Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 130/596 | < Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >

  • How useful is mounting /tmp noexec?

    - by Novelocrat
    Many people (including the Securing Debian Manual) recommend mounting /tmp with the noexec,nodev,nosuid set of options. This is generally presented as one element of a 'defense-in-depth' strategy, by preventing the escalation of an attack that lets someone write a file, or an attack by a user with a legitimate account but no other writable space. Over time, however, I've encountered arguments (most prominently by Debian/Ubuntu Developer Colin Watson) that noexec is a useless measure, for a couple potential reasons: The user can run /lib/ld-linux.so <binary> in an attempt to get the same effect. The user can still run system-provided interpreters on scripts that can't be run directly Given these arguments, the potential need for more configuration (e.g. debconf likes an executable temporary directory), and the potential loss of convenience, is this a worthwhile security measure? What other holes do you know of that enable circumvention?

    Read the article

  • What's wrong with my .htaccess? Trying to simplify actual code

    - by AlexV
    This is my actual .htaccess: #If the requested URI does not end with an extension RewriteCond %{REQUEST_URI} !\.(.*) #If the requested URI is not in an excluded location RewriteCond %{REQUEST_URI} !^/(excluded1|excluded2)/ #Then serve the URI via the mapper RewriteRule .* /seo-urls/seo-urls-mapper.php?uri=%{REQUEST_URI} [L,QSA] #If the requested URI ends with .php* RewriteCond %{REQUEST_URI} \.php.*$ [NC] #If the requested file is not seo-urls-mapper.php (avoid .htaccess loop) RewriteCond %{REQUEST_FILENAME} (?<!seo-urls-mapper)\.php.*$ #Then serve the URI via the mapper RewriteRule .* /seo-urls/seo-urls-mapper.php?uri=%{REQUEST_URI} [L,QSA] Since all conditions are compatibles except the 1st ones (no extension and *.php* match) all I should have to do is to add the [OR] condition to these 2 lines, but when I'm adding it it's not working (my no extension rule don't work anymore). This is my new (not working) code: #If the requested URI does not end with an extension OR if the URI ends with .php* RewriteCond %{REQUEST_URI} !\.(.*) [OR] RewriteCond %{REQUEST_URI} \.php.*$ [NC] #If the requested file is not seo-urls-mapper.php (avoid .htaccess loop) RewriteCond %{REQUEST_FILENAME} (?<!seo-urls-mapper)\.php.*$ #If the requested URI is not in an excluded location RewriteCond %{REQUEST_URI} !^/(excluded1|excluded2)/ #Then serve the URI via the mapper RewriteRule .* /seo-urls/seo-urls-mapper.php?uri=%{REQUEST_URI} [L,QSA] Hopefully someone will be able to clarify this issue... I guess I don't fully understand the use of [OR]. Thanks!

    Read the article

  • How to make RewriteCond+RewriteRule change domain2/folder1 to domain1/folder1

    - by gman
    There's actually 2 questions. One is, how do I make RewriteCond+RewriteRule change domain2/folder1 to domain1/folder1 Actually what I want is any domain that tries to access folder1 that is not domain1 gets switched to domain1. So for example domain2.com/domain1/foo - domain1.com/domain1/foo as well as domain3.com/domain1/foo - domain1.com/domain1/foo This is what I tried RewriteCond %{HTTP_HOST} !^domain1\.com$ [NC] RewriteCond %{REQUEST_URI} ^/folder1/ RewriteRule ^/folder1/(.*)$ http://domain1.com/folder1/$1 [L,R=permanent] But that doesn't work. Next I tried some a simpler rule to see if I could narrow down the issue. RewriteCond ${HTTP_HOST} domain2\.com [NC] RewriteRule ^(.*)$ http://google.com/ [L] I though that would make ANY request to domain2.com go to google.com so I tried http://domain2.com/foo but I get domain2.com/foo not google.com If I go to http://domain2.com I get google. Why don't I get there if I go to http://domain2.com/foo? What am I not understanding about mod_rewrite?

    Read the article

  • Can't copy Ilias-folder via FQDN, but via ip-address?

