Akaunting .httaccess to OLS

edited July 9 in Web Server
I am wondering if I have the .htaccess conversion to OLS correct. I am getting a 404 error page when I try to load the website. Any insights are appreciated.

The website contains two .htaccess files:
  • /vendor/phenx/php-font-lib/.htaccess
  • ./.htaccess
The /vendor/phenx/php-font-lib/.htaccess has one rule in it and it is commented out so I just skipped the file.

The ./.htaccess contains the following information:
# Prevent Directory Listing
<IfModule autoindex>
	IndexIgnore *
</IfModule>

<IfModule mod_rewrite.c>
    # Prevent Directory Listing
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Prevent Direct Access to Protected Files
    <FilesMatch "(?i)(^artisan$|\.env|\.log)">
        Order deny,allow
        Deny from all
    </FilesMatch>

    # Prevent Direct Access To Protected Folders
    RewriteRule ^(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]

    # Prevent Direct Access To modules/vendor Folders Except Assets
    RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
I created a static context / with a directory of $DOC_ROOT:
context / {
  location                $DOC_ROOT
  allowBrowse             1
  autoIndex               0

  rewrite  {
    enable                1
# Prevent Direct Access To Protected Folders
RewriteRule ^/(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]

# Prevent Direct Access To modules/vendor Folders Except Assets
RewriteRule ^/(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/(.*)/$ /$1 [L,R=301]

# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^/ index.php [L]

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

  }
  addDefaultCharset       off
}
To take care of the FilesMatch I created another static context with a regular expression:
context /(?i)(^artisan$|.env|.log) {
  location                $DOC_ROOT
  allowBrowse             0

  addDefaultCharset       off

}
All of the options are taking care of except -MultiViews. Since OLS does not support MultViews, there is nothing for me to do.

Comments

  • edited July 9
    I fixed the Static Context and it works:
    context / {
      location                $DOC_ROOT
      allowBrowse             1
      autoIndex               0
    
      rewrite  {
        enable                1
    # Prevent Direct Access To Protected Folders
        RewriteRule ^(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]
    
        # Prevent Direct Access To modules/vendor Folders Except Assets
        RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]
    
        # Redirect Trailing Slashes If Not A Folder...
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule ^(.*)/$ /$1 [L,R=301]
    
        # Handle Front Controller...
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^ index.php [L]
    
        # Handle Authorization Header
        RewriteCond %{HTTP:Authorization} .
        RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
      }
      addDefaultCharset       off
    
      phpIniOverride  {
    
      }
    }
    I had an error in the second Static Context. It is now fixed:
    context exp: (?i)(^artisan$|.env|.log) {
      location                $DOC_ROOT
      allowBrowse             0
      addDefaultCharset       off
    }
  • Please always mention the installed version, it looks like you may be on 1.7 RC, which already have "/" static context, and you can put rewrite rules from CyberPanel (if you are rewriting them).
  • edited July 9
    I had the remove the . from the second Static Context. Now everything seems to be working fine.

    There is a conflict between the rewrite rules / and /.filesmanger. This conflict is fixed in version 1.7 RC. A workaround is to place the rewrite rules in the vhost rewrite rules file.
    context exp: exp: (?i)(^artisan$|env$|log$) {
      location                $DOC_ROOT
      allowBrowse             0
      addDefaultCharset       off
    }
  • I am using version 1.6
Sign In or Register to comment.
Support CyberPanel CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!