View Issue Details

Jump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0003095OXID eShop (all versions)4.05. Performancepublic2011-07-28 14:432015-03-12 16:51
ReporterLinas Kukulskis Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
Status closedResolutionsuspended 
Target Version4.8.5 / 5.1.5 
Summary0003095: .htaccess files
DescriptionHi everybody
 
Out of curiosity I looked into the various .htaccess files (4 in CE and 5 in PE).
 
I’m no expert in this matter and I could be wrong (if so please enlighten me) but to my understanding I found out the following:
1. some lines are inconsistent the way they are written
2. some lines are redundant
3. some lines could be ported into the .htaccess in the root
 
Do you see any problem with having only one .htaccess file in the root?
It should work and the performance doesn't change anyway according to the Apache manual (http://httpd.apache.org/docs/2.0/howto/htaccess.html):

Further note that Apache must look for .htaccess files in all
higher-level directories, in order to have a full complement of
directives that it must apply. (See section on how directives are
applied.) Thus, if a file is requested out of a directory
/www/htdocs/example, Apache must look for the following files:
 
/.htaccess
/www/.htaccess
/www/htdocs/.htaccess
/www/htdocs/example/.htaccess

 
Possible changes are marked ad [1], [2], [3]:
 
---------------------
.htaccess from /: (everything’s ok, just for your convenience listed)
---------------------
<IfModule mod_rewrite.c>
 
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
 
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
 
RewriteCond %{REQUEST_URI} oxseo\.php$
RewriteCond %{QUERY_STRING} mod_rewrite_module_is=off
RewriteRule oxseo\.php$ oxseo.php?mod_rewrite_module_is=on [L]
 
RewriteCond %{REQUEST_URI} !(\/admin\/|\/core\/|\/export\/|\/modules\/|\/out\/|\/setup\/|\/tmp\/|\/views\/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !(\.html|\/|\.jpg|\.css|\.pdf|\.doc|\.gif|\.png|\.js|\.htc)$ %{REQUEST_URI}/ [R=301,L]
 
RewriteCond %{REQUEST_URI} !(\/admin\/|\/core\/|\/export\/|\/modules\/|\/out\/|\/setup\/|\/tmp\/|\/views\/)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (\.html|\/)$ oxseo.php
 
 
</IfModule>
 
# disabling log file access from outside
<FilesMatch "(EXCEPTION_LOG\.txt|\.log$|\.tpl$|pkg.rev)">
order allow,deny
deny from all
</FilesMatch>
 
Options -Indexes
DirectoryIndex index.php index.html
 
---------------------
.htaccess in /admin/wysiwygpro/temp/:
---------------------
deny from all [1] [2]
 
---------------------
.htaccess in /admin/tpl/:
---------------------
AuthUserFile /dev/null [1]
AuthName Forbidden [1]
AuthType Basic [1]
 
<Limit GET POST> [1]
require valid-user [1]
</Limit> [1]
 
---------------------
.htaccess in /log:
---------------------
# disabling file access [2] [3]
<FilesMatch .*> [1] [2] [3]
order allow,deny [2] [3]
deny from all [2] [3]
</FilesMatch> [2] [3]
 
Options –Indexes [2] [3]
 
---------------------
.htaccess in /tmp:
---------------------
# disabling log file access from outside [2] [3]
<FilesMatch .*> [1] [2] [3]
order allow,deny [2] [3]
deny from all [2] [3]
</FilesMatch> [2] [3]
 
Options -Indexes [2] [3]
 
 
 
Regards
Marc
Tagshtaccess
ThemeBoth
BrowserAll
PHP Versionany
Database Versionany

Activities

svetlana

2014-03-28 10:02

reporter   ~0009725

waiting for the PO decision.

QA

2015-03-12 16:51

administrator   ~0010792

Last edited: 2015-03-18 10:07

 moved to backlog