Archive for the ‘ Apache ’ Category

Turning cache off for specific files

Today I wanted to solve the issue of caching on the email signature banners once and for all. I don’t want any browsers or email clients to cache the image, so I started searching for solutions.

The best one I could find was this one:

<Files {FILENAME}>
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</Files>

So specifically to stop caching on the email signature file, I created an .htaccess file containing this:

<Files emailsignature.gif>
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</Files>

And saved the file here:

windeurope.org/wp-content/uploads/images/banners/.htaccess
2025
06/04
CATEGORY
.htaccess
Apache
Write comment

Checking a URL redirection via its headers

curl --verbose --head --location windeurope.org/dailywind

Gets you:


* About to connect() to windeurope.org port 80 (#0)
*   Trying 213.167.242.87... connected
* Connected to windeurope.org (213.167.242.87) port 80 (#0)
> HEAD /dailywind HTTP/1.1
> User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: windeurope.org
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Date: Wed, 11 Apr 2018 10:18:46 GMT
Date: Wed, 11 Apr 2018 10:18:46 GMT
< Server: Apache
Server: Apache
< Location: https://windeurope.org/dailywind
Location: https://windeurope.org/dailywind
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1

<
* Connection #0 to host windeurope.org left intact
First redirect is from HTTP to HTTPS
* Issue another request to this URL: 'https://windeurope.org/dailywind'
* About to connect() to windeurope.org port 443 (#1)
*   Trying 213.167.242.87... connected
* Connected to windeurope.org (213.167.242.87) port 443 (#1)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*       subject: CN=windeurope.org,OU=Gandi Standard SSL,OU=Domain Control Validated
*       start date: Jan 03 00:00:00 2017 GMT
*       expire date: Feb 18 23:59:59 2020 GMT
*       common name: windeurope.org
*       issuer: CN=Gandi Standard SSL CA 2,O=Gandi,L=Paris,ST=Paris,C=FR
> HEAD /dailywind HTTP/1.1
> User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: windeurope.org
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Date: Wed, 11 Apr 2018 10:18:46 GMT
Date: Wed, 11 Apr 2018 10:18:46 GMT
< Server: Apache
Server: Apache
Second redirect to the Daily Wind sub-page
< Location: https://windeurope.org/about-wind/daily-wind/
Location: https://windeurope.org/about-wind/daily-wind/
< Content-Type: text/html; charset=iso-8859-1
Content-Type: text/html; charset=iso-8859-1

<
* Connection #1 to host windeurope.org left intact
* Issue another request to this URL: 'https://windeurope.org/about-wind/daily-wind/'
* Re-using existing connection! (#1) with host windeurope.org
* Connected to windeurope.org (213.167.242.87) port 443 (#1)
> HEAD /about-wind/daily-wind/ HTTP/1.1
> User-Agent: curl/7.19.7 (i386-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: windeurope.org
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Wed, 11 Apr 2018 10:18:46 GMT
Date: Wed, 11 Apr 2018 10:18:46 GMT
< Server: Apache
Server: Apache
< Set-Cookie: wfvt_1398057934=5acde1079f955; expires=Wed, 11-Apr-2018 10:48:47 GMT; path=/; secure; httponly
Set-Cookie: wfvt_1398057934=5acde1079f955; expires=Wed, 11-Apr-2018 10:48:47 GMT; path=/; secure; httponly
< Set-Cookie: PHPSESSID=v62a1us6nrh5u85vl92mdkb551; path=/
Set-Cookie: PHPSESSID=v62a1us6nrh5u85vl92mdkb551; path=/
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
Pragma: no-cache
< Link: ; rel="https://api.w.org/"
Link: ; rel="https://api.w.org/"
< Link: ; rel=shortlink
Link: ; rel=shortlink
< Content-Type: text/html; charset=UTF-8
Content-Type: text/html; charset=UTF-8

<
* Connection #1 to host windeurope.org left intact
* Closing connection #0
* Closing connection #1
2018
04/11
CATEGORY
Apache
Bash
Commands
Linux
Write comment

Cloudflare CSRF Token Error

When installing a new website we had errors when trying to make settings for Cloudflare. The error message said:

To fix this we had to disable Wordfence by commenting out its lines in the .htaccess file:

# Wordfence WAF
#
#        php_value auto_prepend_file '/var/www/html/sites/events/summit2018/wordfence-waf.php'
#

Once the connection was made, you can uncomment the lines above in the .htaccess file.

