Bypassing SilverStripe in cases where a directory exists on the server?
334 views
Skip to first unread message
Sam Minnee
Jun 24, 2009, 1:15:31 AM6/24/09
to SilverStripe Development
Hi everyone,
Discussed on this thread is a problem with hosting a SilverStripe site
alongside another application:
http://www.silverstripe.org/general-questions/show/255398?start=0#post263135
For example, if you have a phpBB forum hosted at http://www.example.com/phpbb/
and a SilverStripe site hosted at http://www.example.com/, then it
won't work, because phpbb/ isn't a file, it's a directory
The solution is to edit the .htaccess file in the root of your site
Change this:
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
To this:
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
In other words, add the "-d" line.
My question is - should we put this in the default install of a future
release? What this would mean is that URLs like /assets, /sapphire, /
cms/, and /jsparty could never be used in a SilverStripe application.
Alternatively, we could get more fancy and still process the URL with
SilverStripe in situations where the directory was part of the
SilverStripe, perhaps by looking for a (rootdir)/_config.php file, as
we do in the manifest. Although I'm not sure if that will make the
URL handling too tweaky and complex, and make it more difficult to
port to servers other than Apache.
Thoughts?
Discussed on this thread is a problem with hosting a SilverStripe site
alongside another application:
http://www.silverstripe.org/general-questions/show/255398?start=0#post263135
For example, if you have a phpBB forum hosted at http://www.example.com/phpbb/
and a SilverStripe site hosted at http://www.example.com/, then it
won't work, because phpbb/ isn't a file, it's a directory
The solution is to edit the .htaccess file in the root of your site
Change this:
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
To this:
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
In other words, add the "-d" line.
My question is - should we put this in the default install of a future
release? What this would mean is that URLs like /assets, /sapphire, /
cms/, and /jsparty could never be used in a SilverStripe application.
Alternatively, we could get more fancy and still process the URL with
SilverStripe in situations where the directory was part of the
SilverStripe, perhaps by looking for a (rootdir)/_config.php file, as
we do in the manifest. Although I'm not sure if that will make the
URL handling too tweaky and complex, and make it more difficult to
port to servers other than Apache.
Thoughts?
Nivanka Fonseka
Jun 24, 2009, 1:37:34 AM6/24/09
to silverst...@googlegroups.com
Hi,
cant we have an interface to add folders to this through the CMS, so we can restrict the important folders mysite, jsparty, sapphire, etc. What do you think of it?
Nivanka--
Nivanka Fonseka
Senior Software Engineer
whynotonline.com - Limited Liability Company
Skype: nivanka.fonseka
Twitter: @nivankafonseka
cant we have an interface to add folders to this through the CMS, so we can restrict the important folders mysite, jsparty, sapphire, etc. What do you think of it?
Nivanka
Nivanka Fonseka
Senior Software Engineer
whynotonline.com - Limited Liability Company
Skype: nivanka.fonseka
Twitter: @nivankafonseka
Roel Gloudemans
Jun 24, 2009, 1:39:32 AM6/24/09
to silverst...@googlegroups.com
I would not add the -d to the default config. It exposes a complete file list in those directories as wel (if Indexes is turned on by default).
Also, if a site has more directories in the webroot, those will be excluded as well. For large sites, content administrators might not even know which directories exist.
I would opt for a modification of the installation wizard. Ask for any directories that should be excluded during installation.
Cheers,
ROel.
Also, if a site has more directories in the webroot, those will be excluded as well. For large sites, content administrators might not even know which directories exist.
I would opt for a modification of the installation wizard. Ask for any directories that should be excluded during installation.
Cheers,
ROel.
Sam Minnee
Jun 24, 2009, 2:13:39 AM6/24/09
to SilverStripe Development
> I would opt for a modification of the installation wizard. Ask for any directories that should be excluded during installation.
Good call. I suppose that people would need to edit .htaccess
manually if they wanted to change this in the future?
Roel Gloudemans
Jun 24, 2009, 2:35:24 AM6/24/09
to silverst...@googlegroups.com
Yes, that should be no problem. To help out a few lines of comments could be added to the htaccess file.
