de
deborahjuly
#1
OrangeHRM comes with the following .htaccess files. Any insights on how to get this website working are appreciated. I am using CyberPanel Version 1.6 and OrangeHRM v4.1.
- ./upgrader/web/.htaccess
- ./upgrader/web/images/.htaccess
- ./symfony/lib/vendor/symfony/lib/task/generator/skeleton/project/web/.htaccess
- ./symfony/lib/vendor/codeception/codeception/tests/data/app/.htaccess
- ./symfony/web/.htaccess
- ./.htaccess
- ./lib/confs/cryptokeys/.htaccess
- ./installer/images/.htaccess
Orginal ./upgrader/web/.htaccess
`Options +FollowSymLinks +ExecCGI
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
#RewriteBase /
# we skip all files with .something
#RewriteCond %{REQUEST_URI} \\..+$
#RewriteCond %{REQUEST_URI} !\\.html$
#RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ index.php [QSA,L]
`
```
Static Context
`context /upgrader/web/ {
location $DOC_ROOT/upgrader/web
allowBrowse 1
rewrite {
enable 1
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
}
addDefaultCharset off
}`
```
Orgainal ./upgrader/web/images/.htacces `
order allow,deny
deny from all
`
```
Static Context
`context /upgrader/web/images/dummy.jpg {
location $DOC_ROOT/upgrader/web/images
allowBrowse 0
addDefaultCharset off
}`
```
Orgainal ./symfony/lib/vendor/symfony/lib/task/generator/skeleton/project/web/.htaccess
`Options +FollowSymLinks +ExecCGI
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
#RewriteBase /
# we skip all files with .something
#RewriteCond %{REQUEST_URI} \\..+$
#RewriteCond %{REQUEST_URI} !\\.html$
#RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ index.php [QSA,L]
`
```
Static Context
`context /symfony/lib/vendor/symfony/lib/task/generator/skeleton/project/web/ {
location $DOC_ROOT/symfony/lib/vendor/symfony/lib/task/generator/skeleton/project/web/
allowBrowse 1
rewrite {
enable 1
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
}
addDefaultCharset off
} `
```
Orginal ./symfony/lib/vendor/codeception/codeception/tests/data/app/.htaccess
`RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php `
```
Static Context
`context /symfony/lib/vendor/codeception/codeception/tests/data/app/ {
location $DOC_ROOT/symfony/lib/vendor/codeception/codeception/tests/data/app/
allowBrowse 1
rewrite {
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php
}
addDefaultCharset off
}`
```
Orginal ./symfony/web/.htaccess
`#Options +FollowSymLinks +ExecCGI
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
#RewriteBase /
# we skip all files with .something
#RewriteCond %{REQUEST_URI} \\..+$
#RewriteCond %{REQUEST_URI} !\\.html$
#RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ index.php [QSA,L]
# security
Header set X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"
`
```
Static Context
`context /symfony/web/ {
location $DOC_ROOT/symfony/web/
allowBrowse 1
extraHeaders <<<END_extraHeaders
X-Content-Type-Options: nosniff
X-XSS-Protection: 1, mode=block
END_extraHeaders
rewrite {
enable 1
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
}
addDefaultCharset off
}`
```
Orginal ./.htaccess `IndexIgnore *
order allow,deny
deny from all
order allow,deny
deny from all
order allow,deny
deny from all
order allow,deny
deny from all
`
```
Static Context (need two)
`context / {
location $DOC_ROOT
allowBrowse 1
autoIndex 0
addDefaultCharset off
}`
```
`context exp: ^/(log.txt|*.log|log*.txt|*.yml) {
location $DOC_ROOT
allowBrowse 0
rewrite {
}
addDefaultCharset off
}`
```
Orginal ./lib/confs/cryptokeys/.htaccess
`
Order allow,deny
Deny from all
`
```
Static Context
` context /lib/confs/cryptokeys/key.ohrm {
location $DOC_ROOT/lib/confs/cryptokeys
allowBrowse 0
addDefaultCharset off
} `
```
Orginal ./installer/images/.htaccess
`
order allow,deny
deny from all
`
```
Static Context
`context /installer/images/dummy.jpg {
location $DOC_ROOT/installer/images
allowBrowse 0
addDefaultCharset off
}`
```