2018
01/29
CATEGORY
.htaccess
Apache
Plugins
Wordpress
Write comment

Rewrite “ewea.org/fileadmin” to “windeurope.org/fileadmin”

Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^(www\.)?ewea\.org$ [NC]
RewriteRule ^fileadmin/(.*)$ https://windeurope.org/fileadmin/$1 [L,R=301,NC]
2016
03/31
CATEGORY
.htaccess
Apache
Write comment

WindEurope Certificate Authority

-----BEGIN CERTIFICATE-----
MIIGgzCCBGugAwIBAgIJAJophEkxMMmxMA0GCSqGSIb3DQEBBQUAMIGHMQswCQYD
VQQGEwJCRTERMA8GA1UECBMIQnJ1c3NlbHMxEzARBgNVBAoTCldpbmRFdXJvcGUx
EjAQBgNVBAsTCU1hcmtldGluZzETMBEGA1UEAxMKV2luZEV1cm9wZTEnMCUGCSqG
SIb3DQEJARYYd2VibWFzdGVyQHdpbmRldXJvcGUub3JnMB4XDTE2MDEyNTEzNDAy
NFoXDTIxMDEyMzEzNDAyNFowgYcxCzAJBgNVBAYTAkJFMREwDwYDVQQIEwhCcnVz
c2VsczETMBEGA1UEChMKV2luZEV1cm9wZTESMBAGA1UECxMJTWFya2V0aW5nMRMw
EQYDVQQDEwpXaW5kRXVyb3BlMScwJQYJKoZIhvcNAQkBFhh3ZWJtYXN0ZXJAd2lu
ZGV1cm9wZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDNfptv
2jYBAX4pNcod9USGFJVPaNdjN72JLgzDdRRxHrO44Faxgqg/Xc/BSmg77AdI2/BV
rbsNLyaUa3kDynqWbHOodEO+bCl6rm3uS4LuY/tsyT9pQ81+eGbHv3gUyIFPc4Y/
2YC0lG+r3YV99H2SC/gS7v6Xx1kzK97O79MsNTG6+4Evvv9r1ZIUC/IMavbIGoRU
NQF2cjw8O+PHUCYDaJQBApC9hxLOopE98aPdK1fGwYuAM14VwsqEhwt4JTjQZxdK
DitSZIzhaoyTF5yf5f90o9HdTQJgkCSBOXmsU/oqxLZD0uCOQ2LtOPMt3tDZRvDZ
9fJ/f5JcAEtM2ZTclF+lLh05zsfWM2xGJ1xUJafkS7DrKMBd1+WSiOAs7o+cp1Bi
u/Bg521NcBPUOlFoG4uXZ+KL0o/5W8AYkB2Qgf1edlX/v+xjS4ekY0NXGMfzn5oK
a4l2uIPPuTFeerrQCirNL/1y4hKEVxrwVQ8HwXJ9QnmAGh634lhG2szkcBcm/Brd
k/IZMJy76BV8Ggyba8UCVfB4ao9Uyd8qyKasGE2EuGNhiB2ml3Va4KW0qwNn/Lm3
58MSS00cwitfovLD55VgXC4Y3zussxcSJHr7ROJtudOEIxh6B+RiZrtvqsser+nc
iIZxR6SD5mgNImm/X4E7co+gXXK0w4ANUqLmUwIDAQABo4HvMIHsMB0GA1UdDgQW
BBTb9RPD3hj9C7e9HFjFs3gtrB1bWzCBvAYDVR0jBIG0MIGxgBTb9RPD3hj9C7e9
HFjFs3gtrB1bW6GBjaSBijCBhzELMAkGA1UEBhMCQkUxETAPBgNVBAgTCEJydXNz
ZWxzMRMwEQYDVQQKEwpXaW5kRXVyb3BlMRIwEAYDVQQLEwlNYXJrZXRpbmcxEzAR
BgNVBAMTCldpbmRFdXJvcGUxJzAlBgkqhkiG9w0BCQEWGHdlYm1hc3RlckB3aW5k
ZXVyb3BlLm9yZ4IJAJophEkxMMmxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
