Akaunting .httaccess to OLS

edited July 9 in Web Server
I am wondering if I have the .htaccess conversion to OLS correct. I am getting a 404 error page when I try to load the website. Any insights are appreciated.

The website contains two .htaccess files:
  • /vendor/phenx/php-font-lib/.htaccess
  • ./.htaccess
The /vendor/phenx/php-font-lib/.htaccess has one rule in it and it is commented out so I just skipped the file.

The ./.htaccess contains the following information:
# Prevent Directory Listing
<IfModule autoindex>
	IndexIgnore *
</IfModule>

<IfModule mod_rewrite.c>
    # Prevent Directory Listing
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Prevent Direct Access to Protected Files
    <FilesMatch "(?i)(^artisan$|\.env|\.log)">
        Order deny,allow
        Deny from all
    </FilesMatch>

    # Prevent Direct Access To Protected Folders
    RewriteRule ^(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]

    # Prevent Direct Access To modules/vendor Folders Except Assets
    RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
I created a static context / with a directory of $DOC_ROOT:
context / {
  location                $DOC_ROOT
  allowBrowse             1
  autoIndex               0

  rewrite  {
    enable                1
# Prevent Direct Access To Protected Folders
RewriteRule ^/(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]

# Prevent Direct Access To modules/vendor Folders Except Assets
RewriteRule ^/(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/(.*)/$ /$1 [L,R=301]

# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/ index.php [L]

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

  }
  addDefaultCharset       off
}
To take care of the FilesMatch I created another static context with a regular expression:
context /(?i)(^artisan$|.env|.log) {
  location                $DOC_ROOT
  allowBrowse             0

  addDefaultCharset       off

}
All of the options are taking care of except -MultiViews. Since OLS does not support MultViews, there is nothing for me to do.

Comments

  • edited July 9
    I fixed the Static Context and it works:
    context / {
      location                $DOC_ROOT
      allowBrowse             1
      autoIndex               0
    
      rewrite  {
        enable                1
    # Prevent Direct Access To Protected Folders
        RewriteRule ^(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]
    
        # Prevent Direct Access To modules/vendor Folders Except Assets
        RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]
    
        # Redirect Trailing Slashes If Not A Folder...
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule ^(.*)/$ /$1 [L,R=301]
    
        # Handle Front Controller...
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^ index.php [L]
    
        # Handle Authorization Header
        RewriteCond %{HTTP:Authorization} .
        RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
      }
      addDefaultCharset       off
    
      phpIniOverride  {
    
      }
    }
    I had an error in the second Static Context. It is now fixed:
    context exp: (?i)(^artisan$|.env|.log) {
      location                $DOC_ROOT
      allowBrowse             0
      addDefaultCharset       off
    }
  • Please always mention the installed version, it looks like you may be on 1.7 RC, which already have "/" static context, and you can put rewrite rules from CyberPanel (if you are rewriting them).
  • edited July 9
    I had the remove the . from the second Static Context. Now everything seems to be working fine.

    There is a conflict between the rewrite rules / and /.filesmanger. This conflict is fixed in version 1.7 RC. A workaround is to place the rewrite rules in the vhost rewrite rules file.
    context exp: exp: (?i)(^artisan$|env$|log$) {
      location                $DOC_ROOT
      allowBrowse             0
      addDefaultCharset       off
    }
Sign In or Register to comment.
Support CyberPanel CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!