2

I've spent countless hours searching for similar issues and found the solutions to not work for me. I have an index.php with an 'id' GET variable to load pages dynamically as mydomain.com/[idVariableHere].

My .htaccess code works:

RewriteEngine On
RewriteBase /

RewriteRule ^(js|css|images)($|/) - [L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule ^([^/]+)/?$ /index.php?id=$1 [L,QSA]

However, it's not preventing the /js/, /css/, and /images/ folders from being displayed. It's interfering with the last RewriteRule and I have no idea how to get around this.

My goal is to keep the mydomain.com/[idVariableHere] look with restriction on these important folders. Please help.

theflarenet
  • 642
  • 2
  • 13
  • 27

2 Answers2

1

Have it this way:

ErrorDocument 404 default
ErrorDocument 403 default

RewriteEngine On
RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^/]+)/?$ index.php?id=$1 [L,QSA]
anubhava
  • 761,203
  • 64
  • 569
  • 643
  • Darn. It didn't work... in fact, it has the same exact effect as before. So close! :-( – theflarenet Mar 16 '15 at 14:21
  • What didn't work? What URL did you enter in browser? Test in chrome dev tool and see which URL is causing 404? – anubhava Mar 16 '15 at 14:23
  • Sorry for being vague! Well, the last RewriteRule worked when I entered mydomain.com/contact which linked to mydomain.com/index.php?id=contact but when I accessed mydomain.com/images, it loaded up index.php with the layout but the body of the page being white. I think it's loading /images.php (which doesn't exist) instead of the /images/ folder. – theflarenet Mar 16 '15 at 14:58
  • Do you have a file called `images.php`? Is there any .htaccess in `/images/`? Are there more rules in above .htaccess? – anubhava Mar 16 '15 at 15:05
  • images.php does not exist and there is no .htaccess in /images/. This is all located in the root directory. The same issue happens for other folders I've created like /videos/. if I visit mydomain.com/videos/, I expect to see the actual index of /videos/ but instead the last RewriteRule seems to supersede to mydomain.com/index.php?id=videos (/videos.php, which does not exist). – theflarenet Mar 16 '15 at 15:08
  • Forgot to mention, my index.php has, echo $_GET['id'] . ".php"; to include whatever is entered after mydomain.com/. – theflarenet Mar 16 '15 at 15:11
  • Hmm your PHP code seems to be the problem then. Since there is no rule in .htaccess that is adding `.php` in your URI. Create a file called `info.php` with this code `` and then replace `index.php` by `info.php` in above `RewriteRule` and retest. – anubhava Mar 16 '15 at 15:32
  • I just tried out what you said and had no luck but it did shed some light on the problem a little more. Regardless of it being index.php or info.php (with or without include $_GET['id']), mydomain.com/images/ doesn't even load the initial page (being index.php or info.php). If you try to load any EXISITING folder with mydomain.com/[folder], it will interfere with the RewriteRule! The folder must not exist in order to load info.php. – theflarenet Mar 16 '15 at 15:52
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/73086/discussion-between-anubhava-and-theflarenet). – anubhava Mar 16 '15 at 15:53
0

From what I understand, you want an .htaccess to prevent access to /js/, /css/, and /images/ folders. Assuming these are found in the root. Just create an .htaccess file in each folder with the following code:

deny from all

This was taken from:

deny direct access to a folder and file by htaccess

Community
  • 1
  • 1
user3842346
  • 51
  • 2
  • You are correct however my last RewriteRule seems to still function by loading my index.php thinking the prevented folders are _GET['id'] variables. This solution did not work for me. :-( – theflarenet Mar 16 '15 at 05:02
  • I hope to clarify my answer. Delete the current .htaccess file and create 3 individual .htaccess files in the folders: /js/, /css/, and /images/ . Then you could access your root files but prevent access to the other files. And by default apache will prevent any higher access. – user3842346 Mar 16 '15 at 05:50
  • If I do that, I lose my rewrite to mydomain.com/[idvariable] – theflarenet Mar 16 '15 at 14:22