htaccess 在子目录中的 Wordpress 中返回 404（桌面可以，移动 404）答案

【问题标题】：htaccess returns 404 at Wordpress in subdirectory (desktop ok, mobile 404)htaccess 在子目录中的 Wordpress 中返回 404（桌面可以，移动 404）
【发布时间】：2020-06-15 09:50:37
【问题描述】：

我有一个用 WordPress 制作的网站，安装在一个子目录中（我们称之为“wp_dir”）。我已按照https://wordpress.org/support/article/giving-wordpress-its-own-directory/ 中的说明进行操作，具体如下：

更改根 htaccess 文件
更改根 index.php 文件
更改 wp_dir htaccess 文件

它在桌面上运行良好，但在移动设备上却不行。在桌面上，该站点呈现良好：当您键入“example.com”时，它可以很好地呈现 wordpress 站点，来自安装在 wp_dir 文件夹中的 wordpress，带有 SSL 和一切。所有菜单链接都运行良好。

相反，在移动设备中，当您键入“example.com”时，URL 会更改为“example.com/wp_dir”，使用 SSL，并且会显示菜单链接，但会显示 404 错误。链接有效。

我认为问题与 SSL 有关。我还尝试删除 [L] 指令，以允许指令继续执行，但无济于事。有些东西不正常，或者顺序不正确，但我找不到什么。

htaccess 文件中包含许多不同的指令（SSL、非 www 重定向、管理应用程序的其他子目录的权限、阻止漏洞利用等）。该站点以前是在 Joomla 中构建的。显然我做错了什么，但我不知道那是什么。

当您在台式计算机而不是手机中访问它时，它如何能很好地工作？

这是根目录中的当前htaccess（没有乱七八糟）：

# SSL rewrite
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NE]

RewriteBase /
RewriteEngine On

# non-www 
RewriteBase /
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
RewriteCond %{HTTPS} OFF
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
RewriteCond %{HTTPS} ON
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteCond %{REQUEST_URI} !^/wp_dir/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /wp_dir/$1
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ wp_dir/index.php [L] 
</IfModule>

这里是 Wordpress 子目录（“wp_dir”）中的 htaccess：

# Force SSL
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}  [L,R=301,NE] 

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

如果查看完整的 htacess 文件（带有混乱）很有用，这里是：

# SSL rewrite
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NE]

#RewriteEngine On
#RewriteCond %{HTTPS} off
#RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

RewriteBase /
RewriteEngine On

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.

## Allow access to 'gui' zone
RewriteRule ^(gui)($|/) - [L]
RewriteRule ^(gui/services)($|/) - [L]
RewriteRule ^(gui/services/api.php)($|/) - [L]
RewriteRule ^(gui/services/.*)($|/) - [L]
RewriteRule ^(gui/services/customers)($|/) - [L]
RewriteRule ^(gui/.*)($|/) - [L]
RewriteCond %{REQUEST_URI} ^/(gui|gui/.*)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/services|gui/services/.*)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/index.php|gui/index.php*/.*)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/services/customers|gui/services/customers/.*)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/services/customers)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/services)$
RewriteRule ^.*$ - [L]
RewriteCond %{REQUEST_URI} ^/(gui/services/.*)$
RewriteRule ^.*$ - [L]
## End access to 'gui' zone

## Allow access to dir_zone2
RewriteCond %{REQUEST_URI} ^/(dir_zone2/|dir_zone2/.*)$
RewriteRule ^.*$ - [L]


# RewriteCond %{REQUEST_URI} !^/(gui|gui/.*)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

## Joomla SEF Section
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for something within the component folder,
# or for the site root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* wp_dir/index.php [L]
#
## End - Joomla! core SEF Section.

RewriteCond %{HTTP_REFERER} !^(http|https)://example.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^(http|https)://example.com$      [NC]
RewriteCond %{HTTP_REFERER} !^(http|https)://www.example.com/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^(http|https)://www.example.com$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

# non-www
RewriteBase /
#RewriteCond %{REQUEST_URI} !^/(robots\.txt|favicon\.ico|sitemap\.xml)$
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
# 2017-03-06
RewriteCond %{HTTPS} OFF
RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]

#RewriteCond %{REQUEST_URI} !^/(robots\.txt|favicon\.ico|sitemap\.xml)$
RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
# 2017-03-06
RewriteCond %{HTTPS} ON
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]


# Wordpress
#RewriteCond %{REQUEST_URI} ^/(wp_dir/|wp_dir/.*)$
#RewriteRule ^.*$ - [L]

#RewriteCond %{HTTP_HOST} ^(www.)?example.com$
#RewriteRule ^(/)?$ wp_dir[L]


<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteCond %{REQUEST_URI} !^/wp_dir/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /wp_dir/$1
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ wp_dir/index.php [L] 
</IfModule>

编辑：添加标题

这些是使用两种不同浏览器获得的标头。

在 Firefox 中，我得到 301，并且 url 保持在“http://www.example.com”。

响应标头：

HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Thu, 05 Mar 2020 17:31:13 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 335
Connection: keep-alive
X-Sucuri-ID: 15020
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Sucuri-Cache: HIT