    - by Lars
    I have an Ilias-Installation, which is available through two virtual hosts: the FQDN and the ip-address. The first server is ssl only, the second plain http. Both configuration files look the same except for the SSL-part: SSLEngine on SSLCertificateFile /etc/apache2/ssl/ilias.pem In the Ilias-Webinterface, I can copy a folder on the plain http. But if I try to copy the same folder on the ssl virtual host, I get the notice, that the copy was started (rough german translation here), but the folder does not show up. There are no errors in the error-logs of php or the webserver and as said, no differences beside the ssl-part. The guys at an ilias-forum did not have an idea, either. Any ideas in here?

    Read the article

  • How do I securely share / allow access to a drive?

    - by sleske
    To simplify backing up a laptop (Windows Vista), I'm planning on sharing its C: drive (with password protection) and using that to back it up from another computer. What are the security implications of this? If I share C: with a reasonable password, how big is the risk of compromise if the system is e.g. inadvertently used on a public WLAN or similar? Background: I'm planning to use [Areca Backup][1] to back up two systems (Windows XP and Vista). My current plan is to install Areca on the XP box, and share the Vista system's C: as a shared folder, so the XP system can read it. Then I can set up the drive as a network drive and have Areca read it like a local drive. Of course, if you can think of a more elegant way of doing this, I'm open to suggestions.

    Read the article

  • Empty rewrite.log on Windows, RewriteLogLevel is in httpd.conf

    - by ripper234
    I am using mod_rewrite on Apache 2.2, Windows 7, and it is working ... except I don't see any logging information. I added these lines to the end of my httpd.conf: RewriteLog "c:\wamp\logs\rewrite.log" RewriteLogLevel 9 The log file is created when Apache starts (so it's not a permission problem), but it remains empty. I thought there might be a conflicting RewriteLogLevel statement somewhere, but I checked and there isn't. What else could cause this? Could this be caused by Apache not flushing the log file? (I closed it by hitting CTRL-C on the httpd.exe command ... this caused the access logs to be flushed to disk, but still nothing in rewrite.log) My (partial) httpd-vhosts.conf: <VirtualHost *:80> ServerAdmin webmaster@localhost ServerName my.domain.com DocumentRoot c:\wamp\www\folder <Directory c:\wamp\www\folder> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule . everything-redirects-to-this.php [L] </IfModule> </Directory> </VirtualHost>

    Read the article

  • Apache mod_proxy, how to forward request into local network ip(server)

    - by Beck
    Can't figure out, how to configure mod_proxy for this. I have two domains, one is working fine at the moment. Second is bind to the same ip. I need to forward requests from second domain to another server in local network. like that: domain1.com => 192.168.1.101 domain2.com => 192.168.1.102 What configuration or directives i should use? Thanks ;) Update <VirtualHost *:80> ServerName www.domain2.com ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://192.168.1.103:8080/ ProxyPassReverse / http://192.168.1.103:8080/ </VirtualHost> It just doesn't redirect to second server. That's it. And when i restart apache, it says something with overlapping 80 port. [warn] _default_ VirtualHost overlap on port 80, the first has precedence

    Read the article

  • How to simulate Apache [END] flag on a redirect?

    - by Javier Méndez
    For business-specific reasons I created the following rewrite rule for Apache 2.2.22 (mod_rewrite): RewriteRule /site/(\d+)/([^/]+)\.html /site/$2/$1 [R=301,L] Which if given an URL like: http://www.mydomain.com/site/0999/document.html Is translated to: http://www.mydomain.com/site/document/0999.html That's the expected scenario. However, there are documents which name are only numbers. So consider the following case: http://www.mydomain.com/site/0055/0666.html Gets translated to: http://www.mydomain.com/site/0666/0055.html Which also matches my rewrite rule pattern, so I end up with "The web page resulted in too many redirects" errors from browsers. I have researched for a long time, and haven't found "good" solutions. Things I tried: Use the [END] flag. Unfortunately is not available on my Apache version nor it works with redirects. Use %{ENV:REDIRECT_STATUS} on a RewriteCond clause to end the rewrite process (L). For some reason %{ENV:REDIRECT_STATUS} is empty all the times I tried. Add a response header with the Header clause if my rule matches and then check for that header (see: here for details). Seems that a) REDIRECT_addHeader is empty b) headers are can't be set on the 301 response explicitly. There is another alternative. I could set a query parameter to the redirect URL which indicates it comes from a redirect, but I don't like that solution as it seems to hacky. Is there a way to do exactly what the [END] flag does but in older Apache versions? Such as mine 2.2.22. Thanks!

