2

What does this mean:

RewriteRule "(^|/)\." - [F]

I know the F flag means to throw a 403 forbidden error. And I know the escaped period means that directories starting with a period are forbidden. But what is the meaning of the caret, pipe and slash within the parenthesis? What would be the difference between the statement above and this one:

RewriteRule "\." - [F]

What if I wanted to flag URLs as forbidden when they start with a period but with an exception for this directory:

.well-known

Update: It looks like I can satisfy the latter requirement with...

RewriteRule "(^|/)\.(?!well-known)" - [F]

I'm still wondering what is the meaning of the caret, pipe and slash within the parenthesis.

arnoldbird
  • 125
  • 5
  • The caret usually signifies the beginning (of a string or line or variable etc) and I think the `|` is an OR, so it would be looking for `^.` a full stop at the beginning (root) or `/.` in the middle. (but making a full stop in another place ok - `/sksks.sks/okplace`) – Smock Nov 11 '19 at 16:03
  • Does (^|/) mean something like "nothing at all or a forward slash"? If so, why would we need to express the "nothing at all" part? – arnoldbird Nov 11 '19 at 16:22
  • 1
    For root folders beginning with a `.` with no leading `/` ? – Smock Nov 11 '19 at 16:23
  • "directories starting with a period are forbidden" - more commonly _files_ (eg. `.htaccess`). But in reality _any URL-path segment_ that starts with a period (which may or may not map to a physical file or directory). Unless you have specific dot-files you need to block access (which is best done with a `` container and mod_authz_core) then this directive may not be required anyway? The server should already have directives that block `.htaccess` and `.htpasswd`-like files. – MrWhite Nov 11 '19 at 17:21

1 Answers1

0

^ and $ are special characters that represent the beginning and end of strings (or lines)

the | is an OR symbol

(^|/)\. expands to ^. or /. (without escaping slash for clarity)

^. = any string that has a . as the first character

/. = any string with a /.

Smock
  • 141
  • 7
  • I was editing this while you were ArnoldBird - it says the edits conflicted - Please go ahead and edit now if still needed. – Smock Nov 11 '19 at 16:41
  • Is it worth adding the part of the answer you found yourself? (about all forbidden except ) – Smock Nov 11 '19 at 16:43