0

I need to access codeigniter website homepage only at example.com and example.com/index.html and not at example.com/index.php, I tried redirecting index.php to index.html with htacess but homepage becomes inaccessible. I do not want to show it is a php website. though I am able to display homepage at example.com/index.html by adding below in application/config/routes.php

$route['index.html'] = 'home/index';

But example.com/index.php is still accessible which I want to redirect to 404

Kitty
  • 49
  • 1
  • 6
  • Does this answer your question? [how to hide index.php and controller name in codeigniter by htaccess](https://stackoverflow.com/questions/57800579/how-to-hide-index-php-and-controller-name-in-codeigniter-by-htaccess) – Javier Larroulet Nov 01 '20 at 11:03
  • Why would you want to hide the fact you are using PHP? if for security, it's futile in terms of security through obscurity – Javier Larroulet Nov 01 '20 at 11:04
  • set `$config['url_suffix'] = '.html';`, note: this doesn't resolve index.php to index.html but all other pages can be shown as "a_page.html". And you could hide(remove) index.php completely. See https://codeigniter.com/userguide3/general/urls.html – Vickel Nov 01 '20 at 16:56

1 Answers1

2

Try adding the following at the top of your .htaccess file:

RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^index\.php$ / [R=302,L]

This redirects any direct requests for /index.php to /.

The condition that checks against the REDIRECT_STATUS environment variable ensures we only redirect direct requests and not rewritten requests by the Codeigniter front-controller (that appears later in the .htaccess file). Otherwise, you'll get a rewrite-loop (500 Internal Server Error response).

The REDIRECT_STATUS env var is not set on the initial request from the client (ie. evaluates to an empty string, ^$). However, when the request to rewritten by the Codeigniter front-controller to index.php, REDIRECT_STATUS is set to the string 200 (representing a 200 OK HTTP status), so the above condition fails to match and the request is not redirected when Codeigniter rewrites the request to index.php.

You could redirect to index.html as well using the above method, but index.html must be set up as a route in Codeigniter as you suggest.

But example.com/index.php is still accessible which I want to redirect to 404

If instead you want to serve a 404 (although a redirect, as above, would be preferable) then simply change the RewriteRule to read (keeping the condition as before):

RewriteRule ^index\.php$ - [R=404]
MrWhite
  • 43,179
  • 8
  • 60
  • 84
  • not my DV, but I think, if you send index.php to 404, the whole Codeigniter framework wouldn't work. Codeigniter's Index.php is setting up the system settings of the framework – Vickel Nov 02 '20 at 12:32
  • @Vickel That's what the check against the `REDIRECT_STATUS` environment variable is for - as stated in my answer. This ensures that _only_ direct requests from the client are served with a 404 (or redirected). Rewritten requests (to `index.php`) by the Codeigniter front-controller are not touched - `index.php` is still accessible to PHP/Codeigniter. – MrWhite Nov 02 '20 at 12:35
  • ah, ok, thanks for pointing that out, didn't know/try. I usually hide index.php with .htaccess and add url_suffix in my config (as per my comment at the OP) – Vickel Nov 02 '20 at 12:36
  • @Vickel I've updated my answer with a bit more explanation about the use of the `REDIRECT_STATUS` environment variable. – MrWhite Nov 02 '20 at 12:44
  • @Vickel "I usually hide index.php with .htaccess" - Same method as above. Although you can also match against `THE_REQUEST` instead - same result, except that the regex required to match against `THE_REQUEST` is often more "complex". – MrWhite Nov 02 '20 at 12:48
  • 1
    Thanks! redirecting this way to 404 works well, earlier the way I was redirecting made complete website inaccessible. Don't know why this question was closed and the two references given to close the question do not match at all with this question. Any way I got the answer. Thanks again – Kitty Nov 03 '20 at 00:50