BQADggIBALEXrU+KntBm6AMufDKBQeiSYDPp5PuDn7SxJniPBBuLClf3pkE5JA4i
Utb+rd/eJlUL7wqlmGErdYigDDnA6S5XesH9vriN+yNUxoHBLx19OkD+h12CV0NC
JZKtXepHG90jnfnDBx06+QUGB8916B8rWlFziYMryFlG4+GMEMNM/d1W50REaYct
7AHx8aE9J8pdM9I39nNs74ytS0fNgI+eqJOWmvEEpwMbEuQj8XvBu2mT/ANLue3H
vk2ByJ0DvJrxBNoPbEe5V/H3hMUMq4KIPUcv8Xz/VdGqhD7oPVGdF3VoR+A62BzJ
8jKvDViuEjLZS9k8F9N0oZIRaXUeJ1JnP84ad+9VwDTFEJkke+2YNDi3JdYfji01
vHg2lQi6mH4l+t7CNIX3gq4OYdtLY2EgN76HZHYMp6tG5O1C9nCmZ0+HupPu4J2W
SQ1ZKgXF8GmZdldqOXO4d+hV/cHHsFP5lWRpqd1ORTZLPH4CX2fmf+wby4xa1Iz/
6qedp+AZHTP6Hax5F2/V0um7ddvwns/dvK45uLnHkD09rOJ4y/BpzC4ywT8uJIb1
2KLbPqR+VVvNN7cYjHsKdarKnytF36v7IBrg2d7EeiA5Evx5Ay7GykKzNCErT0oC
AJVbEFv8odXn+Alhb/n+hqSvf8fgn56oHQeMq0xPoLO8uiQiaVsY
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDNfptv2jYBAX4p
Ncod9USGFJVPaNdjN72JLgzDdRRxHrO44Faxgqg/Xc/BSmg77AdI2/BVrbsNLyaU
a3kDynqWbHOodEO+bCl6rm3uS4LuY/tsyT9pQ81+eGbHv3gUyIFPc4Y/2YC0lG+r
3YV99H2SC/gS7v6Xx1kzK97O79MsNTG6+4Evvv9r1ZIUC/IMavbIGoRUNQF2cjw8
O+PHUCYDaJQBApC9hxLOopE98aPdK1fGwYuAM14VwsqEhwt4JTjQZxdKDitSZIzh
aoyTF5yf5f90o9HdTQJgkCSBOXmsU/oqxLZD0uCOQ2LtOPMt3tDZRvDZ9fJ/f5Jc
AEtM2ZTclF+lLh05zsfWM2xGJ1xUJafkS7DrKMBd1+WSiOAs7o+cp1Biu/Bg521N
cBPUOlFoG4uXZ+KL0o/5W8AYkB2Qgf1edlX/v+xjS4ekY0NXGMfzn5oKa4l2uIPP
uTFeerrQCirNL/1y4hKEVxrwVQ8HwXJ9QnmAGh634lhG2szkcBcm/Brdk/IZMJy7
6BV8Ggyba8UCVfB4ao9Uyd8qyKasGE2EuGNhiB2ml3Va4KW0qwNn/Lm358MSS00c
witfovLD55VgXC4Y3zussxcSJHr7ROJtudOEIxh6B+RiZrtvqsser+nciIZxR6SD
5mgNImm/X4E7co+gXXK0w4ANUqLmUwIDAQABAoICAQChOUYGebOJEnzDJFqRKo86
iweiJ+VlCKSB7klBSKhjH+1tjUU3PAV4wcdwJUqmSMZmWXi0H/vzmhywsaleWgvX
3PrZHW7RBdd9U0EYhtIQ6wymCzbfBb1CDoDFEunJlI4vobmgeqtKAnOi6cgETEAA
x7c4U54XwuWvCipjPTH3Kzz7MLvok/edyRA0/jJHn9xCnttXncaqAXJU58AL7kwE
vJXyPOsGZ+VPjahaay1fJtRVMiCa0rJsbEmrtLBA8SMkDt3s0jUXDaCicpAcD5ho
s3C7OJQ9BmBpFm4tnMRjefd6ep9tkxNvSlthNx9Dy98buVbaCubZNWPFHs31W3g4
Nk4665apgl5eMWjakrq7F1cpkj8Yvn9yMhZRbgY8NKvcFW3HxwJtC/hhkVPoPo8K
mCR+hSc4VxNVLNkHbIIbuItLQRbJYdfvzP7uzj9pCi6g4K6R+4nf7r5f26E6ibY7
Ef6cEJ5bZtz9efE9UnK7FtlPM/KMFUZ38hKHsO4IQM7CJq1vJ3CpcJLDY8xILQhY