    Read the article

  • Dynamic Subdomains

    - by crash
    On my new site I want to have dynamic subdomains. I'm trying to make it so that the subdomains use the same web root as the main domain, all under a single CodeIgniter installation. For example, subdomain.example.com would lead to example.com/subdomain, which is actually example.com/index.php/subdomain. I've already the DNS, virtual hosts set up but I"m getting caught up on the .htaccess. The effect of the linked htaccess is that when navigating to any subdomain, it gets caught up in an infinite loop. (Error log after one request.) It's the same effect for www., which should just resolve to the main domain.

    Read the article

  • Is it secure to store the cert/key on a private AMI?

    - by Phillip Oldham
    Are there any major security implications to bundling a private AMI which contains the private key/certificate & environment variables? For resiliency I'm creating an EC2 image which should be able to boot and configure itself without any intervention. After boot it will attempt to: Attach & mount specific EBS volume(s) Associate a specific Elastic IP Start issuing backups of the EBS volume(s) to S3 However, to do this it will need the private key/pem files and will need certain environment variables to be available on start-up. Since this is a private AMI I'm wondering if it will be "safe" to store these variables/files directly in the image so that I don't need to specify any user-data information and can therefore start a new instance remotely (from my iPhone, if needed) should the instance be terminated for any reason.

    Read the article

  • mod_rewrite directory path to deeper directory

    - by DA.
    I don't usually work with LAMP and am a bit stumped getting a site working locally. The site is set up to be used via localhost: 1) http://localhost/mysite However, the way the site files are physically on the server the root is located as such: 2) /var/www/mysite/trunk/site I'm trying to figure out a way where I could type #1 but have apache actually looking for the files in #2 so that all of the asset/page links in the web application work. Is mod_rewrite the solution? If so, I'm stumped on the syntax. I have this but it won't work (due, I assume, to it causing an infinite loop) RewriteRule ^mysite/ mysite/trunk/site I have a hunch I need to sprinkle on some regex?

    Read the article

  • Trouble with mod_proxy and mongrel_rails

    - by x3ro
    Hey there I'm trying to set up a mod_proxy - mongrel combination, but somehow, apache/mod_proxy is unable to access mongrel locally. The following is my configuration for mod_proxy: ProxyRequests Off ProxyPreserveHost On <Location / ProxyPass http://localhost:3000/ ProxyPassReverse http://localhost:3000/ Order deny,allow Allow from all </Location Mongrel/Rails ist running just fine, because I can access it from my browser, and even with lynx on the server. However, I get the following error when trying to use the proxy: [error] [client 127.0.0.1] Invalid Content-Length I would appreciate any help :D PS: Oh, and the server is running Plesk to configure vhosts, if thats important.

    Read the article

  • SSLVerifyClient optional with location-based exceptions

    - by Ian Dunn
    I have a site that requires authentication in order to access certain directories, but not others. (The "directories" are really just rewrite rules that all pass through /index.php) In order to authenticate, the user can either login with a standard username/password, or submit a client-side x509 certificate. So, Apache's vhost conf looks something like this: SSLCACertificateFile /etc/pki/CA/certs/redacted-ca.crt SSLOptions +ExportCertData +StdEnvVars SSLVerifyClient none SSLVerifyDepth 1 <LocationMatch "/(foo-one|foo-two|foo-three)"> SSLVerifyClient optional </LocationMatch> That works fine, but then large file uploads fail because of the behavior documented in bug 12355. The workaround for that is to set SSLVerifyClient require (or optional) as the default, so now the conf looks like this SSLCACertificateFile /etc/pki/CA/certs/redacted-ca.crt SSLOptions +ExportCertData +StdEnvVars SSLVerifyClient optional SSLVerifyDepth 1 <LocationMatch "/(bar-one|bar-two|bar-three)"> SSLVerifyClient none </LocationMatch> That fixes the upload problem, but the SSLVerifyClient none doesn't work for bar-one, bar-two, etc. Those directories are still prompted to present a certificate. Additionally, I also need the root URL to accessible without the user being prompted for a certificate. I'm afraid that will cancel out the workaround, though.

