From c852acea7703d36f47ba3f88d3ce5f3f61982794 Mon Sep 17 00:00:00 2001 From: Lars Gebhardt-Kusche Date: Thu, 27 Nov 2025 01:06:35 +0100 Subject: [PATCH] htaccess --- public/.htaccess | 68 +++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 38 deletions(-) diff --git a/public/.htaccess b/public/.htaccess index 36826f5..1b9e091 100644 --- a/public/.htaccess +++ b/public/.htaccess @@ -1,71 +1,63 @@ RewriteEngine On +# --------------------------------------------------------- # 1) Nur Root von *.ismyusbfake.com nach /fakecheck/ umleiten +# --------------------------------------------------------- RewriteCond %{HTTP_HOST} (^|\.)ismyusbfake\.com$ [NC] RewriteRule ^$ /fakecheck/ [L,R=301] -# 1b) *.ismyusbfake.com mit Subpfad: -# /123456 → /fakecheck/?referrer=123456 +# 1b) Subpath weiterreichen: /xyz → /fakecheck/?referrer=xyz RewriteCond %{HTTP_HOST} (^|\.)ismyusbfake\.com$ [NC] -# nicht erneut anfassen, wenn wir schon in /fakecheck/ sind RewriteCond %{REQUEST_URI} !^/fakecheck(/|$) [NC] -# genau ein Segment: /slug oder /slug/ RewriteCond %{REQUEST_URI} ^/([^/]+)/?$ [NC] RewriteRule ^ /fakecheck/?referrer=%1 [L,R=302] -# 2) /uploads/avatar schützen +# --------------------------------------------------------- +# 2) Uploads schützen +# --------------------------------------------------------- RewriteRule ^uploads/avatar/ - [F] -# 3) Auth-Routen explizit (weiterhin so lassen) +# --------------------------------------------------------- +# 3) Auth-Routen +# --------------------------------------------------------- RewriteRule ^auth/login/?$ auth/login.php [L] RewriteRule ^auth/register/?$ auth/register.php [L] RewriteRule ^auth/logout/?$ auth/logout.php [L] -# 4) Generische Landingpage-Regel -# /slug -> /landingpage/slug/index.php -RewriteCond %{REQUEST_FILENAME} !-f -RewriteCond %{REQUEST_FILENAME} !-d - -# nichts versuchen für diese "System-Pfade" -RewriteCond %{REQUEST_URI} !^/(auth|assets|uploads|landingpage)/ [NC] - -# Request muss die Form /irgendwas oder /irgendwas/ haben -RewriteCond %{REQUEST_URI} ^/([^/]+)/?$ [NC] - -# Und es muss eine passende landingpage/{slug}/index.php geben -RewriteCond %{DOCUMENT_ROOT}/landingpage/%1/index.php -f - -# Dann dorthin rewriten -RewriteRule ^ landingpage/%1/index.php [L] - -# 4b) Tools-Kürzel: -# /tools/... -> /landingpage/tools/... -# Beispiel: /tools/i18n.php -> /landingpage/tools/i18n.php +# --------------------------------------------------------- +# 4) Tools-Regel +# /tools/foo.php → landingpage/tools/foo.php +# --------------------------------------------------------- +RewriteCond %{REQUEST_URI} ^/tools/ [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^tools/(.*)$ landingpage/tools/$1 [L] -# 5) Deine bisherigen Fallback-Regeln +# --------------------------------------------------------- +# 5) Generische Landingpage-Regel +# --------------------------------------------------------- +RewriteCond %{REQUEST_FILENAME} !-f +RewriteCond %{REQUEST_FILENAME} !-d +RewriteCond %{REQUEST_URI} !^/(auth|assets|uploads|landingpage|tools|_errors)/ [NC] +RewriteCond %{REQUEST_URI} ^/([^/]+)/?$ [NC] +RewriteCond %{DOCUMENT_ROOT}/landingpage/%1/index.php -f +RewriteRule ^ landingpage/%1/index.php [L] -# a) /foo -> foo.php +# --------------------------------------------------------- +# 6) Fallback-Regeln (.php und /index.php) +# --------------------------------------------------------- RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}.php -f RewriteRule ^(.+?)/?$ $1.php [L] -# b) /foo -> foo/index.php RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}/index.php -f RewriteRule ^(.+?)/?$ $1/index.php [L] -############################################### -# 6) Globaler 404-Fallback -# Alles was jetzt noch übrig bleibt → 404-Seite -############################################### +# --------------------------------------------------------- +# 7) Globaler 404-Fallback **IMMER deine eigene Fehlerseite** +# --------------------------------------------------------- RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d - -# Systempfade nicht abfangen -RewriteCond %{REQUEST_URI} !^/(assets|uploads|auth|landingpage|_errors)/ [NC] - -# interne Weiterleitung auf deine Fehlerseite +RewriteCond %{REQUEST_URI} !^/(assets|uploads|auth|landingpage|tools|_errors)/ [NC] RewriteRule ^ _errors/404.php [L]