0

My Apache is rusty but I've been struggling just trying to create an admin on a shared hosting server for a client.

This is an old code igniter site and the PHP can specify where to go based on the URL.

In .htaccess, I'm trying to rewrite with:

RewriteCond %{HTTP_HOST} ^staging\.admin\.example\.com$
RewriteRule ^$ "http\:\/\/staging\.example\.com\/admin\.index\.php"[L]

At the moment, I'm only trying to get this far without a 500 error.

Afterwards though, I want to protect the admin area, for which I intend to try:

SetEnvIf Host admin.staging.example.com passreq
AuthType Basic
AuthName "Password Required"
AuthUserFile /home/user/.htpasswds/admin.staging.example.com/.htpasswd
Require valid-user
Order allow,deny
Allow from all
Deny from env=passreq
Satisfy any

I'm now told that the hosting provider will enable mod_env at the same time they move us to a server that will allow SSH login (I insist on this).

This is Apache 2.4. Can anybody see where I'm going wrong, or have an alternate suggestion?

Thanks! Chris

henryC
  • 65
  • 11
  • Where does `admin.example.com/` point to on the filesystem in relation to `example.com/`? "Use a different index.php" - presumably this is a front-controller? What are the URLs you want to route to this alternative front-controller? What's in your .htaccess? By including an absolute URL in the _substitution_ string mod_rewrite will implicitly trigger an external redirect (not a rewrite). You have no _space_ between the _flags_ and _substitution_ argument (which will result in a malformed redirect). What does mod_env have to do with this? (mod_env should already be available.) – MrWhite Jan 12 '19 at 16:47
  • The site has been up and running for 10 years but one of the things I want to do is create a better directory structure. Right now there is a main application and an admin application that reside up above DOCROOT, at the same level as other domains on the same shared hosting account, which doesn't feel right. On top of that at the moment the auth lets user in even if you click "cancel", another issue. So I've tried various permutations but at the moment I'm trying to point admin.example.com to admin.example.com/index.php (same as main site) and let the php decide to go to main/admin. – henryC Jan 13 '19 at 05:44
  • At one point I was trying to use a different front controller for admin, and in various attempts I either had it at DOCROOT, or DOCROOT/admin. So the latest version is just trying to point example.com and admin.example.com to index.php, and have index.php decide which main php application code to work with, and whether or not to use http basic auth. I'm not sure where that "no space" came from. It's not like that now. I will post the current .htaccess. mod_env comes in if I wanted to use the SetEnv method. I don't see mod_env as being in place, according to phpinfo(). – henryC Jan 13 '19 at 05:50
  • Here is the current .htaccess I'm trying. As far as I can tell, I did not create this file. I am only trying to get the admin part properly set up. https://gist.github.com/chrisco23/ad59597cbc334bccaf009fbd1f005974#file-gistfile1-txt – henryC Jan 13 '19 at 06:05
  • Sorry, I'm still not sure what you are trying to do? "that reside up above DOCROOT" - don't you mean _below_ the DOCROOT? (If you do mean "above", then how is this accessed by the user?) "I was trying to use a different front controller for admin" - that would seem to be what your question is focused on and is how @Arun has answered. Is his answer not useful? (Although the existing answer only rewrites requests for the root - no URL-path - which is probably not what is required - but this is what the directive in your question is trying to do, hence the confusion.) – MrWhite Jan 13 '19 at 11:44
  • I see from your linked `.htaccess` file that the URL-path is passed as PATH_INFO to `index.php` - you are not simply rewriting to it - is this a requirement, is this how your PHP code fetches the URL? "mod_env comes in if I wanted to use the SetEnv method" - yes. But mod_env is compiled and loaded into Apache by default (unlike mod_rewrite) - I would be very surprised if this is not already available. – MrWhite Jan 13 '19 at 11:48
  • 1
    What I finally ended up doing was scrapping the whole .htaccess file and starting fresh. I don't know what the problem really was but getting rid of all that junk in that file seems to have solved me. My whole goal here really was just to have an admin subdomain and have it protected by at least basic auth. The auth part I still struggled with for some reason but I believe I have it working now using PHP to trigger basic auth, for whatever reason. Thanks also @Arun for your help. – henryC Jan 14 '19 at 22:10

1 Answers1

2

Don't use double quotes for 2nd line, try below code.

RewriteEngine On
RewriteBase /
# for main domain
RewriteCond %{HTTP_HOST} ^(www\.)?example\.com$ [NC]
RewriteRule ^$ /index.php [L]
# for subdomain
RewriteCond %{HTTP_HOST} ^subdomain\.example\.com$ [NC]
RewriteRule ^$ /subdirectory/index.php [L]
MrWhite
  • 43,179
  • 8
  • 60
  • 84
Arun Kumar MG
  • 148
  • 1
  • 11