Modx is installed at the root of my site...
/domains/sitename/html/
Do I have to point to the MODx "manager" folder?
As for the .htaccess file, I have removed it from my site until I can square this away.
Below, I’m posting the actual content of the file I used, most of it was commented out prior to use:
# MODx supports Friendly URLs via this .htaccess file. You must serve web
# pages via Apache with mod_rewrite to use this functionality, and you must
# change the file name from ht.access to .htaccess.
#
# Make sure RewriteBase points to the directory where you installed MODx.
# E.g., "/modx" if your installation is in a "modx" subdirectory.
#
# You may choose to make your URLs non-case-sensitive by adding a NC directive
# to your rule: RewriteRule ^(.*)$ index.php?q=$1 [L,QSA,NC]
RewriteEngine On
RewriteBase /domains/sitename/html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA,NC]
#=============================================================================#
# REGISTER_GLOBALS
#=============================================================================#
# If your server is not already configured as such, the following directive
# should be uncommented in order to set PHP's register_globals option to OFF.
# This closes a major security hole that is abused by most XSS (cross-site
# scripting) attacks. For more information: http://php.net/register_globals
#
# To verify that this option has been set to OFF, open the Manager and choose
# Reports -> System Info and then click the phpinfo() link. Do a Find on Page
# for "register_globals". The Local Value should be OFF. If the Master Value
# is OFF then you do not need this directive here.
#
# IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS :
#
# Your server does not allow PHP directives to be set via .htaccess. In that
# case you must make this change in your php.ini file instead. If you are
# using a commercial web host, contact the administrators for assistance in
# doing this. Not all servers allow local php.ini files, and they should
# include all PHP configurations (not just this one), or you will effectively
# reset everything to PHP defaults. Consult www.php.net for more detailed
# information about setting PHP directives.
php_flag register_globals Off
### Section 1: Main Settings and Options
#
# Options: ALL,ExecCGI,FollowSymLinks,Includes,IncludesNOEXEC,Indexes
# MultiViews, SymLinksIfOwnerMatch.
#
# Main Defaults.
#
Options +ExecCGI -Indexes
DirectoryIndex index.html index.htm index.php
DefaultLanguage en-US
AddDefaultCharset UTF-8
ServerSignature Off
### ENVIRONMENT VARIABLES ###
#SetEnv PHPRC /webroot/includes
#SetEnv TZ America/Indianapolis
#SetEnv SERVER_ADMIN [email protected]
### MIME TYPES ###
AddType video/x-flv .flv
AddType application/x-shockwave-flash .swf
AddType image/x-icon .ico
# Make sure .htc files are served with the proper MIME type, which is critical # for XP SP2. Un-comment if your host allows htaccess MIME type overrides.
AddType text/x-component .htc
### FORCE FILE TO DOWNLOAD INSTEAD OF APPEAR IN BROWSER ###
#-> http://www.htaccesselite.com/htaccess/addtype-addhandler-action-vf6.html
#AddType application/octet-stream .mov .mp3 .zip
### ERRORDOCUMENTS ###
ErrorDocument 404 "404 error"
ErrorDocument 400 "400 error"
ErrorDocument 401 "401 error"
ErrorDocument 403 "403 error"
ErrorDocument 405 "405 error"
ErrorDocument 406 "406 error"
ErrorDocument 409 "409 error"
ErrorDocument 413 "413 error"
ErrorDocument 414 "414 error"
ErrorDocument 500 "500 error"
ErrorDocument 501 "501 error"
#=============================================================================#
# SCRIPTING, ACTION, ADDHANDLER
#=============================================================================#
# Handlers be builtin, included in a module, or added with Action directive
# default-handler: default, handles static content (core)
# send-as-is: Send file with HTTP headers (mod_asis)
# cgi-script: treat file as CGI script (mod_cgi)
# imap-file: Parse as an imagemap rule file (mod_imap)
# server-info: Get server config info (mod_info)
# server-status: Get server status report (mod_status)
# type-map: type map file for content negotiation (mod_negotiation)
# fastcgi-script: treat file as fastcgi script (mod_fastcgi)
###########
### PARSE AS CGI ###
#AddHandler cgi-script .cgi .pl .spl
### RUN PHP AS APACHE MODULE ###
#AddHandler application/x-httpd-php .php .htm
### RUN PHP AS CGI ###
#AddHandler php-cgi .php .htm
