.htaccess

#### Content negotiation ####

DirectoryIndex about
AddLanguage de .de
AddLanguage en .en
LanguagePriority en de
ForceLanguagePriority Fallback


#### Custom error messages ####

ErrorDocument 403 /error/about-403


#### general access restrictions

Options -Indexes

# access restrictions for certain file types

# hide .git
RedirectMatch 404 /\.git

# hide the build system
RedirectMatch 404 Makefile
RedirectMatch 404 templates/.*
RedirectMatch 404 mk/.*

# hide .md files (which are used as source for .html)
RedirectMatch 404 \.md$


#### set env for extended access from certain IP addresses

# must be listed here explicitly
# https://httpd.apache.org/docs/current/mod/mod_setenvif.html
# https://serverfault.com/questions/93886/apache-2-setenvif-ip-range

# ZBW addresses (settings according to
# \\pm-opac\C$\inetpub\wwwroot\CFapp\PrMappeConv\_Init_Application_Structures.cfm)

# Hamburg reading room
SetEnvIf Remote_Addr "^134\.245\.95\.130$" PM20_INTERNAL=1
# Kiel reading room
SetEnvIf Remote_Addr "^134\.245\.95\.14$" PM20_INTERNAL=1

# Gateway for admin (nbt/ottk)
SetEnvIf Remote_Addr "^134\.245\.95\.210$" PM20_INTERNAL=1
# Remote access (vpn) for admin
SetEnvIf Remote_Addr "^134\.245\.94\.1$" PM20_INTERNAL=1

# HAN server
SetEnvIf Remote_Addr "^134\.245\.92\.39$" PM20_INTERNAL=1


# Intares addresses

SetEnvIf Remote_Addr "^213\.183\.200\.67$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:2000:125::67$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.183\.200\.69$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:2000:125::69$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.183\.200\.70$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:2000:125::70$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.183\.208\.66$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:4000:125::66$" PM20_INTERNAL=1

# Intares: Monitoring
SetEnvIf Remote_Addr "^213\.183\.197\.137$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:2000:44::137$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.178\.160\.67$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2001:14b0:102:0:213:178:160:67$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.183\.200\.66$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:2000:125::66$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^213\.183\.208\.66$" PM20_INTERNAL=1
SetEnvIf Remote_Addr "^2a00:4e00:4000:125::66$" PM20_INTERNAL=1


# DFG-Viewer service (issues HEAD requests for images to check the CORS status)

SetEnvIf Remote_Addr "^194\.95\.145\.4$" PM20_DFGVIEWER=1

### Stop DFG Viewer GET ting .JPG files
### (proxy function has been mis-used in fall 2023 attack)
<If "reqenv('PM20_DFGVIEWER') == 1">
  <FilesMatch ".jpg|.JPG">
    Require method HEAD
  </FilesMatch>
</If>


# Request comes from EU legal area
# ISO-3166-1 Codes according to https://www.auswaertiges-amt.de/de/service/fragenkatalog-node/02-ewr-eu/606444

SetEnvIf GEOIP_COUNTRY_CODE BE PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE BG PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE DK PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE DE PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE EE PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE FI PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE FR PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE GR PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE IE PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE IT PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE HR PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE LV PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE LT PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE LU PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE MT PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE NL PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE AT PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE PL PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE PT PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE RO PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE SE PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE SK PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE SI PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE ES PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE CZ PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE HU PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE CY PM20_EU=1
# EWR
SetEnvIf GEOIP_COUNTRY_CODE IS PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE LI PM20_EU=1
SetEnvIf GEOIP_COUNTRY_CODE NO PM20_EU=1


#### Redirects

#DirectorySlash Off
#DirectoryIndexRedirect off

# redirects created for Archivführer Kolonialzeit
Redirect "/home" "/about"
Redirect "/terms-of-use" "/about-pm20/legal"


#### Rewrites

RewriteEngine on


# CAUTION: Do not use RewriteBase, because only the last RewriteBase directive
# in a .htaccess is interpreted


# TEMPORARY exclude known abusing bots

RewriteCond %{HTTP_USER_AGENT} ArchiveBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} DummyBot [NC]
RewriteRule .* - [R=403,L] 


# for folder and document rewrites, see ./folder/.htaccess, dito ./category/.htaccess


# film rewrites

# Redirect collection index to findbuch/filmlist pages
RewriteRule ^film/([hk][12])_(sh|wa|co)$ /film/$1_$2.de.html
RewriteRule ^film/([hk][12])_(sh|wa|co)\.de$ /film/$1_$2.de.html

# filmlist with public and internal versions
RewriteCond "%{ENV:PM20_INTERNAL}" ^$
RewriteCond "%{ENV:PM20_EU}" ^$
RewriteRule "^film/([hk][12]_(co|sh|wa)\.de\.html)$" "/film/public.$1" [R]
RewriteCond "%{ENV:PM20_INTERNAL}" "1" [OR]
RewriteCond "%{ENV:PM20_EU}" "1"
RewriteRule "^film/([hk][12]_(co|sh|wa)\.de\.html)$" "/film/intern.$1" [R]

