Redirect by rewrite & .htaccess

[slimak]

Hello,
When LSWS redirect from one catalog to another, it doesn't check the .htaccess in new directory. e.g.: I have catalog /a/ with .htaccess file. In /a/.htaccess I use mod_rewrite to redirect from /a/info.php to /b/info.php. In catalog /b/ I have .htaccess file with "php_value register_globals off". When I enter /a/info.php then I have register_globals on, but when I enter /b/info.php then the register_globals are off. In Apache register_globals are off for both /a/info.php & /b/info.php.

 

[mistwang]

OK. I will check this.

 

[mistwang]

It works properly with my test case. What is the rewrite rule to redirect /a/info.php to /b/info.php? I wonder if the request got redirected at all.

My rewrite rule in /a/.htaccess

RewriteEngine on
RewriteRule phpinfo.php /2/phpinfo.php

It performs an internal redirect which does not change the URL in browser, if external redirect is prefered, just add "[R]" to the end of the rewrite rule, same result.

 

[slimak]

Answer

I checked that and when you redirect from /a/phpinfo.php to /b/phpinfo.php it works, but when your redirect from /phpinfo.php (document_root) to /b/phpinfo.php it doesn't work.
I have files:
public_html/.htaccess:
RewriteEngine on
RewriteRule phpinfo.php /2/phpinfo.php

public_html/2/.htaccess:
php_value register_globals off

public_html/2/phpinfo.php:
<?php
phpinfo();
?>

There is no file public_html/phpinfo.php.
1. When I enter http://domain/phpinfo.php, then register_globals are on (wrong).
2. When I enter http://domain/2/phpinfo.php, then register_globals are off (correct).
3. When I enter http://domain/empty_dir/phpinfo.php, then register_globals are off (correct).

 

[mistwang]

please try the 3.0 package
http://www.litespeedtech.com/packages/3.0/lsws-3.0-std-i386-linux.tar.gz

Frontpage with domain.com may work well with this release as well, please let me know.

 

[slimak]

Answer

1. Now .htaccess after redirect works.
2. FrontPage Ext with domain.com still doesn't work. When I copy file /usr/local/frontpage/www.domain.com:80 to /usr/local/frontpage/domain.com:80, then they works.
3. In new version, when I enter LSWS "Control Panel", I have error:
Warning: Invalid argument supplied for foreach() in /usr/local/lsws/admin/html.3.0/classes/ws/Service.php on line 59

 

[mistwang]

For #2, it is a work around as expected. I just wonder why Apache can do it without domain.com:80? I thought it was "UseCanonicalName on", so CGI env SERVER_NAME will be always set to "www.domain.com" when accessed through http://doamin.com/... , and I just added support for UseCanonicalName in LSWS, I wonder why it still does not working.

We saw #3 problem surfacing sometimes as well, no real harm, but will let web admin developer to take a look. Thanks.

 

[slimak]

Answer

#2. I have "UseCanonicalName off" for all VH. When I turned it on for one virtual host, then it was working properly (www.domain.com and domain.com). It seems that Apache force UseCanonicalName off for FrontPage Extensions.

 

[mistwang]

I see. I updated the package to force "UseCanonicalName on" for FrontPage Extensions. Please give it a try.

Thanks.

 

[slimak]

Answer

Now FrontPage Extensions works perfectly at LSWS.

To make it work at cPanel server, admin must execute two shell commands:

sed -rie 's/(safe_)?chmod\(( )?0600,( )?("\$\{myuid\}",)?( )?"\$(\{)?homedir(\})?\/public_html\$\{subweb\}\/_vti_pvt\/service.pwd"( )?\);/\1chmod(\20644,\3\4\5"$\6homedir\7\/public_html${subweb}\/_vti_pvt\/service.pwd"\8);/' /scripts/fp-auth /usr/local/frontpage/version5.0/apache-fp/fp-auth /usr/local/cpanel/bin/convertfppassthrough /scripts/fixfrontpageperm

/scripts/fixfrontpageperm

 

[mistwang]

Thanks for the update and the script. I will update the cPanel wiki.

Should the script be executed only once, or need to be executed for each account? How about account added later?

 

[slimak]

Answer

It should be executed only once. Probably it should be exexuted also after cPanel upgrade (if cPanel will override this changes). Accounts and FrontPage Extensions added later will have automatically correct permissions to file service.pwd.

 

[mistwang]

I am no expert of sed scripts, does your script change the permssion of service.pwd to 0644? It might be a security hole if it does.
0640 should be good to me if it is owned by "nobody" group.

 

[slimak]

Answer

The owner of service.pwd is $user:$user. It change perms to 0644, but permissions to public_html directory at cPanel servers are 0750 (owner $user:nobody).

 

[mistwang]

OK, it should not be a problem then.

Thanks!