### CGI PHP WRAPPER FOR CUSTOM PHP.INI ###
#AddHandler phpini-cgi .php .htm
#Action phpini-cgi /cgi-bin/php5-custom-ini.cgi
### FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI ###
#AddHandler fastcgi-script .fcgi
#AddHandler php-cgi .php .htm
#Action php-cgi /cgi-bin/php5-wrapper.fcgi
### CUSTOM PHP CGI BINARY SETUP ###
#AddHandler php-cgi .php .htm
#Action php-cgi /cgi-bin/php.cgi
### PROCESS SPECIFIC FILETYPES WITH CGI-SCRIPT ###
#Action image/gif /cgi-bin/img-create.cgi
### CREATE CUSTOM HANDLER FOR SPECIFIC FILE EXTENSIONS ###
#AddHandler custom-processor .ssp
#Action custom-processor /cgi-bin/myprocessor.cgi
#=============================================================================#
# HEADERS, CACHING AND OPTIMIZATION
#=============================================================================#
#-> http://www.htaccesselite.com/htaccess/cache-control-http-headers-vt65.html
# 300 5 M
# 2700 45 M
# 3600 1 H
# 54000 15 H
# 86400 1 D
# 518400 6 D
# 604800 1 W
# 1814400 3 W
# 2419200 1 M
# 26611200 11 M
# 29030400 1 Y (never expire)
###########
#### HEADER CACHING ####
#-> http://www.htaccesselite.com/htaccess/caching-using-header-vt2.html
#<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico)$">
# Header set Cache-Control "max-age=2592000"
#</FilesMatch>
#<FilesMatch "\.(js|css|pdf|swf)$">
# Header set Cache-Control "max-age=604800"
#</FilesMatch>
#<FilesMatch "\.(html|htm|txt)$">
# Header set Cache-Control "max-age=600"
#</FilesMatch>
#<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
# Header unset Cache-Control
#</FilesMatch>
### ALTERNATE EXPIRES CACHING ###
#-> htaccesselite.com/d/use-htaccess-to-speed-up-your-site-discussion-vt67.html
#ExpiresActive On
#ExpiresDefault A604800
#ExpiresByType image/x-icon A2592000
#ExpiresByType application/x-javascript A2592000
#ExpiresByType text/css A2592000
#ExpiresByType text/html A300
#<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
# ExpiresActive Off
#</FilesMatch>
### META HTTP-EQUIV REPLACEMENTS ###
#<FilesMatch "\.(html|htm|php)$">
# Header set imagetoolbar "no"
#</FilesMatch>
### For servers that support output compression, you should pick up a bit of
# speed but uncommenting the following lines.
#php_flag zlib.output_compression On
#php_value zlib.output_compression_level 5
### The following directives stop screen flicker in IE on CSS rollovers. If
# needed, un-comment the following rules. When they're in place, you may have
# to do a force-refresh in order to see changes in your designs.
#ExpiresActive On
#ExpiresByType image/gif A2592000
#ExpiresByType image/jpeg A2592000
#ExpiresByType image/png A2592000
#BrowserMatch "MSIE" brokenvary=1
#BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
#BrowserMatch "Opera" !brokenvary
#SetEnvIf brokenvary 1 force-no-vary
#=============================================================================#
# REWRITES AND REDIRECTS
#=============================================================================#
# REQUEST METHODS: GET,POST,PUT,DELETE,CONNECT,OPTIONS,PATCH,PROPFIND,
# PROPPATCH,MKCOL,COPY,MOVE,LOCK,UNLOCK
###########
### REWRITE DEFAULTS ###
#RewriteEngine On
#RewriteBase /
### REQUIRE SUBDOMAIN ###
#RewriteCond %{HTTP_HOST} !^$
#RewriteCond %{HTTP_HOST} !^subdomain\.domain\.tld$ [NC]
#RewriteRule ^/(.*)$ http://subdomain.domain.tld/$1 [L,R=301]
### SEO REWRITES ###
#RewriteRule ^(.*)/ve/(.*)$ $1/voluntary-employee/$2 [L,R=301]
#RewriteRule ^(.*)/hsa/(.*)$ $1/health-saving-account/$2 [L,R=301]
### WORDPRESS ###
#RewriteCond %{REQUEST_FILENAME} !-f # Existing File
#RewriteCond %{REQUEST_FILENAME} !-d # Existing Directory
#RewriteRule . /index.php [L]
### ALTERNATIVE ANTI-HOTLINKING ###
#RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC]
#RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]
### REDIRECT HOTLINKERS ###
#RewriteCond %{HTTP_REFERER} !^$
#RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC]
#RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ http://google.com [R]
### DENY REQUEST BASED ON REQUEST METHOD ###
#RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)$ [NC]
#RewriteRule ^.*$ - [F]
### REDIRECT UPLOADS ###
#RewriteCond %{REQUEST_METHOD} ^(PUT|POST)$ [NC]
#RewriteRule ^(.*)$ /cgi-bin/form-upload-processor.cgi?p=$1 [L,QSA]
### REQUIRE SSL EVEN WHEN MOD_SSL IS NOT LOADED ###
#RewriteCond %{HTTPS} !=on [NC]
#RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
