0

Situation:

  • I want to return a 404 page ("404.php") when a folder ("hidden") is accessed from the example.com domain.
  • I want the same folder to be accessible from a subdomain ("hidden.example.com") or from a different domain ("hidden.com") which are both configured in a single VirtualHost entry.
  • The server has multiple IP addresses that it listens on. Each IP address serves identical content from the example.com domain (sharing a VirtualHost entry.) I want the folder to be accessible from the IP address.
  • The server is configured to use SSL/TLS/HTTPS. HTTPS is optional on example.com, but HTTPS is enforced in the .htaccess file for the hidden folder using a rewrite rule shown below.

/www/hidden/.htaccess

RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

I know that {SERVER_ADDR} gives the server's IP address, but does it return the one that the client is requesting from?

I'm also starting to think that something in the VirtualHosts file would be more appropriate. Any thoughts on this?

What should be allowed:

http://87.65.43.21/hidden/
https://87.65.43.21/hidden/
http://12.34.56.78/hidden/
https://12.34.56.78/hidden/
http://hidden.example.com/
https://hidden.example.com/
http://hidden.com/
https://hidden.com/
http://www.hidden.com/
https://www.hidden.com/

What should be 404-ed with 404.php

http://example.com/hidden/
https://example.com/hidden/
http://www.example.com/hidden/
https://www.example.com/hidden/
http://example.com/hidden/hiddenfile.php
https://example.com/hidden/hiddenfile.php
etc.

Thanks.

okw
  • 103
  • 1

2 Answers2

1

You can achieve this by adding some mod_rewrite magic to your .htaccess

RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule .* http://www.example.com/404.php [R=301]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

This is just an example of how can you do it, of course you can change the order of rules and the destination of them, just have in mind that adding the [L] will stop mod_rewrite from evaluating any further rules.

lynxman
  • 9,157
  • 3
  • 24
  • 28
0

this should work, as long as the example.com DocumentRoot is not /www, but /www/something_else. Add this to your httpd.conf:

NameVirtualHost 87.65.43.21
NameVirtualHost 12.34.56.78
NameVirtualHost hidden.com
NameVirtualHost hidden.example.com

<VirtualHost 12.34.56.78 12.34.56.78 hidden.com hidden.example.com>
    DocumentRooot /www/hidden
    ServerName hidden.com
    ServerAlias hidden
</VirtualHost>
addam
  • 430
  • 2
  • 6