SocialEngine / phpv4-feature-requests

The purpose of this repository is to collect SocialEngine PHP public feature requests.
https://www.socialengine.com
1 stars 0 forks source link

Prevent Redirection Of Folders In Htaccess #87

Open DonnaScriptTechs opened 7 years ago

DonnaScriptTechs commented 7 years ago

From @Elshara on April 12, 2017 22:19

(Thanks for reporting an issue! Please make sure you click the link above to view the issue guidelines, then fill out the blanks below.)

What are the steps to reproduce this issue?

  1. … Create a sub domain or directory folder elsewhere on your web server. Doesn't matter if it is in the root of your site, or in the same directory as the social engine installation or not.
  2. … Place a web script there. Doesn't matter what it is, but make sure it has an appropriate .htaccess file accompanying it. For instance, Word Press. Or something else.
  3. … Try to access the script from the site folder specified.

What happens?

… Social Engine dominates every other possible folder in your web server with too many htaccess conflicts which cannot be overridden unless social engine is placed in a type of isolated sub directory.

What were you expecting to happen?

… To be able to have social engine play nice with other scripts while redirecting 404 error pages to its own script files within reason.

Any logs, error output, etc?

(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)

Paste Log Here

Any other comments?

… If only social engine could redirect its redirection efforts to something more useful, like enforcing https or www configurations instead of making the rest of your web server inaccessible. The day couldn't come soon enough in my opinion.

What versions of software are you using?

Operating System: … Windows 10 personal. Linux web server.

SocialEngine PHP Version: … 4.8.13

Copied from original issue: SocialEngine/phpv4-issues#650

DonnaScriptTechs commented 7 years ago

I have my demo site running on the same server as two wordpress sites and all three work fine. They are all in subfolders.

On my local, I have several installs of SE, phpFox, VanillaForums, Wordpress, Oxwall, and a few others. I've not noticed any issues with any of them.

Do I need to do something special to test this? My live demo is on a PHP 5.6.23 Apache server. Local are the same set up.

DonnaScriptTechs commented 7 years ago

From @Elshara on April 17, 2017 22:40

The server is fine. The best way to describe this issue is look at the folder structure. As long as you have a .htaccess file, which references mod rewrite in some capacity, it depends whether or not social engine will let it manage page requests for the folder. If you don't have a .htaccess for the folder at all, it will definitely error out on you. The best way to describe my .htaccess experience is to use two social engine sites in two separate directories. Try doing it and you'll see one redirects you to the other. Even if it is in separate sub domains. This issue happens precariously. For instance, depending on the script you use, it will either work, or it won't. Comet chat used to have this problem a lot, now not really as much. The worst offenders that I've tested, definitely were Word Press and Dolphin Pro hands down. The reason for this is because they were caching directory contents which wasn't overriding social engine cache. And if you have an error 500 in your script, it would just index itself automatically to social engine anyways. I had to clear my dns cache just to view the script index.php file which wasn't in the cache itself. But yet when I installed things like vanilla forums, or even a private phpfox installation, this never happened. It let me straight through without the cache issue. And the folder structure for the cache is separate for each script. So it wasn't the cached files themselves as the issue. What I know for sure, is social engine is very picky when it comes to .htaccess management. Especially if it is placed in the main public_html directory. You have to place it there to replicate everything I've posted.

On 17/04/2017, DonnaB notifications@github.com wrote:

I have my demo site running on the same server as two wordpress sites and all three work fine. They are all in subfolders.

On my local, I have several installs of SE, phpFox, VanillaForums, Wordpress, Oxwall, and a few others. I've not noticed any issues with any of them.

Do I need to do something special to test this? My live demo is on a PHP 5.6.23 Apache server. Local are the same set up.

1.

-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/SocialEngine/phpv4-issues/issues/650#issuecomment-294553467

DonnaScriptTechs commented 7 years ago

From @RaymondBenc on May 2, 2017 9:33

For your .htaccess file you can try to replace the <IfModule mod_rewrite.c> section with just the following...

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)$ index.php?rewrite=1 [L,QSA]
</IfModule>

This should then not mess with any sub-dirs.