Mod_Rewrite Forums

[BigBen]

I am currently hosting a site using XAMPP on a Windows machine. Here is my problem:

Site is hosted at
http://www.xxxxx.com

URL for site needs to be changed, (not redirected), to a subdirectory on a different domain that is already hosting a site.
http://www.yyyyy.com/subdirectory

When somebody visits http://www.xxxxx.com the url needs to read http://www.yyyyy.com/subdirectory instead of http://www.xxxxx.com.

I have been making changes to my site's .htaccess file and the closest I can get to accomplishing my goal is redirecting the site to the new address. Using the example URL's above, here is the code I have used to accomplish that:

Code: Select all

RewriteCond %{HTTP_HOST} ^(.*)xxxxx [NC]
RewriteRule ^(.*)$ http://www.yyyyy.com/subdirectory/$1 [R=301,L]

Is what I am trying to do even possible to do? Changing the URL so it reads something else?

I would greatly appreciate any help on this.

Thanks!

[richardk]

I'm confused, which URL should be in the address bar of the browser?

Are the two domains on different servers?

[BigBen]

Wow that was a fast response!

The site is being hosted at http://www.divisionname.com but the URL in the address bar should read http://www.corporatename.com/divisionname.

Server 1 (This is where the site is hosted)
http://www.divisionname.com

Server 2 (This domain contains a different website in the main directory)
http://www.corporatename.com/divisionname

Basically what happened in real life is I created a division website for a division in the corporation I work for. The IT team at our corporate headquarters said we could host the website on our own domain. --> http://www.divisionname.com

Of course, once the site is published, they change their mind and say, "Hey we want your site to be accessed through a subdirectory of our corporate website! You can't have your own domain name!" So they create a subdirectory on their website that redirects to our website. --> http://www.corporatename.com/divisionname.

So now when you visit the subdirectory http://www.corporatename.com/divisionname you are redirected to the division website that I created at http://www.divisionname.com.

When you are redirected to my website, the URL reads http://www.domainname.com. The Corporate IT team doesn't want this. They want the URL to read http://www.corporatename.com/divisionname.

Sorry for making things confusing. Haha

But thanks for the help!

[BigBen]

I believe what I am trying to do is impossible. Wouldn't this be a major vulnerability that hackers would fully exploit? If this were possible, what would stop somebody from changing their URL to replicate a Bank of America login page in order to steal user names and passwords?

I've seen a lot of fishing schemes and have never seen one where somebody has been able to change their URL to the site they are trying to exploit.

[richardk]

They want the URL to read corporatename.com/divisionname.

That's all you needed to say.

I believe what I am trying to do is impossible.

It is possible. You can proxy the requests from corporatename.com/divisionname to divisionname.com. This would require configuration of the corporatename.com server and could be done with mod_proxy only or mod_rewrite and mod_proxy.

With mod_proxy, in the appropriate configuration file (not a .htaccess file)

Code: Select all

ProxyRequests Off

<Proxy *>
Order deny,allow
Allow from all
</Proxy>

ProxyPass /divisionname http://divisionname.com
ProxyPassReverse /divisionname http://divisionname.com

With mod_rewrite and mod_proxy, in a .htaccess file in /divisionname

Code: Select all

Options +FollowSymLinks

RewriteEngine On

RewriteRule ^(.*)$ http://www.divisionname.com/$1 [P,L]

Note: Proxying uses both servers transfer and bandwidth. (The request goes user -> corporatename.com/divisionname -> divisionname.com -> corporatename.com/divisionname -> divisionname.com -> user.) It will also slow down the requests (you might not notice).

Wouldn't this be a major vulnerability that hackers would fully exploit? If this were possible, what would stop somebody from changing their URL to replicate a Bank of America login page in order to steal user names and passwords?

You control both servers. The attacker cannot get the banks domain in the address bar.