请求标头：

Host: www.example.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

这些是 Chrome 中的标头，我在其中得到 404 和 url “https://www.example.com/wp_dir/”：

一般：

Request URL: https://www.example.com/wp_dir/
Request Method: GET
Status Code: 404 
Remote Address: 192.124.249.120:443
Referrer Policy: no-referrer-when-downgrade

响应标头：

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 14112
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Thu, 05 Mar 2020 17:27:18 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.example.com/wp-json/>; rel="https://api.w.org/"
server: nginx
status: 404
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: EXPIRED
x-sucuri-id: 15020
x-xss-protection: 1; mode=block

请求标头：

:authority: www.example.com
:method: GET
:path: /wp_dir/
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: es-ES,es;q=0.9,ca;q=0.8,en;q=0.7,fr;q=0.6,ro;q=0.5,gl;q=0.4
cookie: pll_language=es; wp-settings-1=editor%3Dtinymce%26edit_element_vcUIPanelWidth%3D1379%26edit_element_vcUIPanelLeft%3D0px%26edit_element_vcUIPanelTop%3D74px%26libraryContent%3Dbrowse; wp-settings-time-1=1580451182; wordpress_test_cookie=WP+Cookie+check; _ga=GA1.2.2063032164.1566356615; __utma=98619150.2063032164.1566356615.1566523591.1566602595.2; d50c875bad7fd1a5e131e638c3965ba3=es-ES; pll_language=es; wordpress_test_cookie=WP+Cookie+check
sec-fetch-mode: navigate
sec-fetch-site: none
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36

【问题讨论】：

如果它在桌面上正常工作，我会想到移动浏览器上的缓存问题。你试过不同的设备吗？
你可能是对的。在移动设备的其他设备或浏览器中，它不会更改 url（保持为“example.com”），并显示 301（“永久移动”）。如果我随后编辑 url，我可以看到它仍然是 example.com。如果我然后输入https，那么它就可以了。这是什么意思？
我猜可能强制重定向到https 无法正常工作。
谢谢@awran5，我已经添加了浏览器响应的标题，以防有人可以帮助我了解他们以了解如何修复它。
嘿伙计，你确定你的网络服务器是 apache 吗？标头响应显示其nginx 因此htaccess 设置将不起作用。另外，这可能与Sucuri 防火墙或ssl 配置不正确有关？。

标签： php wordpress apache .htaccess redirect

【解决方案1】：

我认为您在子目录中的重写可能有问题。首先，我假设您想保留相同的链接。如果我们查看链接的教程，则只需要 root 目录中的一个 .htaccess。

因为如果在站点上的任何地方发出请求，并且如果它不是直接文件或目录，根 htaccess 文件会将其重定向到子文件夹。

现在，您的第二个子文件夹 .htaccess 文件实际上指向根目录。如果你想在子文件夹中有一个 .htaccess 重定向，你应该将重写基础和子文件夹添加到重定向中。

# Force SSL
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI}  [L,R=301,NE] 

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /wp_dir/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wp_dir/index.php [L]
</IfModule>
# END WordPress

如果您查看此Hostinger tutorial，则表明您不应使用 RewriteEngine On 条件两次。还有this is a nice explanation of这个“问题”。

但是，如果您多次使用 RewriteEngine 或 RewriteBase，最后一个条目将获胜并在整个 .htaccess 文件中使用。

现在我不明白您是直接访问https://example.com/wp_dir/ 还是被重定向到那里？如果是直接访问，我认为 .htaccess 是错误的，正如我所指出的那样。

也可能是手机缓存。

编辑：并且还要修改第一个 .htaccess 文件。我认为一个 https 重写规则是多余的，另一个是不正确的。

# SSL rewrite
RewriteEngine On
# RewriteCond %{SERVER_PORT} 80
# I think this shouldn't matter but lets use the same method for consistency
RewriteCond %{HTTPS} Off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NE]

RewriteBase /
# RewriteEngine is already On
# RewriteEngine On

# non-www 
# RewriteBase /
# RewriteBase is already defined
# if we want to redirect to https lets specify that
#RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
#RewriteCond %{HTTPS} OFF
# RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]
#RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
# But I think the very first directive should take care of this

# If we're using https why redirect to it?
# Or am I missing something?
#RewriteCond %{HTTP_HOST} !^example\.com$ [NC]
#RewriteCond %{HTTPS} ON
#RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteCond %{REQUEST_URI} !^/wp_dir/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /wp_dir/$1
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ wp_dir/index.php [L] 
</IfModule>

按我说的归档

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} Off
  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,NE]

  RewriteCond %{HTTP_HOST} ^(www.)?example.com$
  RewriteCond %{REQUEST_URI} !^/wp_dir/
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)$ /wp_dir/$1
  RewriteCond %{HTTP_HOST} ^(www.)?example.com$
  RewriteRule ^(/)?$ wp_dir/index.php [L] 
</IfModule>

我可能错了。

【讨论】：

您的建议已经奏效。我已经评论了非 www 和第二个 SSL 重定向，你发现这是错误的，现在它可以正常工作了。非常感谢@Sar Putnik
很高兴我能帮上忙