Home > Back-end >  .htaccess load different web app depending on route under HTTPS
.htaccess load different web app depending on route under HTTPS

Time:03-10

I'm working on a project made by a software engineer and by a team of non-technical people who know how to use Wordpress. That means that part of the platform is handmade, but still need to have Wordpress contents to be handled by non-software engineers. My idea is to have two folders in my webserver root, one called /app/ containing the handmade code, and one called /wp/. So when the GitHub pipeline release new code into /app/ is sure not to touch stuff in /wp/ containing Wordpress. I have achieved forcing the HTTPS with the following code:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

It works like a charm, users are successfully redirected if they use HTTP. Now the problem is, I want to "reserve" the routes used by the handmade platform for myself, and in case the user is not calling any of those routes, then I pass the ball to Wordpress. I want it to appear as it is a single website, so I don't want the user to load the /app/appRoute or the /wp/wpRoute, I'd like to always load /route1, /route2, without specifying the subfolder into the URL. The handmade platform should have priority, and it uses around 13 main routes (and some of them have subroutes), so I can hardcode them into the .htaccess file I guess. If the user is trying to load any of those routes, then I want to load the content into /app/route, if not, I'd load /wp/route. Of course Wordpress has its own .htaccess file, and the platform has its own, which is:

RewriteEngine on
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

I'm very bad at working on .htaccess files and been searching around, it looks like I can't find the solution for my scenario. Should I have a single .htaccess file in the webserver root deleting the Wordpress one? Should I have two .htaccess, write the 13 routes first, and then eventually redirect to the WP .htaccess (is it even possible?)? Do I risk to make the user face a "Too many redirects" error?

This hybrid solution confuses me a lot. Does anyone who has been in the same situation has suggestions? Thank you in advance.

CodePudding user response:

Given the following requirements:

  • /app subdirectory contains the "handmade code"
  • /wp subdirectory contains the WordPress site.
  • Neither /app or /wp should appear in the visible URL.

Should I have a single .htaccess file in the webserver root deleting the Wordpress one?

You could, but I wouldn't. Keep the WordPress .htaccess file in the /wp subdirectory. Everything WordPress is in the /wp subdirectory.

I would use 3 .htaccess files:

  • One in the document root. This manages the routing to either the "handmade code" in /app or /wp (WordPress). This should also manage the canonical redirects (ie. HTTP to HTTPS and www vs non-www)

  • One in the /app subdirectory that manages the routing within your "handmade code".

  • One in the /wp subdirectory that manages the routing within WordPress.

This allows you to keep the "handmade code" and WordPress entirely separate (in terms of development).

Your 3 .htaccess files would then look like this:

/.htaccess

# /.htaccess

RewriteEngine On

# HTTP to HTTPS redirect
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Rewrite specific URLs to "/app" (handmade code)
RewriteRule ^app-route-1$ app/$0 [L]
RewriteRule ^app-route-2$ app/$0 [L]
etc.

# Rewrite everything else to WordPress
RewriteRule (.*) wp/$1 [L]

The "specific rewrites to /app" can be combined if there is a pattern. See below regarding static assets.

/app/.htaccess

# /app/.htaccess

RewriteEngine On

# Redirect any direct requests to "/app" back to the root
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule (.*) /$1 [R=301,L]

# Front-controller
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]

/wp/.htaccess

# /wp/.htaccess

# Redirect any direct requests to "/wp" back to the root
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule (.*) /$1 [R=301,L]

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
# END WordPress

Note the RewriteBase directives and slash prefix on the substitution strings are specifically excluded, to avoid having to specify /app or /wp in the .htaccess file itself. (Although this might mess with WordPress, that likes to (unnecessarily) use RewriteBase and will try to overwrite the WP code block.)

You do not need to repeat the RewriteEngine directive, that already occurs later in the WP code block.

I don't know how you want to handle your static assets/resources (CSS, JS, images, etc.)? Currently, the above assumes that you will link directly to the assets within /app, ie. By including the /app path segment in the asset link. eg. <image src="/app/assets/images/myimage.png">. With WordPress you could link directly (ie. include /wp prefix) or omit /wp, since everything else is rewritten to /wp anyway.

Ideally, it would probably be preferable to omit both /app and /wp from your asset links, since you don't want to unnecessarily expose these to your users and it would otherwise make the sites dependent on these parent directories.

If your "handmade code" uses /assets for all the assets then you can rewrite these in the parent .htaccess file in the root, before your custom route rewrites:

# Rewrite "/app" assets
RewriteRule ^(assets)(?:/(.*)|$) app/$1/$2 [L]

This allows your "handmade code" to refer to assets using root-relative URLs, as if the app was installed in the document root.

  • Related