Solved

.htaccess rewrite based on referrer

Posted on 2006-10-30
7
448 Views
Last Modified: 2012-05-05
Hi, I am trying to create rewrite rules to acheive the following (using example.com as an example):

1) Any sub-domain of example.com (including no sub-domain) is resolved to www.example.com
2) Any request that does not come from an in-site link (i.e. the referrer is not www.example.com) is redirected to the homepage (http://www.example.com/)
3) Any request that IS from an in-site link passes through and is served normally.
4) I need to be able to add further rewrite rules that will operate just on the requests that have passed through from (3).

Here's what I have so far:

      # Enable rewrite engine
      RewriteEngine On

      # Rewrite any sub-domain requests to use www.example.com
      RewriteCond      %{HTTP_HOST}            !^www\.example\.com$ [NC]
      RewriteRule      .*                        http://www.example.com/ [R,L]

      # If the referrer is not www.example.com and the request is not for the homepage,
      # redirect to the homepage
      RewriteCond      %{HTTP_REFERER}            !http://www\.example\.com/ [NC]
      RewriteRule      !^/$                        http://www.example.com/ [R,L]

Using the above, the initial rule seems to work, and the address bar updates as expected, but the second rule is causing problems.  Firefox quickly reports "Firefox has detected that the server is redirecting the request for this address in a way that will never complete." whilst IE5.5 struggles on gamely for quite a while before giving up and presenting a blank page.  Clearly I have a redirect loop going on here.

The final rewrite rule (rewrite any calls that aren't directly to the homepage) should only match request that were external referrals (including typing in the address bar or clicking on a bookmark) that are NOT to the homepage, however it seems to be matching ALL requests and causing the loop.  I don't quite understand this.

How can I fix this to do what I want? I am using Apache/1.3.29 (Unix).
0
Comment
Question by:FartingUncle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 16

Expert Comment

by:HackneyCab
ID: 17835343
I believe this is happening because the HTTP_REFERER is passed as-is by the redirect. It is not updated when mod_rewrite goes to work.

So your second rule says: referrer is empty, so redirect to the root (with an empty referrer) and test again. So it goes round and round.

Try adding this condition, so that requests for the root are ignored by the rewrite:

RewriteCond %{REQUEST_URI} !^/$

Then the redirect to http://www.example.com/ should mean that this new RewriteCond is not met, so the rewrite doesn't happen a second time.
0
 
LVL 1

Author Comment

by:FartingUncle
ID: 17835361
I have also tried the following patterns instead of !^/$

!^$
^.+$
^..+$
^.+
^..+
.+
..+

All gave the same result.
0
 
LVL 1

Author Comment

by:FartingUncle
ID: 17835418
(previous comment posted before reading response from HackneyCab)

OK - I added that line between the last RewriteCond and RewriteRule, but got the same result.  Are you sure that REQUEST_URI is updated after the redirect?

I don't see why it would matter if the referrer is unaltered by the redirect (actually, that's the desired behaviour), as the pattern in the RewriteRule line should block it (whether the first request or as the result of a redirect).

i.e.
    http://example.com/ 
    => http://www.example.com/ (via first rule)

    http://www.example.com/test
    => http://www.example.com/  (via second rule because of bad referrer)

    http://www.example.com/  (no redirect)

In all 3 examples, the RewriteRule should stop any further rewriting after a request for/redirect to the homepage has occurred - I don't understand why that isn't happening...
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 16

Accepted Solution

by:
HackneyCab earned 125 total points
ID: 17838602
Okay, this is a bit of a burn. Sometimes REQUEST_URI is simply / and sometimes it gets changed to /index.php (on my test rig, it may be /index.html on your rig).

This works for me, though:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !http://127\.0\.0\.1/testarea [NC]
RewriteCond %{REQUEST_URI} !^/testarea/(index.php)?$
RewriteRule .* http://127\.0\.0\.1/testarea/ [R,L]

(my testarea on my local machine).

The first condition requires that the referrer is not a page on our machine. The second condition requires that the REQUEST_URI is neither the root (well, /testarea is the root in my case, yours will be simply / instead), nor the directory index page (usually index.html, but index.php in my case).

If both conditions are met, then the request is redirected to the root (/testarea/ in my case) no matter what request the user makes.
0
 
LVL 1

Author Comment

by:FartingUncle
ID: 17839479
Fantastic!  I made a few tweaks (replace index.php with index\.php on line 3, and remove the slashes from line 4 (127\.0\.\1 => 127.0.0.1, though obviously with my own settings), but you've solved it for me.  Thank you so much!
0
 
LVL 16

Expert Comment

by:HackneyCab
ID: 17841106
How did I manage to get the slashes all in the wrong place? That's what haste does to me.

Glad it works for you now.
0
 
LVL 1

Author Comment

by:FartingUncle
ID: 17841710
*grin*
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question