Jump to content
xisto Community
Quatrux

Preventing Browsing Directories if it is a Subdomain..

Recommended Posts

For some time I searched for some way to prevent users to browse directories, if those directories are subdomains, I searched the web and only found some rewrite condition with rewrite engine, most of them didn't work the way I wanted, but accidentally Yesterday I found a simple solution, which seems to work quite nice, the only bad thing that it's a redirect, but I guess it is the best available method to rely on or maybe you know any better?

 

So imagine you have a subdomain:

 

subdomain.example.com/myblog/my/entry/

 

but sometimes, someone can go and browse the directory and not the subdomain, you ask why don't let them? Well one thing is, that statistics in CPanel are different, it logs for example.com net as I understand and not for that subdomain, some scripts my not work, even PHP, due to you set some URL value, another issue is that when browsing a subdomain, you have different DOCUMENT ROOT's, different $_SERVER; tag values SERVER NAME, HTTP HOST and etc. sometimes it can break something and I guess there are more problems.. :)

 

so when they enter: example.com/subdomain/myblog/my/entry/

 

It might work, if you program in a good, why, usually it can break, why would you need some extra errors in the error log? My solution is to use .htaccess file with this code:

 

redirect permanent /subdomain http://subdomain.example.com

Because it's permanent, most search engines will continue to browse the subdomain and will leave hitting the directory, besides you won't get any extra logs, because it's a htaccess redirection, the nice thing is that even though you entered:

 

example.com/subdomain/myblog/my/entry/

 

it will redirect to a normal url:

 

subdomain.example.com/myblog/my/entry/

 

So this is really good, if you have old links somewhere pointing to the directory url and even search engines will re index, of course some older or more less intelligent crawlers might not like the redirect, but most of them should understand the redirect.

 

In addition, you can use apache {HTTP_HOST} and etc. to make the same "script" work without needing to rewrite it, but I left it in that mode, because imagine this kind of situation, that you have a subdomain.astahost.com and you're using an example.com as an Addon domain, which in fact is just a parked domain over example.subdomain.astahost.com that’s why your condition wouldn't work with HTTP HOST if somebody would enter an url:

 

subdomain.astahost.com/example/

 

Because the HTTP HOST would be subdomain.astahost.com, but you want him to point to example.com or even to another-subdomain.example.net which, that’s why the code can't have HTTP HOST and needs to be written like:

 

redirect permanent /example http://example.com

To conclude, be careful where you put that .htaccess that you wouldn't get a never ending redirection, the best place is in the folder/directory from which you want to redirect. Moreover, it think it's a much better solution when doing it with PHP or Meta tags or JS, much faster. :)

Share this post


Link to post
Share on other sites

This would likely work fine for small hosts, but if you were starting something like Xisto where you could potentially have tens of thousands of subdomains, this solution would not be practical.

My favourite solution to this problem is just relocate the subdomain directories.

Document root: /www/username/domain.com: /www/username/domain.com/sub1.domain.com: /www/username/sub1.domain.com/sub2.domain.com: /www/username/sub2.domain.com/...

Again, some hosts might not let you set the document root of the main domain (but rather point it to your document root) but if that is the case then you're probably not hosting that many subdomains. So which solution you use depends on your needs.


Also... question... What would happen if the person who owned example.domain.com created a folder in their root directory called example? When http://forums.xisto.com/no_longer_exists/ or http://forums.xisto.com/no_longer_exists/ (as the case may be) would it not just redirect back to the root domain?

Share this post


Link to post
Share on other sites

Also... question... What would happen if the person who owned example.domain.com created a folder in their root directory called example? When http://forums.xisto.com/no_longer_exists/ or http://forums.xisto.com/no_longer_exists/ (as the case may be) would it not just redirect back to the root domain?

If I got you right, I think it wouldn't, because the htaccess file wouldn't be in that directory, thats why I said that be careful where you put your .htaccess file that to not get an infinite loop of redirection, but in most cases the browser protects itself from this kind of things and shows an error message, at least Opera does that..

Yeah, using your method a better way, if you have access, and if you have something as big as Xisto with a lot of subdomains, I don't think that you're using a free web hosting then, and in most cases you have some kind of software running to do this, but for personal use I find it quite good. :(

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.