On Wed, May 21, 2025 at 12:19 PM J Lance Wilkinson <[email protected]> wrote:
> I have a directory /PMHS72/ which contains a few .html and .php files
> that I want to present, and all other files in the directory are blocked.
>
> I need to rewrite requests for the files in the directory to redirect
> any explicit requests for files in the directory, UNLESS they are those
> few whitelisted files, to be sent to one specific one of those
> whitelisted .php files as a parameter.
>
> Here's my configuration -- directory and rewrite rules.
>
> RewriteEngine On
> LogLevel alert rewrite:trace5
>
> # Allow direct access to whitelisted PHP and HTML files
> RewriteCond %{REQUEST_URI}
> ^/PMHS72/(index|gateway|verify|CodePreview|wrapper|roster)\.php$ [NC,OR]
> RewriteCond %{REQUEST_URI} ^/PMHS72/(privacy|terms)\.html$ [NC]
> RewriteRule ^ - [L]
>
> # Rewrite everything else under /PMHS72/ to go through wrapper.php
> #RewriteRule ^PMHS72/(.*)$ /PMHS72/wrapper.php?file=$1 [QSA,L]
> RewriteRule ^/?PMHS72/(.*)$ /PMHS72/wrapper.php?file=$1 [QSA,L]
>
>
>
> <DirectoryMatch "^/var/www/html/PMHS72/?$">
> Options +Indexes
> Require all granted
> </DirectoryMatch>
>
> <Directory "/var/www/html/PMHS72">
> Require all denied
>
> # Expose all whitelisted files
> <FilesMatch
> "^(index|gateway|verify|CodePreview|wrapper|roster)\.php$">
> Require all granted
> </FilesMatch>
>
> <FilesMatch "^(privacy|terms)\.html$">
> Require all granted
> </FilesMatch>
>
> DirectoryIndex index.php
>
> </Directory>
>
> Any attempt to reach /PMHS72/PMHS-72%20Alumni%20Roster.pdf SHOULD be
> rewritten to to this:
>
> /PMHS72/wrapper.php?file=PMHS-72%20Alumni%20Roster.pdf
>
> Instead I'm getting a server default 403 response, and even though I've
> got rewrite set to trace 5 I'm getting NO error log entries.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
What context are the rules defined in? The vhost, directly?
If so, RewriteRule ^/? doesn't make sense, as you'll always see the leading
slash.
Lastly, if you have more than one vhost, run apachectl -S and make sure the
correct vhost is being accessed / edited.
