0

I have an alias domain name which I don't want it to load the website. I only want my alias domain to access if the request URL has a certain string.

Example: www.myalias.com/pass/whatever/here

The string I'm looking at is the "pass" If the request URL has the "pass" there, then allow to access to the website, if not then return 404 error.

The rule will check if the domain name is equal to "myalias.com" then check to see if the string "pass" is exist in the request URL.

How can I write that to a rule in .htaccess ?

mana
  • 1,075
  • 1
  • 24
  • 43

1 Answers1

1

Sounds pretty straight forward: you check the http host, the presence of the pass and react as desired:

This denies requests

RewriteEngine on
RewriteCond %{HTTP_HOST} ^alias\.example\.com$
RewriteCond %{REQUEST_URI} !^/pass/
RewriteRule ^ - [F]

That one sends a custom http status (here 403):

RewriteEngine on
RewriteCond %{HTTP_HOST} ^alias\.example\.com$
RewriteCond %{REQUEST_URI} !^/pass/
RewriteRule ^ - [R=403]

Or you can redirect clients to wherever you want:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^alias\.example\.com$
RewriteCond %{REQUEST_URI} !^/pass/
RewriteRule ^ https://example.com/ [R=301]

You obviously need to have the rewriting module loaded inside your http server. Typically such rules should get implemented in the actual http server's host configuration. If you really want to use a distributed configuration file (".htaccess") you need to enable its interpretation first (see the documentation for the AllowOverride directive).

arkascha
  • 41,620
  • 7
  • 58
  • 90
  • Not working, not sure why is always response 403 even the /pass/ is part of the url. – mana Jun 23 '21 at 14:43
  • It work when you check if exists, but when you add the !^ it always response 403 error. Any suggestion? – mana Jun 23 '21 at 15:50
  • Which variant are you using? – arkascha Jun 23 '21 at 16:19
  • I use this one: RewriteEngine on RewriteCond %{HTTP_HOST} ^alias\.example\.com$ RewriteCond %{REQUEST_URI} !^/pass/ RewriteRule ^ - [R=403] – mana Jun 23 '21 at 16:56
  • The ruleset is correct and works. If you receive different results you have another factor that intervenes here: a cached result, some other rules you did not mention, a request to a URI different from what you claim. – arkascha Jun 23 '21 at 19:51
  • Thank you @arkascha I'll continue to test and see why is not working. I don't think is a cache, because I can easily make change to a line and refresh the browser and that change take effect. Could be Apache version or something else. – mana Jun 23 '21 at 23:48
  • This is the line is not working for some reasons: RewriteCond %{REQUEST_URI} !^/pass/ – mana Jun 23 '21 at 23:49
  • The http server version is very unlikely as a cause for this issue. That software is very stable and robust. Could you please post the _exact_ URI you request? – arkascha Jun 24 '21 at 10:52
  • I think this problem is the same as https://stackoverflow.com/questions/59687302/check-if-request-uri-does-not-contain-a-string – mana Jun 24 '21 at 16:47
  • I'm thinking about an alternative way of writing this rule to get the same outcome. That include removing the !^ negate. – mana Jun 24 '21 at 17:13
  • I end up using PHP script to enforce the rule. – mana Jun 24 '21 at 19:24
  • I suspect the actual URL that is requested has an additional prefix you did not mention. Because the condition works as it is. You are _wrong_ in your statement that `!^` is a logical negation. `!` is a negation, then `^` anchors the following pattern at the beginning of the line. So the pattern will only match if the line _starts_ with the pattern, not if something is present before that. This fits to all the remarks you made. Which is why I asked for the actual URL that is requested, which you did not provide. – arkascha Jun 25 '21 at 11:57