Silverstripe htaccess
我有一个Silverstripe平台的网站,有重复的网址为www,非www,http和https
似乎有多种解决方案,但没有确定的答案。有没有人知道Silverstripe的htaccess文件的正确代码?
我想让所有页面指向https ://www
这是htaccess文件中的当前代码-
ErrorDocument 401 /base/401.txt
### SILVERSTRIPE START ###
# Deny access to templates (but allow from localhost)
<Files *.ss>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Order deny,allow
Deny from all
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files ~ "\.ya?ml$">
Order allow,deny
Deny from all
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_env.c>
# Ensure that X-Forwarded-Host is only allowed to determine the request
# hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
# Note that in a future release this setting will be always on.
SetEnv BlockUntrustedIPs true
</IfModule>
<IfModule mod_rewrite.c>
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
<IfModule mod_dir.c>
DirectoryIndex disabled
</IfModule>
RewriteEngine On
# non-www to www redirect
#RewriteCond %{HTTP_HOST} ^bolstered.com.au$ [NC]
#RewriteRule (.*) https://www.bolstered.com.au/$1 [R=301,L]
# http to https redirect
#RewriteCond %{HTTPS} !=on
#RewriteRule ^ (.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Enable HTTP Basic authentication workaround for PHP running in CGI mode
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !\.php$
RewriteRule .* index.php?url=%1&%{QUERY_STRING} [L]
</IfModule>
### SILVERSTRIPE END回答 1
Stack Overflow用户
发布于 2020-07-11 23:49:02
我通常保持### SILVERSTRIPE START ###和### SILVERSTRIPE END ###之间的silverstripe部分不变,并且只将我的规则放在SilverStripe的规则之前或之后。
拥有两次RewriteEngine On是没有问题的。
我也没有费心去检查mod_rewrite是否存在,因为我的所有服务器都会启用它,我不会让客户端在没有它的情况下将它放在服务器上。
下面是我通常在silverstripe项目中使用的.htaccess的完整示例:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^localhost [NC]
RewriteCond %{HTTP_HOST} !^127.0.0.1 [NC]
RewriteCond %{HTTPS} !on [OR]
RewriteCond %{HTTP_HOST} !^www\.examle\.org [NC]
RewriteRule ^ https://www.examle.org%{REQUEST_URI} [R=301,L]
### SILVERSTRIPE START ###
# Deny access to templates (but allow from localhost)
<Files *.ss>
Require ip 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Require all denied
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files ~ "\.ya?ml$">
Require all denied
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_rewrite.c>
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
<IfModule mod_dir.c>
DirectoryIndex disabled
DirectorySlash On
</IfModule>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
# Enable HTTP Basic authentication workaround for PHP running in CGI mode
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule ^\.env - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
RewriteRule (error|silverstripe|debug)\.log - [F,L,NC]
RewriteRule ^Security - [F,L,NC]
# Process through SilverStripe if no file with the requested name exists.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* index.php
</IfModule>
### SILVERSTRIPE END ###分步说明:
- 打开重写引擎
上的RewriteEngine
- 4
RewriteCond是连接到其下面的RewriteRule的所有条件。
RewriteCond %{HTTP_HOST} !^localhost NC RewriteCond %{HTTP_HOST} !^127.0.0.1 NC RewriteCond %{HTTPS} !on OR RewriteCond %{HTTP_HOST} !^www.examle.org NC
除非您添加一个AND,否则多个条件将成为一个逻辑[OR]。
[NC]代表无大小写,因此不区分大小写
前两个是localhost/127.0.0.1的例外,以确保我在工作站上开发时不会执行重定向。
%3正在检查https是否已关闭
4正在检查域名是否正确
所以用伪代码来说,它是这样的:
if ($HTTP_HOST !=“本地主机”&& $HTTP_HOST != "127.0.0.1“AND ($HTTPS != "on”OR $HTTP_HOST != "www.examle.org") { do_redirect();}
- 实际的重定向
RewriteRule ^ https://www.examle.org%{REQUEST_URI} R=301,L
它重定向到所需的域,并将路径(/foo/bar)和查询参数(?foo=bar)附加到该域。
R=301是http响应码。如果你想要一个临时的重定向,你可以设置为302。
我认为L的意思是Last,它会在此时停止处理,并且不会继续尝试下面的其他规则。
替代方案:
.htaccess是最好的方法。但值得指出的是,这并不是唯一的选择。
你可以用普通的PHP,在任何/大多数any服务器的配置中,...SilverStripe有内置的方法来进行检查和重定向:
Director::forceSSL();
Director::forceWWW();但如前所述,.htaccess要好得多(速度快得多,而且只有一次重定向)
https://stackoverflow.com/questions/62846007
复制相似问题
腾讯云开发者
