Apache: Avoiding users to access 'www.foo.com/subdomain1/'

Question

I have an Apache server, which main rootwebdir is '/usr/www/users/foo/' and 'foo.com' points there. However, I have some subdomains pointing within their directories:

subdomain1.foo.com ---> /usr/www/users/foo/subdomain1
subdomain2.foo.com ---> /usr/www/users/foo/subdomain2

This causes me a problem: if anyone types 'www.foo.com/subdomain1/aboutme.html', they find 'subdomain1.foo.com/aboutme.html' with another URL, and I'd like to avoid it.

I wondered if there was any way to avoid this (e.g., showing a 404 page), by using a directive within the '.htaccess' file of '/usr/www/users/foo/subdomain1'.

Any other solution is welcome. Thank you very much.

Answer 1

You can use this rule in any subdomain directory's i.e subdomain1/.htaccess to block access using main domain foo.com:

RewriteEngine on    
RewriteCond %{HTTP_HOST} ^(www\.)?foo\.com$ [NC]
RewriteRule ^ - [F]

Answer 2

You can rewrite requests to the combination of a specific subdomain and a specific path to a custom error document. That should the easiest:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^subdomain1\.foo\.com$ [NC]
RewriteRule ^subdomain1 http://foo.com/not-found.html [L]

This can be done in a .htaccess style file or in the real http servers host configuration. The second option should be preferred whenever possible. .htaccess style files are notoriously error prone, hard to debug and the really slow down the server, often for nothing. They are only provided for situations where one does not have access to the real configuration (read: "cheap hosting providers") or where an application requires to write those files itself (which certainly is a security nightmare...).

The version for the http servers host configuration would be slightly shorter and more elegant, since the host is set implicitly:

RewriteEngine on
RewriteRule ^/subdomain1 http://foo.com/not-found.html [L]