#### ALTERNATATIVE TO USING ERRORDOCUMENT ###
#-> http://www.htaccesselite.com/d/htaccess-errordocument-examples-vt11.html
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule ^.*$ /error.php [L]
### SEO REDIRECTS ###
#Redirect 301 /2006/oldfile.html http://subdomain.domain.tld/newfile.html
#RedirectMatch 301 /o/(.*)$ http://subdomain.domain.tld/s/dl/$1
### SEO REDIRECTS ###
#Redirect 301 /2006/htaccess/ssl-with-htaccess-sslrequire-ssloptions.html http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html
#RedirectMatch 301 /2006/htaccess-forum/(.*) http://www.askapache.com/htaccess/$1
#Redirect 301 /htaccess/ask-questions-vf12.html http://www.askapache.com/htaccess/apache-htaccess.html
#Redirect 301 /index.html http://www.askapache.com/
#Redirect 301 /2006/wordpress/wordpress-quick-faq.html http://www.askapache.com/wordpress/delete-extra-wordpress-files-post-install.html
#RedirectMatch 301 /(.*)rfc2616(.*) http://www.w3.org/Protocols/rfc2616/rfc2616.html
#RedirectMatch 301 /phpmanual(.*) /manual/en/$1
#RedirectMatch 301 /docs/apache-2/ http://www.askapache.com/docs/2.2/
#Redirect 301 /2006/htaccess/htaccesselite-ultimate-htaccess-article.html/1/ http://www.askapache.com/htaccess/apache-htaccess.html
#=============================================================================#
# AUTHENTICATION AND SECURITY
#=============================================================================#
# http://www.htaccesselite.com/htaccess/basic-authentication-example-vt17.html
#
# Require (user|group|valid-user) (username|groupname)
###########
### BASIC PASSWORD PROTECTION ###
#AuthType basic
#AuthName "prompt"
#AuthUserFile /.htpasswd
#AuthGroupFile /dev/null
#Require valid-user
### ALLOW FROM IP OR VALID PASSWORD ###
#Require valid-user
#Allow from 192.168.1.23
#Satisfy Any
### PROTECT FILES ###
#<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
# Order Allow,Deny
# Deny from all
#</FilesMatch>
### PREVENT HOTLINKING ###
#SetEnvIfNoCase Referer "^http://subdomain.domain.tld/" good
#SetEnvIfNoCase Referer "^$" good
#<FilesMatch "\.(png|jpg|jpeg|gif|bmp|swf|flv)$">
# Order Deny,Allow
# Deny from all
# Allow from env=good
# ErrorDocument 403 http://www.google.com/intl/en_ALL/images/logo.gif
# ErrorDocument 403 /images/you_bad_hotlinker.gif
#</FilesMatch>
### LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK ###
#LimitRequestBody 10240000 #bytes, 0-2147483647(2GB)
#=============================================================================#
# SSL SECURITY
#=============================================================================#
#-> http://htaccesselite.com/d/redirecting-all-or-part-of-a-server-to-ssl-vt61
###########
### MOST SECURE WAY TO REQUIRE SSL ###
#-> http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html
#SSLOptions +StrictRequire
#SSLRequireSSL
#SSLRequire %{HTTP_HOST} eq "domain.tld"
#ErrorDocument 403 https://domain.tld
#=============================================================================#
# SITE UNDER CONSTRUCTION
#=============================================================================#
# Heres some awesome htaccess to use when you are developing a site
###########
### COMBINED DEVELOPER HTACCESS CODE-USE THIS ###
#<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)$">
# Header set Cache-Control "max-age=5"
#</FilesMatch>
#AuthType basic
#AuthName "Ooops! Temporarily Under Construction..."
#AuthUserFile /.htpasswd
#AuthGroupFile /dev/null
#Require valid-user # password prompt for everyone else
#Order Deny,Allow
#Deny from all
#Allow from 192.168.64.5 # Your, the developers IP address
#Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/
#Allow from googlebot.com # Allows google to crawl your pages
#Satisfy Any # no password required if host/ip is Allowed
### DONT HAVE TO EMPTY CACHE OR RELOAD TO SEE CHANGES ###
#ExpiresDefault A5 #If using mod_expires
#<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)$">
# Header set Cache-Control "max-age=5"
#</FilesMatch>
### ALLOW ACCESS WITH PASSWORD OR NO PASSWORD FOR SPECIFIC IP/HOSTS ###
#AuthType basic
#AuthName "Ooops! Temporarily Under Construction..."
#AuthUserFile /.htpasswd
#AuthGroupFile /dev/null
#Require valid-user # password prompt for everyone else
#Order Deny,Allow
#Deny from all
#Allow from 192.168.64.5 # Your, the developers IP address
#Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/
#Allow from googlebot.com # Allows google to crawl your pages
#Satisfy Any # no password required if host/ip is Allowed