: Making friendly URLs without making unfriendly URL accessible to anyone As many know, one can make a friendly URL with mod_rewrite in their .htaccess file like so: RewriteRule ^category/(.*)$ /somescript.php?category=
As many know, one can make a friendly URL with mod_rewrite in their .htaccess file like so:
RewriteRule ^category/(.*)$ /somescript.php?category= [L]
This works as long as somescript.php is within the document root folder of the server. If someone was able to guess the actual script (example: if they typed: example.com/somescript.php?category=whatever instead of example.com/category/whatever), then the chances of duplicate content happening is high because at some point, someone will share the links and it may be possibly indexed in the search engines.
What I am looking for is a way to make somescript.php inaccessible to the public, yet the public should be able to access the friendly URL.
I attempted to use ScriptAliasMatch with the same parameters as RewriteRule except I added a / after the ^ and I removed the [L]. I moved the script to a folder one level up from public_html and I set the user and group name of the folder to the same as the Apache user and group and the permissions of the PHP file is 0x755.
When I attempt to access the file I receive status code 403 forbidden and in the Apache error_log, I receive
client denied by server configuration: /path/to/somescript.php
I also have set loglevel to debug.
Has anyone else been successful in launching scripts at locations inaccessible to the public when the public requests a friendly URL? If so, how did you pull it off?
And I did add the Disallow: /*? line in my robots.txt but I think I need to do more than that as some bots don't respect robots.txt.
More posts by @Harper822
1 Comments
Sorted by latest first Latest Oldest Best
You can externally redirect from the "ugly" (for want of a better term) URL to the "friendly" URL. However, you need to be careful of redirect/rewrite loops. One way of avoiding the rewrite loop is to check against THE_REQUEST - this contains the initial request header as sent from the client and is not changed as the rewrite engine rewrites the URL.
This needs to go before your current internal rewrite:
RewriteCond %{THE_REQUEST} ?(category)=([w-]*)
RewriteRule ^somescript.php$ /%1/%2? [R=302,L]
[w-]* - This assumes that the category value can only consists of the characters a-z, A-Z, 0-9, _ and -. It's better to make this as restrictive as possible. However, it also means you should also change the .* pattern in your internal rewrite to match.
Change the R=302 (temporary) to R=301 (permanent) when you are sure it's working OK.
the chances of duplicate content happening is high
Unless the URL structure is being changed or there is some kind of misconfiguration that exposes the "ugly" URL then the chances of "duplicate content" being found and indexed should be low.
A purely "duplicate content" issue could also be resolved (or safe guarded against) by using a rel="canonical" tag - which is probably a good idea anyway.
I attempted to use ScriptAliasMatch ...
Using an Alias won't resolve any duplicate content issues as it doesn't change the URL.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.