    Read the article

  • What rights does an employer have to the employee's computer?

    - by Terrence Brannon
    What access rights should an employee grant an employer for a work computer? For instance, let's assume that the business people come to the IT lab late at night for discussions with the CIO and they use my computer for reading email and general web surfing. In a sense, this means that they are taking full or partial responsibility for any security issues that crop up that get traced back to the employee's machine. Perhaps the proper way to provide a computer to an employee is to give him full and exclusive use of it while employed. Only supervised access (such as hardware/software maintenance) should be acceptable.

    Read the article

  • HTACCESS Rewrite problem

    - by TiuTalk
    I have this folder structure: /var/www/mysite/abc/ /var/www/mysite/def/ /var/www/mysite/fgh/ /var/www/mysite/ijk/ /var/www/mysite/portal/ /var/www/mysite/wyz/ Today's my server is redirecting all requests of www.mydomain.com to www.mydomain.com/portal and that's ok... But I want to modify this behavior and keep www.mydomain.com acessing the /var/www/mysite/portal/ folder on background while www.mydomain.com/abc/ still acessing the /var/www/mysite/abc/ folder as before. That's what i've tried without sucess on my htaccess: IndexIgnore * Options +FollowSymlinks <IfModule mod_rewrite.c> RewriteEngine On #This doesn't work!!! #RewriteCond %{REQUEST_URI} !^abc #Neither this :\ #RewriteCond %{REQUEST_URI} !^/abc RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^$ /portal/index.php [L] RewriteRule . /portal/index.php [L] </IfModule> All requests keep goin to www.mydomain.com/portal/ when I use this .htaccess (with or without the commented lines)

    Read the article

  • I am trying to rewrite a few links with htaccess

    - by Thorpe Obazee
    I have a few URLs and I need them to be rewrite'd to the ones below: http://domain.net/blog/posts http://domain.net/blog/posts/index http://domain.net/blog/posts/view/uri/non-working-holiday http://domain.net/blog/posts/view/uri/we-no-longer-offer http://domain.net/blog/posts/view/uri/festivals http://domain.net/blog/posts/view/uri/christmas-is-just-around-the-corner http://domain.net/posts/ http://domain.net/posts/index http://domain.net/posts/view/uri/non-working-holiday http://domain.net/posts/view/uri/we-no-longer-offer http://domain.net/posts/view/uri/festivals http://domain.net/posts/view/uri/christmas-is-just-around-the-corner I was hoping that my .htaccess will fix this but it doesn't: Options +FollowSymLinks IndexIgnore */* RewriteEngine on RewriteRule ^blog\/(.*)$ posts\/$1 [NC] # if a directory or a file exists, use it directly RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d # otherwise forward it to index.php RewriteRule . index.php

    Read the article

  • Apache: Assign SSL server / client certs to directories

    - by Daniel Amaya
    I have multiple directories on my system, e.g., /var/www/dir1 /var/www/dir2 /var/www/dir3 And what I'd like to do is to generate a server/client SSL certificate for each directory, and then set up each directory such that the client cert must match the server cert in order to access said directory. Now, if someone has the client cert for /var/www/dir2 and they try to access /var/www/dir1, they will be unable to do so since those directories use different certs. Each of these directories is hosted on the same domain (i.e., domain.com/dir1, domain.com/dir2). Now, the problem I am having is that I am not exactly sure how to accomplish this in Apache. (Also, I don't really care for domain.com to require SSL, but I do want the directories to require it.)

    Read the article

  • RewriteRule in htaccess in subdirectory

    - by Jay
    Windows server, running Apache. In my Apache conf, I have AllowOverride None for the root of a site and then I have a subdirectory set to AllowOverride All: <Directory /> AllowOverride None </Directory> <Directory "/safe/"> AllowOverride All </Directory> However, when I try to set up a rewrite rule in the subdirectory's htaccess file, nothing happens, I just get a 404 page not found error. Example: RewriteEngine On RewriteRule (.*) /blah?test=$1 [R=302,NC,NE,L] Rwewriting URLs are working fine from the root via the Apache conf. I don't understand why the rule is ignored. I don't want to do the URL re-writing within the conf because for this case I may need to be changing the redirects constantly and don't want to reload the server every time a change is made. I also don't want to affect server performance by enabling htaccess files site-wide, just in the subdirectory I need it.

