Running WordPress web sites, some stand –alone others multi-site.
Goal: Any request for files in a folder directly by their URL be redirected to root or specified URL. If requests for those same files come from a link or a call via WordPress within the domain allow it.
Since WordPress uses rewrite rules in root, I am concerned that using rewrite rules in htaccess files in subfolders may cause issues with WordPress. Hence, my thought to redirect back to root thinking that the rewrite rules there will over ride previous rules from a subfolder. However, this may not be an issue since my goal is for requests that do not go through root, that is, through WordPress be redirected.
And, I’m really weak on htaccess use. I assume that an htaccess file in root can set up rules between the server and the visitor, and these are the rules to abide by while communicating with the server until another set of rules come into play via another htaccess file with new instructions or conditions. Then these new rules remain intact until changed once again. Is this assumption correct? Or does a new htaccess add to, rather than replace the previous set of rules?
The rule for .htaccess files is that they are accessed and parsed in order of the path of the request, i.e., the DocumentRoot’s .htaccess is acted upon first, then the next directory’s .htaccess until the file is served.
What you described told me a few things:
WP will pass any request to an existing file or directory without redirecting to its index.php (request handler).
There is something wrong with your subdirectory’s .htaccess if it’s looping back to the DocumentRoot. It does not replace the DocumentRoot’s .htaccess but only adds to it … within its directory!
More information gets a better answer (i.e., what’s wrong with the subdirectory’s .htaccess logic).
Well, there is no htaccess in the folders of concern - yet. WP will deliver up page content when called by itself, such as images, PDF, Doc, etc. And, the same content can be accessed and called by a direct link without having to even visit root, and it is this I want to prevent, but also if such a direct request is made, redirect to root which will cause the WP home page to come up. (or perhaps instead of root, the WP log in page).
My inquiry is figure out “how to” create a htaccess file with the proper content to accomplish this before going on a long trial and error process. And I am concerned that having such a htaccess file in a sub-folder causing a redirect to root that it would conflict with the root’s htaccess file. Root htaccess file has rewrite rules and conditions, and I assume that to accomplish what I looking for would also require the sub-folder haccess file to contain rewrite rules and conditions.
I suppose I could just cause any request to the sub-folder to be disallowed via a htaccess file, but it is the redirect I’m looking for.
In the directory /www/htdocs/example1 we have a .htaccess file containing the following:
Options +ExecCGI
In the directory /www/htdocs/example1/example2 we have a .htaccess file containing:
Options Includes
Because of this second .htaccess file, in the directory /www/htdocs/example1/example2, CGI execution is not permitted, as only Options Includes is in effect, which completely overrides any earlier setting that may have been in place.
Ahh, yes. I forgot about the second half of your goal, that the request should be allowed if the user came from a link on your site. For that, we’ll check the referrer.
# If this request did not come from your site
RewriteCond %{HTTP_REFERER} !^[^:]+://your-domain.com/
# Then redirect any request for files in a folder be redirected to root or specified URL
RewriteRule ^your/special/folder/ /specified/url [R,L]