cZtMCuJvkNfCfuU1Maqa4JaEYI0GXuNq/BFwUu7yFnWpkmprkMg4E9mqF60QQ3ei
rsZq53oocVCtkwFF3bDneG6yYRKk/dtdzlADHpmQlbJ6Sxv6aP9XZxmSIQN1CTJT
+A4TwX0MLhUTEzP8bPGBwQKCAQEA+enqf7q0x29daixkjaVzpDe8Gs6BSmecHRi5
XzBjeFqrYWoMWrERG7OaZqcPnk6XVv08u5ylvacvGUj0myE5jH5nLpDIjjdwhsvE
ag0vvcHuXjgnjpmFUKY5jJjI6ZyUZi7t7il9hNDSlHukL9qvsP+fIj9CaGBJZ8so
5GvapJAwcOAi76JAFvkKtoQxNE5J1GuLZB9YzH/bV21Z/63YexZKSYC5EFDIA9HX
x7sBMU2S/tOmg5cT6pa+mg3tpF/tlWNdFy+amW7eKBHmRmsvOy9zfcbyNM2boXie
1mlwcZeo63wZCpcJ39RhZWrzMCcDuGXBmwCMSZyi9ARCNjKiMQKCAQEA0n/CqHto
frpXoOBO6sXQdB+gFVu42rD6R/8WOJ1iWKRxpmZJXw49iBYUDiCiYgBmZ53JAUMx
XBP0fSoY3dOfNUT0NiUstzOrqBeYaYrMAaz0V0MQaJfmh2jj9oVV2ntczucZqY3g
cn6GD8e4ET/Jn3Kl+ooKg1vOLbS/3aLDM48nROu8esokl7ETSwptS149i/qrhRPW
Urbx1MmPv2JBR/3bklt6ojDatzme+g1HW9a2O3yMHN3VCJGnhxChUf0p6cEqNEo4
ob4xz9zjdf2wNa5X2N3E3IlI4Nm/m4d2oPQ1mkHIho9H/LG6ZOuV72VjvsGjr5/6
ZrJ3Iz3b5R1LwwKCAQEAnlofYiu1nKDt+faDCFWLvsQqBnpO5gxcmPsviico//vD
mAgQJ+8GPh1BekXk2ZRGxLHVJ7OMOW2TpFvb0efthR4a1yCaU7LBNEgs/l24oG4f
UcgXGH4iQQXydSniNFQom86kqEHV7LA8niTx1filVmvCM3sN4wEPwhqyoHnOonNS
nlMHD/woy+Wlahy86L2qflRekGRkab+iBfWeDynif6uSCpzrpnDpK7JtHXtauBjF
SX5mhf7WedBmmUq2B29ZJU0+kRByz0G2toEQ/hGwbboVXd8PXXHiaR/61TUeMHu+
ZufNHi6x7QevZwmrahlufArN8B8axRHhFukT4y+WIQKCAQBfBW1JwOuayWNlK9xz
/nfq85vACHeZwOo6NdxCEkmi2hizlNjqH/OGyvCir/idZLDVdVSXTU2q0xc6qRYw
jKcB1O6own889AY5Cu2yNwWAfCKQgaWWkXtvBNpjHi1zQtzSSWA8Od9nz9WUqgNd
Rf4uDAMA5e94/KhF2aIC2sZjL+v6ILAkfbum/jhHV52euBvwZGeo2xuUmyDvfU12
h1QQu3eyybjCHmuc6lXparUbsADzOXXGUh0okRee0NMBv9Z7vsbec+K8oK67tmq3
iJ1SnjDppLKJGy/a0HC+NJhIb/UCfU+X7nYAi/ooNHCqcIpmQeMyFHVkhothTTtG
YcMhAoIBAQDimxCtmnJ5Ek2Qk76AcOfNW5gE5DKQ7tTNlo5RLkqZgR4ylPm24Ad7
XfkRLVcUVGkcK9SvUi34sMcJ6vSQi9LEPnI8kvKrRpDNLtMYYtyg+9yyytUWFdyu
4P7pV4xhKAVTN/hF/6ZZSIzR5BjB4MgvSeHh8XK9TRn+Q8lPZo4GIrXo7OLBGyJd
AufxkSN+LbuCQI+0fPxsQ+gCtMgvoN3RpsZfNoEFY9n8b3LP0DFk1V7X8SZV9A6R
aDUGhr+NyUgXsWCEnNhSbOAIbB9Lvgt0DhAEVKJ+Ygh318sTbUsPK3RPwln2y3cy
9JsGE1CpL74LHqN67gMaet9IEmaeUft+
-----END PRIVATE KEY-----
2016
03/15
CATEGORY
Apache
https
Write comment

