How do I ignore a directory in mod_rewrite?

Question

I'm trying to have the modrewrite rules skip the directory vip. I've tried a number of things as you can see below, but to no avail.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#RewriteRule ^vip$ - [PT]
RewriteRule ^vip/.$ - [PT]
#RewriteCond %{REQUEST_URI} !/vip 
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

How do I get modrewrite to entirely ignore the /vip/ directory so that all requests pass directly to the folder?

Update:

As points of clarity:

It's hosted on Dreamhost
The folders are within a wordpress directory
the /vip/ folder contains a webdav .htaccess etc (though I dont think this is important

On apache 2.2 you might need `RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f` read this http://stackoverflow.com/a/12575089/516748 — KCD, Nov 18 '14 at 23:34

Patrick McElhaney · Answer 1 · 2009-11-02T18:31:24.103

137

Try putting this before any other rules.

RewriteRule ^vip - [L,NC]

It will match any URI beginning vip.

The - means do nothing.
The L means this should be last rule; ignore everything following.
The NC means no-case (so "VIP" is also matched).

Note that it matches anything beginning vip. The expression ^vip$ would match vip but not vip/ or vip/index.html. The $ may have been your downfall. If you really want to do it right, you might want to go with ^vip(/|$) so you don't match vip-page.html

edited Nov 02 '09 at 18:31

answered Oct 02 '08 at 17:22

Patrick McElhaney

57,901
40
134
167

BTW, I had the same problem a few weeks ago, and this worked for me on Apache/2.2.8 (UNIX). – Patrick McElhaney Oct 02 '08 at 17:43
why not use `RewriteRule ^vip/? - [L,NC]` to take care of the slash issue? – Brooke. Dec 18 '12 at 07:45
2

@Brandon That's essentially equivalent to `^vip`. It would match "vip" followed by a slash (maybe) and some other characters (maybe). We want to match "vip" exactly (`^vip$`) or any string that starts with "vip/" (`^vip/`). – Patrick McElhaney Dec 18 '12 at 17:56
The reason that doesn't work is the same as why the existing `RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d` don't work. The directory in question has a special .htaccess that is causing an error--the same will happen with a password protected directory. – brentonstrine Aug 09 '13 at 23:17
This worked. I tweaked it for my own use though. To make it so that any "/vip/" folder works use "RewriteRule \/vip\/ - [L,NC]" – Kyle Bridenstine Nov 30 '15 at 17:51
what will happen if I have redirection to https? – Edik Mkoyan Oct 12 '17 at 18:59

score 14 · Answer 2 · edited Aug 02 '10 at 01:31

14

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

This says if it's an existing file or a directory don't touch it. You should be able to access site.com/vip and no rewrite rule should take place.

edited Aug 02 '10 at 01:31

sth

222,467
53
283
367

answered Nov 07 '08 at 21:32

He is right, these rules should be sufficient. The problem is that the directory is password protected. See the other answers below (including mine) which elaborate on this. – brentonstrine Aug 09 '13 at 23:30

score 10 · Answer 3 · answered Aug 09 '13 at 23:27

The code you are adding, and all answers that are providing Rewrite rules/conditions are useless! The default WordPress code already does everything that you should need it to:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

Those lines say "if it's NOT an existing file (-f) or directory (-d), pass it along to WordPress. Adding additional rules, not matter how specific or good they are, is redundant--you should already be covered by the WordPress rules!

So why aren't they working???

The .htaccess in the vip directory is throwing an error. The exact same thing happens if you password protect a directory.

Here is the solution:

ErrorDocument 401 /err.txt
ErrorDocument 403 /err.txt

Insert those lines before the WordPress code, and then create /err.txt. This way, when it comes upon your WebDAV (or password protected directory) and fails, it will go to that file, and get caught by the existing default WordPress condition (RewriteCond %{REQUEST_FILENAME} !-f).

Regarding my upvote for this solution. I had an .htaccess password protecting the subdirectory which was passing through to index.php, the err.txt file, allowed my to mach the directory. — Fotis Paraskevopoulos, Feb 27 '15 at 10:41
I had another folder under a wordpress directory that contained a separate php app. That app was throwing an error, but instead of getting the error, it was coming back through wordpress and giving me a 404. This solution solves that issue and I was able to see the 500 error that was being thrown by the php application. Thank you so much! — Paul Zepernick, Jun 30 '15 at 10:59
This is a perfect solution for those who have issues with htpasswd-protected subfolders. Thank you! — Eugene Sue, Nov 18 '15 at 10:41

score 9 · Answer 4 · answered Aug 08 '10 at 17:35

In summary, the final solution is:

