WordPress is the Content Manangement System (CMS) used to produce this site but shoehorning it to produce a complete site can cause unforseen problems. For example, my Permalink structure was denying me access to my awstats folder!
Why? – this is because I’m publishing the site using WordPress 1.5 and it’s mod_rewrite (created by the permalink’s structure) incorrectly assumes that the Awstats folder is part of the WordPress site (because the Rewritebase is set to /) and when it can’t find Awstats within WordPress, I get dropped into a 404 page.
I tried accessing the folder using the ip address instead of the domain but couldn’t get in – my ISP subsequently told me this wouldn’t work – that I need to come in under my domain for awstats to function.
To sort this out, I inserted the following code above the code WordPress inserted in my .htaccess:
RewriteCond %{REQUEST_URI} ^/awstats/
RewriteRule .* - [L]
Hat tip to Niall for helping out with this.
I just want to say THANK YOU for your awesome help with .htaccess.
This is the BEST and easiest solution I’ve found in dealing with the scourge of SPAM our domain has been hit with. We have 16 blogs and after implementing this on my domain, I finally feel secure in upgrading all of them to 1.5 SANS captcha!
Thank you!
Delighted the .htaccess anti-comment-spam advice has been of use Mark,
Tom
Hey Tom, I’ve been into this issue for a couple of days now, and the suggestion you have here has also been posted on the WP support site (might have even been you? lol). At any rate, No Go for me on this one 🙁 If you get a free minute and want to delve deeper into the situation, please let me know, I’d sure appreciate the help! Here’s the basics:
domain.com => root wp install
domain.com/awstats => requires http auth, but was broken by WP Permalinks. I’ve tried every variation of the
RewriteCond %{REQUEST_URI} ^/awstats/
RewriteRule .* – [L]
code as I could come up, to no avail 🙁 What i’m wondering now is if there’s something in the apache conf that’s conflicting even further… Again, if you have a free moment and want to take a look, say the word 🙂
Thanks for a great service to website security!
Scott
Howdy Tom,
I have been having this same problem with my blog. I however am on wordpress 2 platform.
I also have tried to add the code you provided and still no go on my site.
I have been searching high and low for a fix for this for about 2 weeks now. I have to put up a dummy .htaccess to view my stats. Not a good solution at all.
Any way thanks for your solution if I find one for mine I will come and put in another comment for your readers.
Sincerely,
Glen Barnhardt
Hi,
This is what I have in my .htaccess and I still get the same 404 page, is there anything else that could be wrong?
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/awstats/
RewriteRule .* – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
I think in any mod_rewrite based ‘smart url’ cms should be used following approach: if directory or file exists – use it. Otherwise – call appropricate php/perl handler.
something like this:
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^(.+)$ $1 [L]
RewriteCond %{REQUEST_FILENAME}/index.html -f
RewriteRule ^(.+)$ $1/index.html [L]
It is almost you wrote but in more common form.