Mod_rewrite entire domain except /stats/ directory

Discussion in 'ISPConfig 3 Priority Support' started by chab43, Mar 12, 2018.

  1. chab43

    chab43 New Member HowtoForge Supporter

    I am on Ubuntu 16.04 with Apache2.4, PHP7, ISPConfig 3.1.11.

    --What I am wanting to accomplish is to setup a domain called example.com in ISPConfig that can track visitor statistics in AWStats (so we can know how effective marketing campaign was) to the domain. This URL will be example.com/stats/
    --My understanding is this domain won't be an actual website, it will simply redirect visitors to an existing website hosted somewhere else, we will call this event.example2.net (this sub-domain is not hosted with me if that matters).
    --I want all visitors to any sub-domain or path of example.com to be redirected to event.example2.net EXCEPT FOR example.com/stats/ (so I can still view the AWStats page).

    I believe mod_rewrite is what I am going to need for this but I can't seem to get it to work properly.

    Visually this is what I am trying to accomplish with mod-rewrite:
    *.example.com/*/ --> event.example2.net
    *.example.com/stats/ --> *.example.com/stats/

    This is what I have right now in the Apache directives. The redirect works but my attempt at excluding the /stats/ directory gets ignored and I am redirected anyways:

    RewriteEngine On
    RewriteCond %{REQUEST_URI} /stats/
    RewriteRule (.*) $1 [L]
    RewriteRule (.*) http://event.example2.net [L,R=301]

    I have been using this site to test my rules so I don't have to refresh apache a million times for testing: https://htaccess.madewithlove.be/
    According to it what I have should work but my exclusion for /stats/ is ignored and I am still redirected to event.example2.net!

    Some other rule sets I tried that did not work (found through Google and modified to try and fit my needs):

    #This is supposed to be able to work whether the / at the end is present or not, one condition for each.
    RewriteEngine on
    RewriteCond %{REQUEST_URI} !^/stats/.*
    RewriteCond %{REQUEST_URI} !^/stats$
    RewriteRule .* http://event.example2.net/ [R=301,L]


    In all of these the redirection works, my problem is always excluding the stats directory.

    I seem to recall reading somewhere that apache2.4 changes the way mod_rewrite rules are formated, could that be my issue?


    EDIT:
    Checked the system log and noticed this from the IDS. I don't believe the rule is being blocked as the score is lower than the admin block setting in security_settings.ini but figured I should mention it for the sake of complete disclosure.

    Code:
    [INTERFACE]: PHP IDS Alert.Total impact: 12<br/> Affected tags: dt, id, lfi, xss, csrf, rfe<br/> <br/> Variable: POST.php_open_basedir | Value: /var/www/clients/client4/web12/web:/var/www/clients/client4/web12/private:/var/www/clients/client4/web12/tmp:/var/www/example.com/web:/srv/www/example.com/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/dev/random:/dev/urandom<br/> Impact: 5 | Tags: dt, id, lfi<br/> Description: Detects specific directory and path traversal | Tags: dt, id, lfi | ID 11<br/> <br/> Variable: POST.apache_directives | Value: RewriteEngine On RewriteCond %{REQUEST_URI} /stats/ RewriteRule (.*) $1 [L] RewriteRule (.*) http://events.example2.net [L,R=302]<br/> Impact: 7 | Tags: xss, csrf, id, rfe, lfi<br/> Description: Detects unknown attack vectors based on PHPIDS Centrifuge detection | Tags: xss, csrf, id, rfe, lfi | ID 67<br/> <br/>
    
     
    Last edited: Mar 12, 2018
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The IDS messaage should be fine, it's just a notice. But you can take a look intio the vhost file that was written to see if your config shows up there.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    The IDS messaage should be fine, it's just a notice. But you can take a look intio the vhost file that was written to see if your config shows up there.
     
  4. chab43

    chab43 New Member HowtoForge Supporter

    I verified that the config was being written, just wasn't sure if the IDS blocked execution of flagged rules or anything like that.

    I was given this project with a 1-day deadline so I had to do something to get the analytics working ASAP (yay management). I ended up building a splash page with the Google Analytics JS library in it to do the visitor tracking on the redirect but I would still like to figure out why my rules didn't work as expected.

    Being able to accomplish this with mod_rewrite would have been way faster and less work on my end. Do you see anything wrong with my mod_rewrite rules?

    Does the apache directive in ISPConfig perform any different than if I were to put these rules in an actual .htaccess file in the /web/ folder?
     
    Last edited: Mar 14, 2018

Share This Page