# Redirect logical image URI to filmviewer (drop Left or Right page indicator)
RewriteRule ^film/([hk][12])/(sh|wa|co)/([A-Z0-9_]+)/([0-9]{4})(/[LR])?$ /film/filmviewer.php?set=$1&collection=$2&film=$3&img=$4 [PT,L]

# Redirct film index to filmviewer
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} -d
RewriteRule ^film/([hk][12])/(sh|wa|co)/([A-Z0-9_]+)/$ /film/filmviewer.php?set=$1&collection=$2&film=$3 [QSA,PT,L]


# DFG Viewer for folders with public and internal versions
RewriteCond "%{ENV:PM20_INTERNAL}" ^$
RewriteRule "^dfgview/(co|pe)/(....)(..)$" "https://dfg-viewer.de/show/?tx_dlf[id]=https://pm20.zbw.eu/folder/$1/$2xx/$2$3/public.mets"
RewriteCond "%{ENV:PM20_INTERNAL}" ^$
RewriteRule "^dfgview/(sh|wa)/(....)(..),(....)(..)$" "https://dfg-viewer.de/show/?tx_dlf[id]=https://pm20.zbw.eu/folder/$1/$2xx/$2$3/$4xx/$4$5/public.mets"
RewriteCond "%{ENV:PM20_INTERNAL}" "1"
RewriteRule "^dfgview/(co|pe)/(....)(..)$" "https://dfg-viewer.de/show/?tx_dlf[id]=https://pm20.zbw.eu/folder/$1/$2xx/$2$3/intern.mets"
RewriteCond "%{ENV:PM20_INTERNAL}" "1"
RewriteRule "^dfgview/(sh|wa)/(....)(..),(....)(..)$" "https://dfg-viewer.de/show/?tx_dlf[id]=https://pm20.zbw.eu/folder/$1/$2xx/$2$3/$4xx/$4$5/intern.mets"


# IIIF manifests for folders with public and internal versions
# (CORS rules for iiif in iiif/.htaccess)
RewriteCond "%{ENV:PM20_INTERNAL}" ^$
RewriteRule "^iiif/folder/(co|pe|wa|sh)/([0-9,]+)/manifest.json$" "/iiif/folder/$1/$2/public.manifest.json" [PT]
RewriteCond "%{ENV:PM20_INTERNAL}" "1"
RewriteRule "^iiif/folder/(co|pe|wa|sh)/([0-9,]+)/manifest.json$" "/iiif/folder/$1/$2/intern.manifest.json" [PT]

# IIIF viewer links for folders
RewriteRule "^iiifview/folder/(co|pe|sh|wa)/([0-9,]+)$" "https://pm20.zbw.eu/mirador/?manifestId=https://pm20.zbw.eu/iiif/folder/$1/$2/manifest.json"

# IIIF viewer links for documents
RewriteRule "^iiifview/folder/(co|pe|sh|wa)/([0-9,]+)/([0-9]{5})$" "https://pm20.zbw.eu/mirador/?manifestId=https://pm20.zbw.eu/iiif/folder/$1/$2/manifest.json&canvasId=https://pm20.zbw.eu/iiif/folder/$1/$2/$3/0001/canvas"

# IIIF viewer links for pages of documents
RewriteRule "^iiifview/folder/(co|pe|sh|wa)/([0-9,]+)/([0-9]{5})/([0-9]{4})$" "https://pm20.zbw.eu/mirador/?manifestId=https://pm20.zbw.eu/iiif/folder/$1/$2/manifest.json&canvasId=https://pm20.zbw.eu/iiif/folder/$1/$2/$3/$4/canvas"


# GND redirect
RewriteRule ^gnd/(.+)$  "/folder/${gndmap:$1|/error/signature_not_found.en.html}"


# PDF production
# save download file instead of display
# (this setting overides the mimetype set in the mets file)
AddType application/octet-stream .pdf

# Use to temporarily disable pdf production
##RewriteRule ^pdf/ /error/no_pdf_download

# serve from cache dir if file exists
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^pdf/.*$ /cgi-bin/folder2pdf.cgi?pdf=https://pm20.zbw.eu%{REQUEST_URI} [L]


# BEACON lists
RewriteRule ^beaconlist/pe /doc/beacon/BEACON-Personen.txt
RewriteRule ^beaconlist/co /doc/beacon/BEACON-Institutionen.txt
RewriteRule ^beaconlist/sh /doc/beacon/BEACON-Schlagworte.txt
RewriteRule ^beaconlist/wa /doc/beacon/BEACON-SchlagworteW.txt


# rules for /folder/ moved to folder dir