$f"
done

IFS=$'n'

for i in $FILES
do
echo "working on " "$i"
cp "$i" "$i.blockip_saved"
sed "s##Deny from $1n#g" "$i.blockip_saved" > "$i"

rm $i.blockip_saved #comment this line to save backup.
done

So it takes the ip address I pass it and looks in each of the .htaccess files for the tag: prepending that with “Deny from _ipaddress_” and we’re good to go.

So now I just have to type the offending ip address in once and it propagates across my sites.
It works for multiple ip’s as well; for ex: ./blockip “91.121.83.100, 91.121.160.160”

This method seems to work OK for now. I still get 404’s when the repeat offender returns but this time they are denied access before they might find a vulnerability.

It’s not a perfect solution. I would be nice to detect the hack attempt while it’s happening and block them dynamically while sending an abuse notification email to their ISP, but I haven’t stumbled across any scripts that will get me there yet.

sh script to update multiple .htaccess files

I have a couple of personal sites that I don’t use much but they have been getting pounded by hackers or at least hacker’s scripts.
So I grown tired of watching the same IP addresses bombard my different sites looking for vulnerabilities. They usually generate about 100 404’s at a time and those are only the attempts that failed. So to stop repeat offenders I wrote this script.
Many thanks to some code examples at cyberciti.biz and gabeanderson.com.

Here’s my file called blockip:
#!/bin/sh

if [ $# -lt 1 ] ; then
echo
echo Wrong number of params.
echo Try again using the following format:
echo "./blockip 91.121.83.100"
echo
exit 1
fi

FILES="$HOME/URL1.com/.htaccess
$HOME/URL2.com/.htaccess
$HOME/sub.URL3.com/.htaccess"

echo updating the following files:
for f in $FILES
do
echo "$f"
done

IFS=$'n'

for i in $FILES
do
echo "working on " "$i"
cp "$i" "$i.blockip_saved"
sed "s##Deny from $1n#g" "$i.blockip_saved" > "$i"

rm $i.blockip_saved #comment this line to save backup.
done

So it takes the ip address I pass it and looks in each of the .htaccess files for the tag: prepending that with “Deny from _ipaddress_” and we’re good to go.

So now I just have to type the offending ip address in once and it propagates across my sites.
It works for multiple ip’s as well; for ex: ./blockip “91.121.83.100, 91.121.160.160”

This method seems to work OK for now. I still get 404’s when the repeat offender returns but this time they are denied access before they might find a vulnerability.

It’s not a perfect solution. I would be nice to detect the hack attempt while it’s happening and block them dynamically while sending an abuse notification email to their ISP, but I haven’t stumbled across any scripts that will get me there yet.

Redirecting entire directories that dont exist – Clean URLs from scratch

I moved a bunch of sites to new servers this week and split our public facing web apps from the secure internal web apps.
This created a need for a comprehensive redirect.
I had been using a php redirect scheme that parsed out the URL and pointed specific pages to new locations but I wanted a solution that was housed in the secure directory of my public facing server …/private.
I struggled with the solution for a bit [read:hours] and then the solution hit me when I got home.
I was attempting to use .htaccess to redirect certain directories and all their files to their new locations but I’ve found the .htacess only seems to work when the specific files exist.
I had hoped that executing that code from the virtual host file would help but I think it has the same limitations.

Then I thought about Clean URLs are typically handled in PHP. Specifically the way the Drupal does it (as well as a couple other CMS apps).
I could redirect any filename requests to a single index.php file and then include the destination in the request.

So the key lines in .htaccess looked like this:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

RewriteCond’s explained (Thanks to http://forum.mamboserver.com/showthread.php?t=42366):
RewriteCond %{REQUEST_FILENAME} !-d
-If the request is for a real directory (one that exists on the server), index.php isn’t served.
RewriteCond %{REQUEST_FILENAME} !-f
-If the request is for a file that exists already on the server, index.php isn’t served.
RewriteRule ^(.*)$ /index.php
-All other requests are sent to index.php.

Then I saved my redirect.php file as index.php and processed the request.

Basically I’m looking at the first directory of the request and pushing the whole thing on.

I put some good stuff in there.
-A javascript vs. php redirect option (with a count down function!)
-A switch statement to handle different destinations for different requests

It worked great.

I’ve posted the full code below.

<?php
/* Redirect users to new locations.
 * Usage: index.php?q=...;
 * .htacess can be helpful here:
================================================================================
		# Follow symbolic links in this directory.
		Options +FollowSymLinks
		# Various rewrite rules.
		
			RewriteEngine on
			# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
			RewriteCond %{REQUEST_FILENAME} !-f
			RewriteCond %{REQUEST_FILENAME} !-d
			RewriteCond %{REQUEST_URI} !=/favicon.ico
			RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
		
================================================================================
*/
$redirectLOC = (isset($_REQUEST['q']))?$_REQUEST['q']:'';
$redirectPath="";
$redirectPhp=true; //should this page redirect immediately using php?
$initDirArray=explode("/",$redirectLOC);
$initDir=array_shift($initDirArray);

//This switch statment provides an opportunity to send different directories to different URLs
switch($initDir){
	case "webapp":
		$redirectPath = 'https://jobapp.myServer.com/'.str_replace('webapp/','',$redirectLOC); //Remove webapp from the location. The new location doesn't need it.
		$redirectPhp = false;
	break;
	case "unclassified":
	case "classified":
	case "wiki":
	case "fmla":
		$redirectPath = 'https://myPrivateServer.com/private/'.$redirectLOC; //All these files moved to myPrivateServer/private/
		$redirectPhp = false;
	break;
	default;
		//otherwise let it continue on to existing apps aaeo, jobapp, ...
	break;
}

$newLink="$redirectPath";
if($newLink !== ''){
	Header( "HTTP/1.1 301 Moved Permanently" );
	if($redirectPhp){Header( "Location: $newLink" );}
	echo "<h1>This page has moved.</h1>
	<strong>Please update your bookmarks.</strong>
	<p>If you are not redirected automatically in <span>5</span> second<span>s</span>, please follow this link: <a>".$newLink."</a>.</p>
	
	
		function countDown() {
			numberToChange = document.getElementById('numSec').innerHTML;
			if(parseInt(numberToChange)-1 == 1){
				document.getElementById('plural').innerHTML = '';
			} else {
				document.getElementById('plural').innerHTML = 's';
			}
			if(parseInt(numberToChange) &lt;= 0){
				clearTimeout(counter);
			}else{
				document.getElementById(&#039;numSec&#039;).innerHTML = numberToChange-1;
				counter = setTimeout(countDown,1000);
			}
		}
		counter = setTimeout(countDown,1000);
		setTimeout(&quot;location.href=&#039;&quot;.$newLink.&quot;&#039;&quot;,5000);
	
	";
	die();//stop processing page
}
?&gt;

Using .htaccess to point a broken pdf link to the right file

We sent out a mass email using Blackboard with a link to a pdf (UO MULD Form 2009V2 1.pdf) and the period at the end of the sentence was included in link in some email readers. So I created a dummy-file with the ‘.’ in the name (UO MULD Form 2009V2 1.pdf.) and turned on this url rewrite in the .htaccess file:

Options +FollowSymlinks
RewriteEngine on
redirect 301 &quot;http://oursite/er/UO MULD Form 2009V2 1.pdf.&quot;  http://oursite/er/UO%20MULD%20Form%202009V2%201.pdf

Protected: Adding Shibboleth SSO to your drupal site

This content is password protected. To view it please enter your password below: