Announcement

Collapse
No announcement yet.

Trevor H. new upgrade - causing unwanted redirects

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wayne Luke
    replied
    I can't recreate the issue with a default installation. At least not in the way you're mentioning.

    On my local installation when I go to http://vbulletin5/dev/folder1/folder1/randomtext.zip (an actual file that I created) then I get a 403 Error. Or a Forbidden Error. This is actually the correct response with vBulletin due to these lines in the .htaccess file:

    Code:
    #don't allow some files that shouldn't really be present to be directly accessed.
    #note that attachements should never be directly accessed by the webserver because
    #we have permissions on the that are checked in the PHP code.
    <FilesMatch "(^#.*#|\.(bak|config|dist|inc|ini|log|gz|tar|zip|sh|sql|sw[op]|md)|~)$">
        Require all denied
    </FilesMatch>
    This is for security purposes. People often upload the files and database backups to their vBulletin directories. They shouldn't do this, so we're protecting them against exploits and data breaches. If I remove |zip from the lines above, the file downloads to my download directory.

    Now, if I have a forum channel named folder1 and that is a path used by vBulletin, I will get the error that you mention. Hence my question above that was never answered. vBulletin 5 is very flexible in building its URLs and you can customize the URL of every single channel and/or page to fit your exact needs. When you upgrade, we try to build the URLs based on what you had before. If you have folders inside the vBulletin directory, this can cause the problems you experienced due to conflicts. Ideally, there won't be any extraneous folders within the vBulletin directory. However, if you make them unique, they won't cause a problem.

    Leave a comment:


  • energetic-forum
    replied
    Nevermind - moved entire folder to a different domain that won't redirect. That's something that VB has to resolve because it will be an ongoing issue you all will be dealing with.

    Leave a comment:


  • energetic-forum
    replied
    Can you please just tell me how to exempt

    public_html/foldername1/foldername2/file1.zip

    foldername1, foldername2 and file1.zip from being redirected?

    Leave a comment:


  • energetic-forum
    replied
    That is something I will have to change over time by moving those folders to a different domain or subdomain.

    Not sure what you mean by folders having same name forums. Do you mean do the folders have names that match vb folder names? No, not sure how that is possible as there can't be two folders with the same names as far as I know.

    Although it is ideal to not have these folders in the vbulletin public_html folder, they are so how can I prevent a zip file for example in a folder that has a completely different name from any vb folder names from being redirected with the url error? Is that possible?

    Leave a comment:


  • Wayne Luke
    replied
    Ideally, there wouldn't be any extra folders in the vBulletin directory. However, it they don't partially match existing vBulletin URLs, the system should properly enter them.

    Do these folders have the same names as your forums?

    Leave a comment:


  • Trevor H. new upgrade - causing unwanted redirects

    I posted this in the other vb5 forum - not sure if there or here is the proper place.

    Anyway, yesterday, Trevor H. upgraded 2 of my forums to 5.5.6. This stopped my download business in its tracks and is urgent that I get this resolved ASAP.

    There are some folders in the same account such as public_html/foldername1/foldername2/file1.zip

    When going directly to files in those folders there now, it gives an error, "Invalid Page URL. If this is an error and the page should exist, please contact the system administrator and tell them how you got this message."

    How can I exempt files in those folders from being exempt?

    So if I want to download a zip from forumname.com/foldername1/foldername2/file1.zip - how do I do this without it redirecting and giving me the error?


    This is the first half of the htaccess file - can you give a specific example of what to do to prevent the redirect for the zip file and specific folders?

    <IfModule mod_rewrite.c>
    RewriteEngine On

    # In some cases where you have other mod_rewrite rules, you may need to remove the
    # comment on the following RewriteBase line and change it to match your folder name.
    # This resets the other mod_rewrite rules for just this directory
    # If your site was www.example.com/forum, the setting would be /forum/
    #RewriteBase /

    #If you used friendly urls in vB4, then uncommenting the following rules will redirect the #
    #old vB4 urls to a similar location in vB5. This is unnecesary for a new vB5 install.
    #RewriteRule ^threads/.* showthread.php [QSA]
    #RewriteRule ^forums/.* forumdisplay.php [QSA]
    #RewriteRule ^members/.* member.php [QSA]
    #RewriteRule ^blogs/.* blog.php [QSA]
    #RewriteRule ^entries/.* entry.php [QSA]

    #To redirect users to the secure version of your site, uncomment the lines below
    #RewriteCond %{HTTPS} !=on
    #RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

    #Block directories that don't need direct access
    RewriteRule ^(core/libraries/|includes|core/includes|core/vb|core/vb5|core/admincp|core/modcp) index.php?routestring=relay/404 [END]

    #Block files and directories
    RewriteRule (^|/)\.(?!well-known) index.php?routestring=relay/404 [END]

    #Block directories that don't need direct access to PHP
    RewriteRule ^(css|fonts|images|js|core/cache|core/cpstyles|core/clientscript|core/customavatars|core/images|core/store_sitemap)/.*\.php index.php?routestring=relay/404 [END]

    # Send css calls directly to the correct file VBV-7807
    RewriteRule ^css.php$ core/css.php [NC,L]

    # Redirect old install path to core.
    RewriteRule ^install/ core/install/ [NC,L]

    # Main Redirect
    RewriteCond %{REQUEST_URI} !\.(gif|jpg|jpeg|png|css)$
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php?routestring=$1 [L,QSA]
    </IfModule>

Related Topics

Collapse

Working...
X