1

The file structure is as follows

  • Public files: /home/usrname/public_html
  • CGI BIN, where the software is running: /home/usrname/public_html/cgi-bin
  • Private files: /home/usrname/public_html/_private
  • Databases: /home/usrname/public_html/_private/data

What I would like to do is convert the code below from Apache 1.3.42 to an Apache 2.4.12 .htaccess file, seemly a few changes during the SSL path are what I"m really getting hung up on mainly.

When you try any document with the SSL path all I see if the _private path and not the public_html path in the HTML source for any file types, like, CSS, js images, etc.

I also have a permissions issues, which is asking for me to login during SSL mode, this must be due to one of the other .htaccess files. It should be simple, yet somehow I'm not getting the rules correctly in-line just yet.

Here are the lines of code in each .htaccess file.

Public files: /home/usrname/public_html

RewriteEngine On

RewriteCond %{HTTP_HOST} ^99\.00\.99\.000$
RewriteRule ^/?(.*)$ http://www.example.com/$1 [R=301,L]

RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule ^/?(.*)$ http://www.example.com/$1 [R=301,L]

RewriteCond /home/usrname/public_html/%{REQUEST_FILENAME} -f
RewriteRule ^(.+) /home/usrname/public_html/$1 [L]
RewriteCond /home/usrname/public_html/_private/%{REQUEST_FILENAME} -f
RewriteRule ^(.+) /home/usrname/public_html/_private/$1 [L]
RewriteRule ^(.+) - [PT]

DirectoryIndex home.html index.htm index.html default.htm Default.htm
Action cgi-ccd /cgi-bin/aws.emp
AddHandler cgi-ccd html
AddHandler default-handler .gif
AddHandler default-handler .jpg

<FilesMatch "\.(inx|weo|lco|dbo|cdo|fpo|dao)">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

We also have these .htaccess files on the account in their respective paths.

Private files: /home/usrname/public_html/_private

AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName Administrator
AuthType Basic
<limit GET>
require valid-user
</limit>

Databases: /home/usrname/public_html/_private/data

AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName Administrator
AuthType Basic
<limit GET>
require valid-user
</limit>

CGI BIN: /home/usrname/public_html/cgi-bin

Options +ExecCGI
Order allow,deny
Allow from all

Perhaps there is something with the way these all work together that are the issue now in Apache 2.4+? Perhaps it's the permissions with calling the file from the CGI-BIN directory, I can move this if needed?

The 301 redirects are fairly simple, seemly. The syntax may need changed for teh version, but they seem simple enough to program. I think there is some conflict with something like Options FollowSymLinks SymLinksIfOwnerMatch ExecCGI Includes MultiViews or some other combination; I have tried several combinations with no luck.

In the end all I'm trying to do mask the full path cgi-bin path of the software, yet provide the old path back as a 301 redirect so we do not lose any links that may be indexed and or bookmarked.

.i.e.

From: http://www.example.com/cgi-bin/aws.emp/any-document-file-name.html
To: http://www.example.com/any-document-file-name.html

or in SSL mode.

From: https://www.example.com/cgi-bin/aws.emp/any-document-file-name.html
To: https://www.example.com/any-document-file-name.html

I found if I change the following from %{REQUEST_FILENAME} to %{REQUEST_URI} that at least allows everything to work, unless you need the SSL path, it then shows the _private path for any file types, such as css, js, images and so on.

I hope I provided enough information to help resolve this pesky issue, sadly I'm very inexperienced with mod_rewrites and thus it seems like somewhat of a black magic right now. This may take weeks to solve simple seemly things on my own.

Any help is greatly appreciated, I so want to migrate off of Apache 1.3.42 as it's way overdue and once this issue has been solved I can.

MrWhite
  • 11,643
  • 4
  • 25
  • 40
ingenuitor
  • 11
  • 1
  • Related: https://serverfault.com/questions/214512/redirect-change-urls-or-redirect-http-to-https-in-apache-everything-you-ever – Deer Hunter May 13 '15 at 04:39
  • Seemly a great link, but I know very little and or even understand mod-rewrites. I'm trying but, time is limited and thus very hard to learn a mountain of information. I guess I have to seke my answers elsewhere. Thanks – ingenuitor May 13 '15 at 22:58

1 Answers1

1

I found if I change the following from %{REQUEST_FILENAME} to %{REQUEST_URI} that at least allows everything to work

If by this you are referring to the following block of code (supposedly in the root .htaccess file):

RewriteCond /home/usrname/public_html/%{REQUEST_FILENAME} -f
RewriteRule ^(.+) /home/usrname/public_html/$1 [L]
RewriteCond /home/usrname/public_html/_private/%{REQUEST_FILENAME} -f
RewriteRule ^(.+) /home/usrname/public_html/_private/$1 [L]
RewriteRule ^(.+) - [PT]

Then that only makes a little bit of sense. The problem is that these directives wouldn't have worked on Apache 1.3 either, if used in .htaccess.

The "problem" is that the contents of that .htaccess file looks like it's been taken straight out of the server config. In a .htaccess context these directives would never match, regardless of whether REQUEST_FILENAME was changed to REQUEST_URI. When used in the server config, REQUEST_FILENAME is the same as REQUEST_URI, but in .htaccess REQUEST_FILENAME is the absolute filesystem path that the request maps to. So, using REQUEST_URI in this context is just "less wrong", it's still not correct.

Rewriting to /home/usrname/public_html/... (an absolute filesystem path) is invalid in .htaccess. This would result in a 400 Bad Request if successfully executed.

However, these directives don't actually look as if they are doing anything. They simply rewrite the request back to the same file - which doesn't make much sense - so it's difficult to see what the intention of these directives are? Are they perhaps intended to stop other directives from running (eg. to prevent requests being passed to the CGI script)?

some conflict with something like Options FollowSymLinks SymLinksIfOwnerMatch ExecCGI Includes MultiViews

You'll need FollowSymLinks or SymLinksIfOwnerMatch set for mod_rewrite to function. And you may need to disable MultiViews.

MrWhite
  • 11,643
  • 4
  • 25
  • 40