    Read the article

  • mod_rewrite issue | Request exceeded the limit of 10 internal redirects

    - by Chris Anarko Meow
    ok what Im doing normally works but since my rule "includes" itself is giving me issues and can't find a solution after hours working on different options. I have a .htaccess with: RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} !^/3.15.0/(.*) RewriteRule ^(.*)$ /3.15.0/$1 [L] this is for my software versions, I have a program that can request sometimes versions that are updated and in the server may be behind a couple version so I want to be able to say that whatever is comming in forward to the latest version that in this example is 3.15.0 /var/www/nameblabla/3.15.0 my .htaccess is on /var/www/nameblabla/.htaccess so the first Condition is to ignore request that already has the right path and version.. the second should be to grab all request and forward to 3.15.0... and of course not loose the path to the files I want from inside that should be the same. so far I can only get it to redirect to such directory but will loose the path and others I get the "Request exceeded the limit of 10 internal redirects" I guess this is because Im including the 3.15.0 path Any help or another way to do this with out mod_rewrite?

    Read the article

  • Why does Windows Firewall show "Unidentified network" as one of my "Active public networks"?

    - by MousePad
    I have a machine that has wifi and ethernet. I have wifi active, and am not using ethernet. My Windows firewall shows two active networks, one is the wifi network I connect to, and the other is "Unidentified network". What is this unidentified network? I can't seem to be able to get rid of it because I can't find where it is even defined. How can you detect this and know whether this is just something appropriate or possibly a security problem? I am on Windows 7 64bit.

    Read the article

  • Redirect from folder containing website

    - by Sam
    I have a website reached from this url: http://www.mysite.com/cms/index.php being served from this directory: public_html/cms/index.php In public_html I have this .htaccess RewriteRule (.*) cms/$1 [L] Which lets me get to the site like this: http://www.mysite.com/index.php But now if I reference the 'old' address, I'd like to redirect to the rewritten address with a permanent redirect code. for example: http://www.mysite.com/cms/?q=node/1 is redirected to... http://www.mysite.com/?q=node/1 How can I make this happen? EDIT: Also in the .htaccess file supplied with Drupal(cms), this is written. I've tried enabling it, but it doesn't seem to have any effect. # Modify the RewriteBase if you are using Drupal in a subdirectory or in a # VirtualDocumentRoot and the rewrite rules are not working properly. # For example if your site is at http://example.com/drupal uncomment and # modify the following line: # RewriteBase /drupal EDIT: Including more of my .htaccess file - seems relevant. # Block access to "hidden" directories whose names begin with a period. RewriteRule "(^|/)\." - [F] #Strip cms folder from url RewriteRule (.*) cms/$1 RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !=/favicon.ico RewriteRule ^ index.php [L] # Rules to correctly serve gzip compressed CSS and JS files. # Requires both mod_rewrite and mod_headers to be enabled. <IfModule mod_headers.c> # Serve gzip compressed CSS files if they exist and the client accepts gzip. RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}\.gz -s RewriteRule ^(.*)\.css $1\.css\.gz [QSA] # Serve gzip compressed JS files if they exist and the client accepts gzip. RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}\.gz -s RewriteRule ^(.*)\.js $1\.js\.gz [QSA] # Serve correct content types, and prevent mod_deflate double gzip. RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1] RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1] <FilesMatch "(\.js\.gz|\.css\.gz)$"> # Serve correct encoding type. Header append Content-Encoding gzip # Force proxies to cache gzipped & non-gzipped css/js files separately. Header append Vary Accept-Encoding </FilesMatch>

