How to work with .htaccess files in concrete5 website?
Permalink
concrete5 newbie here. I need to place an .htaccess file in the same directory of a webpage created with concrete5. Can anyone tell me how to do this?
Suppose I create a "Contact Us" webpage. I can't locate where this page is stored in the concrete5 directories. I suppose it mostly exists in a database, and perhaps there is no directory for public_html/conc/contactus.html (for example).
So, how do people place .htaccess files throughout a website to control access to specific webpages? Is this even possible?
In a traditional html development environment, this is dirt simple. Just locate the directory of interest and drop in an .htaccess file. What's the equivalent in concrete5?
Suppose I create a "Contact Us" webpage. I can't locate where this page is stored in the concrete5 directories. I suppose it mostly exists in a database, and perhaps there is no directory for public_html/conc/contactus.html (for example).
So, how do people place .htaccess files throughout a website to control access to specific webpages? Is this even possible?
In a traditional html development environment, this is dirt simple. Just locate the directory of interest and drop in an .htaccess file. What's the equivalent in concrete5?
Suppose I have the following in an .htaccess file in a traditional HTML website, sitting in the same directory as the contactus.html webpage:
# Only permit access from links coming from my website (e.g.http://www.mydomain.com).
SetEnvIf Referer http://www.mydomain.com internal
<Files *>
order Deny,Allow
Deny from all
Allow from env=internal
</Files>
What is the recommended method to incorporate this functionality into concrete5? Can you be pretty specific?
I'm not that advanced, but I believe the rule in the .htaccess file applies to all files/folders at its level and below in the directory tree. So, placing this in concrete5's root folder .htaccess file won't have the proper functionality because I only want to restrict specific webpages, not the entire site. Unless there's someway to specify this I'm not aware of in the htaccess file.
The permissions page in concrete5 doesn't allow me to cut and paste htaccess rules. It seems to be setup for access based on admins and registered users. In my case, visitors are not registered so I can't restrict based on that. I don't see that I can fit these rules into permissions but let me know if I'm missing something here.
# Only permit access from links coming from my website (e.g.http://www.mydomain.com).
SetEnvIf Referer http://www.mydomain.com internal
<Files *>
order Deny,Allow
Deny from all
Allow from env=internal
</Files>
What is the recommended method to incorporate this functionality into concrete5? Can you be pretty specific?
I'm not that advanced, but I believe the rule in the .htaccess file applies to all files/folders at its level and below in the directory tree. So, placing this in concrete5's root folder .htaccess file won't have the proper functionality because I only want to restrict specific webpages, not the entire site. Unless there's someway to specify this I'm not aware of in the htaccess file.
The permissions page in concrete5 doesn't allow me to cut and paste htaccess rules. It seems to be setup for access based on admins and registered users. In my case, visitors are not registered so I can't restrict based on that. I don't see that I can fit these rules into permissions but let me know if I'm missing something here.
You are correct in your assumption. This will likely be a pain to implement in concrete5 (if it's even possible).
In theory, you might be able to create a url_rewrite rule, such that when the url you are trying to access is not an internal referrer, it redirects you to some 403 error page.
This site looks to be promising what you're after potentially:https://httpd.apache.org/docs/2.2/rewrite/access.html...
In theory, you might be able to create a url_rewrite rule, such that when the url you are trying to access is not an internal referrer, it redirects you to some 403 error page.
This site looks to be promising what you're after potentially:https://httpd.apache.org/docs/2.2/rewrite/access.html...
Because the URLs don't match the folder structure necessarily (because it's a CMS and not a static site) - I think you'd need to place your directive in the .htaccess file in the top level folder or in your Apache virtual server definition. You'd then use <Location> to apply your rule to a specific URL. Something along these lines would work I think:
That probably will require some tweaking but should be close.
SetEnvIf Referer www\.mydomain\.com internal <Location /contact-us/> order Deny,Allow Deny from all Allow from env=internal </Location>
That probably will require some tweaking but should be close.
If you are trying to control access to certain pages you should do that with Permissions through the CMS instead of with a .htaccess file.
If you must do it with a .htaccess file you could try making folders in your directory structure that match the path of your page and put it in there, not sure if that will work or not though.
So if your page was /contact-us/ you would create a folder in your root that was called conatct-us and then put your .htaccess file in there. Haven't ever tried to do that, but it might work.
If you must do it with a .htaccess file you could try making folders in your directory structure that match the path of your page and put it in there, not sure if that will work or not though.
So if your page was /contact-us/ you would create a folder in your root that was called conatct-us and then put your .htaccess file in there. Haven't ever tried to do that, but it might work.
If you're looking to control access, perhaps look at Concrete5's built in page permissions. Usually they are the better way to go than junking up a file system file.