Force download on PDF files

Placing the following snippet in an .htaccess file in a directory will force all pdfs (.PDF and .pdf) there to be downloaded to the computer rather than opened in the browser. This is good for occasions when IE is caching the PDF and users aren’t seeing the latest version.

<FilesMatch "\.(?i:pdf)$">
  ForceType application/octet-stream
  Header set Content-Disposition attachment
</FilesMatch>
2015
11/06
CATEGORY
.htaccess
Apache
Write comment

ReverseProxy, IP Address Restriction & htaccess

There was an issue with IP address restriction on the events server.
The events server sits behind the main EWEA server (ReverseProxy).

Adding the following lines in yellow allowed the IP addresses to be passed through.

# Deny all but allow EWEA
Order deny,allow
Deny from all
#
SetEnvIF X-Forwarded-For "mail.ewea.org" AllowIP
SetEnvIF X-Forwarded-For "home.jasonbickley.net" AllowIP
Allow from env=AllowIP
# Allow EWEA
Allow from mail.ewea.org
# Allow Jason
Allow from home.jasonbickley.net

 

Original reference article here

2015
10/26
CATEGORY
.htaccess
Apache
Write comment

Redirecting an old domain name to a web page

I needed to redirect globalwindday.org to www.ewea.org/globalwindday

A normal Apache redirect did not work.

For example:
globalwindday.org/faq would redirect to www.ewea.org/globalwindday/faq
This was a page that did not exist so therefore resulted in a 404 error.

Here are the lines added to vhosts.conf to make it work (stripping sub pages):

<VirtualHost *:80>
        ServerName  globalwindday.org
        ServerAlias www.globalwindday.org
        # Redirect permanent / http://www.ewea.org/globalwindday/   <-- This did not work
        RewriteEngine On
        RewriteCond %{HTTP_HOST} globalwindday.org [NC]
        RewriteRule ^(.*)$  http://www.ewea.org/globalwindday/ [R=301,NC]
</VirtualHost>

 

As constructed from this reference page:
https://gist.github.com/ScottPhillips/1721489

2015
09/02
CATEGORY
.htaccess
Apache
DNS
Write comment

Force downloads on certain filetypes

If you want to force a certain filetype to be downloaded (and not be opened directly in the browser) add the following into an .htaccess file in the directory of the files.
Change the filetype to match your needs.

<FilesMatch "\.(gif|jpe?g|png)$">
   ForceType application/octet-stream
   Header set Content-Disposition attachment
</FilesMatch>
2014
12/01
CATEGORY
.htaccess
Apache
Write comment

PHP cURL to save remote RSS feed to local xml file

Here’s a script I found to get a remote RSS feed, for example the Feedburner feed, and save it to a local XML file.
This would be useful for moments when you cannot connect to the RSS feed directly in a plugin or application.
You could then try and load the local file instead. Obviously a cron task would be added to run this script to reload the RSS feed a couple of times a day.

<?php
$ch = curl_init("http://feeds.feedburner.com/EWEABlog?format=xml");
$fp = fopen("feedburner.xml", "w");
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
fclose($fp);
?>

This script would then write the contents of the RSS feed to the local file “feedburner.xml”

2013
08/20
CATEGORY
Apache
Coding
PHP
Write comment