ErrorDocument 401 /misc/myerror.html
ErrorDocument 403 /misc/myerror.html

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

I posted more about the cause of this problem in my specific situation, involving Wordpress and WebDAV on Dreamhost, which I expect many others to be having on my site.

score 8 · Answer 5 · answered Oct 02 '08 at 18:31

8

You mentioned you already have a .htaccess file in the directory you want to ignore - you can use

RewriteEngine off

In that .htaccess to stop use of mod_rewrite (not sure if you're using mod_rewrite in that folder, if you are then that won't help since you can't turn it off).

answered Oct 02 '08 at 18:31

Jay

41,768
14
66
83

Wouldn't help, as the .htaccess in the parent directory, which does have Rewrite rules, would get evaluated long before Apache looked into /vip. – Marc B Aug 08 '10 at 17:48
2

I just used this method and it worked fine. And I have .htaccess in the parent directory turning rewriteengine on. So I guess Apache looks in the child directory regardless. – Adam Culp May 18 '12 at 21:32

score 7 · Answer 6 · answered Jun 11 '13 at 06:55

7

Try replacing this part of your code:

RewriteRule ^vip/.$ - [PT]

...with the following:

RewriteCond %{REQUEST_URI} !(vip) [NC]

That should fix things up.

answered Jun 11 '13 at 06:55

ChongFury

161
2
3

This helped me in a case where there was a general rule in place already (block all hidden directories that start with . ), but I needed to make one exception (allow .well-known for letsencrypt to work on cron). – squarecandy Aug 04 '17 at 14:53

score 4 · Answer 7 · edited Nov 29 '12 at 20:24

4

RewriteCond %{REQUEST_URI} !^pilot/

is the way to do that.

edited Nov 29 '12 at 20:24

McGarnagle

101,349
31
229
260

answered Nov 29 '12 at 20:03

Gokul Muralidharan

161
1
5

score 4 · Answer 8 · answered Oct 21 '14 at 23:02

In my case, the answer by brentonstrine (and I see matdumsa also had the same idea) was the right one... I wanted to up-vote their answers, but being new here, I have no "reputation", so I have to write a full answer, in order to emphasize what I think is the real key here.

Several of these answers would successfully stop the WordPress index.php from being used ... but in many cases, the reason for doing this is that there is a real directory with real pages in it that you want to display directly, and the

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

lines already take care of that, so most of those solutions are a distraction in a case like mine.

The key was brentonstrine's insight that the error was a secondary effect, caused by the password-protection inside the directory I was trying to display directly. By putting in the

ErrorDocument 401 /err.txt
ErrorDocument 403 /err.txt

lines and creating error pages (I actually created err401.html and err403.html and made more informative error messages) I stopped the 404 response being generated when it couldn't find any page to display for 401 Authentication Required, and then the folder worked as expected... showing an apache login dialog, then the contents of the folder, or on failure, my error 401 page.

You could leave a comment instead of putting an answer too. – brentonstrine Jun 30 '15 at 16:39 — brentonstrine, Jun 30 '15 at 16:39

score 3 · Answer 9 · answered Apr 19 '10 at 01:31

I’ve had the same issue using wordpress and found that the issue is linked with not having proper handler for 401 and 403 errors..

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

These conditions are already supposed not to rewrite the url of existing folders but they don’t do their job for password protected folders. In my case, adding the following two lines to my root .htaccess fixed the problem:

ErrorDocument 401 /misc/myerror.html
ErrorDocument 403 /misc/myerror.html

Of course you need to create the /misc/myerror.html,

score 3 · Answer 10 · answered Feb 27 '11 at 22:51

This works ...

RewriteRule ^vip - [L,NC]

But ensure it is the first rule after

RewriteEngine on

i.e.

ErrorDocument 404 /page-not-found.html

RewriteEngine on

RewriteRule ^vip - [L,NC]

AddType application/x-httpd-php .html .htm

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d 

etc

Peter Howe · Answer 11 · 2008-10-02T16:55:09.100

-1

I'm not sure if I understand your objective, but the following might do what you're after?

RewriteRule ^/vip/(.*)$   /$1?%{QUERY_STRING} [L]

This will cause a URL such as http://www.example.com/vip/fred.html to be rewritten without the /vip.

edited Oct 02 '08 at 16:55

answered Oct 02 '08 at 16:49

Peter Howe

1,403
2
16
30

How do I ignore a directory in mod_rewrite?

Update:

11 Answers11

Linked