----- Original Message -----
From: "Sam Minnee" <sam.m...@gmail.com>
To: "SilverStripe Development" <silverst...@googlegroups.com>
----- Original Message -----
From: "Sam Minnee" <sam.m...@gmail.com>
To: "SilverStripe Development" <silverst...@googlegroups.com>
Nivanka Fonseka
Jun 24, 2009, 3:31:45 AM6/24/09
to silverst...@googlegroups.com
Yes letting them to edit the .htaccess is a must I think.
Sigurd Magnusson
Jun 24, 2009, 7:09:32 AM6/24/09
to silverst...@googlegroups.com
Isn't there a RewriteCond to exclude a specific folder, as something
that would be like this psuedocode? "RewriteCond exclude /phpbb/"
If so, my suggestion would be to have an example like that as a
comment in the .htaccess file. It is nice to have self-documenting
files like that...
that would be like this psuedocode? "RewriteCond exclude /phpbb/"
If so, my suggestion would be to have an example like that as a
comment in the .htaccess file. It is nice to have self-documenting
files like that...
E.g. just add to the .htaccess file:
## To exclude a specific folder just do this: ...code...
It seems the -d option is unpopular, and the other suggestions to have
a web-based system to do this are a lot of work for a fairly rarely
needed function.
Sigurd
Sean Harvey
Jun 24, 2009, 8:08:12 AM6/24/09
to silverst...@googlegroups.com
It still makes sense to ask for this up-front in the installation
steps if you ask me.
It's not that difficult to get the installer to write rules for a list
of directories
that should be excluded, and people won't have to muck around with
the .htaccess file
after installation.
Comments can be added above the rule explaining how this can be edited
to add more
excluded directories. It makes sense to do this anyway because
the .htaccess file is
dynamically written whenever SS is first installed, AFAIK.
I believe the proper rewrite code for excluding dirs would be
something like this (included
as the first condition in the .htaccess file):
RewriteRule ^(phpbb|someotherdir) - [L]
Sean
steps if you ask me.
It's not that difficult to get the installer to write rules for a list
of directories
that should be excluded, and people won't have to muck around with
the .htaccess file
after installation.
Comments can be added above the rule explaining how this can be edited
to add more
excluded directories. It makes sense to do this anyway because
the .htaccess file is
dynamically written whenever SS is first installed, AFAIK.
I believe the proper rewrite code for excluding dirs would be
something like this (included
as the first condition in the .htaccess file):
RewriteRule ^(phpbb|someotherdir) - [L]
Sean
DesignCity
Jul 29, 2009, 1:11:00 AM7/29/09
to SilverStripe Development
In my experience this doesn't work for every server installation, and
isn't necessary for many. Installing SS into a subdirectory doesn't
require any changes to the root-level .htaccess and simply requires
the RewriteBase is set correctly in the subfolder.
A far simpler solution seems to be adding "RewriteEngine Off" on
the .htaccess of the subdirectory. This works for any subfolder that
you don't need URL rewriting. And for any folder you do need
rewriting, it seems ensuring the RewriteBase is correct overwrites the
root-level rewrites.
I haven't tested extensively, however the above works on the couple of
servers I've tested on no problems. Excuse me if I'm mistaken ;)
isn't necessary for many. Installing SS into a subdirectory doesn't
require any changes to the root-level .htaccess and simply requires
the RewriteBase is set correctly in the subfolder.
A far simpler solution seems to be adding "RewriteEngine Off" on
the .htaccess of the subdirectory. This works for any subfolder that
you don't need URL rewriting. And for any folder you do need
rewriting, it seems ensuring the RewriteBase is correct overwrites the
root-level rewrites.
I haven't tested extensively, however the above works on the couple of
servers I've tested on no problems. Excuse me if I'm mistaken ;)
Siddharth Menon
Jul 31, 2009, 12:53:39 AM7/31/09
to SilverStripe Development
This came right in time. I was also seriously considering adding /
Forums to my root
But had not tested SS and Forums in Root.
I would be really g8 if we can have this option to exclude /forums
query from reaching Sapphire and
directly redirect to subfolder as exclusion. If so then we can save on
cpu too if we can directly do this at .htaccess
Regards
Siddharth Menon
Forums to my root
But had not tested SS and Forums in Root.
I would be really g8 if we can have this option to exclude /forums
query from reaching Sapphire and
directly redirect to subfolder as exclusion. If so then we can save on
cpu too if we can directly do this at .htaccess
Regards
Siddharth Menon
Reply all
Reply to author
Forward
0 new messages