    Read the article

  • installing mod_wsgi giving 403 error

    - by John Smiith
    installing mod_wsgi giving 403 error httpd.conf i added code below WSGIScriptAlias /wsgi "C:/xampp/www/htdocs/wsgi_app/wsgi_handler.py" <Directory "C:/xampp/www/htdocs/wsgi_app/"> AllowOverride None Options None Order deny,allow Allow from all </Directory> wsgi_handler.py status = ‘200 OK’ output = ‘Hello World!’ response_headers = [('Content-type', 'text/plain'), ('Content-Length', str(len(output)))] start_response(status, response_headers) return [output] Note: localhost is my virtual host domain and it is working fine but when i request http://localhost/wsgi/ got 403 error. <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "C:/xampp/www/htdocs/localhost" ServerName localhost ServerAlias www.localhost ErrorLog "logs/localhost-error.log" CustomLog "logs/localhost-access.log" combined </VirtualHost> Error log [Wed Jul 04 06:01:54 2012] [error] [client 127.0.0.1] File does not exist: C:/xampp/www/htdocs/localhost/favicon.ico [Wed Jul 04 06:01:54 2012] [error] [client 127.0.0.1] client denied by server configuration: C:/xampp/Bin/apache [Wed Jul 04 06:01:58 2012] [error] [client 127.0.0.1] Options ExecCGI is off in this directory: C:/xampp/www/htdocs/wsgi_app/wsgi_handler.py [Wed Jul 04 06:01:58 2012] [error] [client 127.0.0.1] client denied by server configuration: C:/xampp/Bin/apache [Wed Jul 04 06:01:58 2012] [error] [client 127.0.0.1] File does not exist: C:/xampp/www/htdocs/localhost/favicon.ico [Wed Jul 04 06:01:58 2012] [error] [client 127.0.0.1] client denied by server configuration: C:/xampp/Bin/apache Note: My apache is not in c:/xampp/bin/apache it is in c:/xampp/bin/server-apache/

    Read the article

  • Lighttpd mod_rewrite conversion from .htaccess format

    - by hoball
    Hello, I am using lighttpd as webserver and is having an issue about mod_rewrite. Currently I have a set of Apache .htaccess rewrite rules from a PHP script: RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule ^(.*)$ index.php [QSA,L] In my understanding, if the requested URI is not a file/directory/sym-link, append it to index.php eg. www.a.com/hello/world --> www.a.com/index.php/hello/world I attempted to convert to lighttpd specification: url.rewrite-if-not-file = ( "^(.*)$" = "index.php/$1" ) However, it doesn't work. I suspect that is due to misuse of $1. I tried to use $0/%0 or something else but they fail. Would you please provide me a hint on making the syntax work? Thank you!

    Read the article

  • Avoid Apache's mod_status being exposed by Varnish

    - by Peteris Caune
    An Ubuntu 9.04 box running Apache on 8080 and Varnish on 80. Recently set up Munin and was wondering why Apache graphs are empty. Saw from the logs that Munin is accessing /server-status?auto and getting 403 Forbidden back. So I edited /etc/apache2/monds-enabled/status.conf to allow access from 127.0.0.1. But doing this actually made /server-status public, since requests coming through Varnish appear to come from 127.0.0.1 too. So the question is, how do I configure mod_status to be accessible only by munin-node and not by Varnish?

    Read the article

  • how to rewrite '%25' in url

    - by nn4l
    My website software replaces space characters with '+' characters in the URL, A proper link would look like 'http://www.schirmacher.de/display/INFO/How+to+reattach+a+disk+to+XenServer' for example. Some websites link to that article but somehow their embedded editor can't handle the encoding, so what I see in the httpd log files is actually GET /display/INFO/How%2525252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer which of course leads to a 404 error. It seems that the '+' character is encoded as '%2b' and then the '%' character is encoded as '%25' - several times. Since there are many such references to different pages from different websites, I would like to rewrite the url so that the visitors get the correct page. Here's my attempt which does not work: RewriteRule ^(.*)%25(.*)$ $1%$2 [R=301] What it is supposed to do is: take everything before the %25 string and everything after it, concat those strings with a '%' in between, then redirect. With the example input URL the rule should rewrite to /display/INFO/How%25252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer followed by a redirect, then it should rewrite to /display/INFO/How%252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer and again to /display/INFO/How%2bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer and so on. Finally, after a lot of redirects I should have left /display/INFO/How%2bto%2breattach%2ba%2bdisk%2bto%2bXenServer which is a valid url equivalent to /display/INFO/How+to+reattach+a+disk+to+XenServer. My problem is that the expression does not match at all, so it does not even replace a single occurrence of %25. I understand that there is a limit in the number of redirects and I should really use the [N] flag however I don't even get the first step right.

    Read the article

< Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >