Reputation: 3044
How to apply RewriteRule properly on forbidden files?
The goal
If the request is http://⋯/.htaccess,
do not display the content of that file,
show an ErrorDocument 403 instead,
rewriting only http:// to https://.
The problem
The URL is rewritten to https://⋯/403.shtml,
instead of the desired https://⋯/.htaccess.
The details
The ErrorDocument 403 and the protection of the
.htaccess are set up by the web hosting provider.
The HTTPS rewrite is set up in the .htaccess file:
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule .* https://%{HTTP_HOST}/$0 [L,QSA,R=301]
Upvotes: 1
Views: 307
Answers (2)
Reputation: 3044
<If "%{HTTPS} != 'on'">
Require all granted
RewriteEngine on
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA,R=301]
</If>
Upvotes: 1
Reputation: 45958
Set the following in your .htaccess file to reset the default 403 Apache ErrorDocument:
ErrorDocument 403 default
The ErrorDocument 403 and the protection of the .htaccess are set up by the web hosting provider.
It looks like the host has configured the ErrorDocument directive with an absolute URL to the 403.shtml document, which will naturally trigger a 302 redirect instead of an internal subrequest.
Upvotes: 0
Related Questions
- In a .htaccess in Apache 2.4, the custom ErrorDocument 403 page not displayed on Require all denied
- order deny,allow not working in htaccess
- .htaccess RewriteRule forbidden except folder
- Deny files with .htaccess
- Apache 2.4 .htaccess file doesn't deny access
- .htaccess deny from all, redirect to 404 page and except for 2 files
- Forbidden access to files in a specific folder
- Deny access to all files not caught by a mod_rewrite rule
- .htaccess access restriction not working
- Using .htaccess to restrict access to files