Fixed new authentication redirector messing up other redirection systems that were in place.

5 years ago · e814a4f5f1
parent 32587d062d
commit e814a4f5f1
1 changed files with 9 additions and 11 deletions
--- a/.htaccess
+++ b/.htaccess
@ -9,24 +9,22 @@ RewriteEngine On
 RewriteCond %{HTTPS} off
 RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

-# HTTPS for authentication pages
-SSLOptions +StrictRequire
-SSLRequireSSL
-SSLRequire %{HTTP_HOST} eq "%{HTTP_HOST}%{REQUEST_URI}"
-ErrorDocument 403 https://%{HTTP_HOST}%{REQUEST_URI}
-
 # Hackerbots Prevention
 RewriteEngine on
 RewriteCond %{HTTP_USER_AGENT} ^ZmEu [OR]
 RewriteCond %{HTTP_USER_AGENT} (.*)Msqq(.*)
 RewriteRule .* http://www.urbandictionary.com/define.php?term=fuck+you [R=301,L]

-# Prevent public access to the logs
+# Prevent public access to the logs, requires login through HTTPS
 <FilesMatch "(logs.php|uploads.log)$">
-AuthType Basic
-AuthName "Restricted Area"
-AuthUserFile /var/www/passes/imeji/.htpasswd
-Require valid-user
+    SSLOptions +StrictRequire
+    SSLRequireSSL
+    SSLRequire %{HTTP_HOST} eq "%{HTTP_HOST}%{REQUEST_URI}"
+    ErrorDocument 403 https://%{HTTP_HOST}%{REQUEST_URI}
+    AuthType Basic
+    AuthName "Restricted Area"
+    AuthUserFile /var/www/passes/imeji/.htpasswd
+    Require valid-user
 </FilesMatch>

 # Allow linking asset elemets across subdomains