Christian Zeitnitz
This collection of Apache rewrite rules are the ones I needed quite a few times for web sites in order to either re-direct to new pages or beautify the links
A lot of good pages exist to explain details about the syntax of the rewrite engine. Here just a short list of pages I found useful:
In the following I assume, that the base of the site is "/". If your site resides in a sub-directory you have to modify the RewriteBase accordingly: RewriteBase /mysubdirectory/
All rules are use the option [L], which terminates the processing of the subsequent rewrite rules.
A website should be found by http://mydomain.de and http://www.mydomain.de. Sometimes its necessary to redirect to a specific version of the address in order to allow AJAX etc to work without any problem. Here the following rewrite rule helps:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_host} ^mydomain\.de
RewriteRule ^(.*)$ http://www.mydomain.de/$1 [R,L]
The above will redirect all requests for mydomain.de to www.mydomain.de.
You just moved from static pages to dynamic ones. In this case the old links should still work. Here the rule to achieve the transition from html to php code.
RewriteRule ^(.*)\.html$ $1.php [L]
In case a page or a document has a new location a re-direct is necessary. In addition the requester should be informed that the link has changed. This is especially important for the Google and Bing bots. So the re-redirect should be done with return code 301 (moved permanently).
RewriteRule ^(.*)\/oldpage.html$ http://www.mydomain.de/subdir/newpage.html [R=301,L]The above will redirect a request for
oldpage.html, even if its located in a sub directory, to the new location. Actually this would redirect all pages of the site called oldpage.html to the new one!
Lets assume a website selects content based on a parameter like http://mydomain.de/index.php?id=home. But the page "home" should be reachable by a call to http://mydomain.de/home without changes to the actual scripts.
RewriteRule ^(.+?)/?$ index.php?id=$1&%{QUERY_STRING} [L]
The above rule catches the actual selected page as $1. Even a trailing slash is accepted. It will be necessary to set the base of the website (in the html head section), because a trailing slash screws up the base url.
If the query string is not preceeded by a question mark like http://mydomain.de/home/go=5&set=0 another rule is needed
RewriteRule ^(.+?)/(.+)$ index.php?id=$1&$2 [L]Finally all not captured URLs are directed to the main page
RewriteRule ^(.*)$ index.php [L]If the URL is passed alread as
http://mydomain.de/index.php?id=home it should not be rewritten
RewriteCond $1 (ajax|index) RewriteRule ^([a-z]*)\.php(.*)$ - [NC,L]This rule passes through a call to ajax.php as well.
Some URLs should not be rewritten, like to images or documents which are made available for download. A rules should be added for this.
RewriteCond $2 ico RewriteRule ^(.*)\.(.*)$ - [NC,L] RewriteCond $1 (images|docs) RewriteRule ^([a-z]*)/(.*)$ - [NC,L]The first rule allows to access an icon file (e.g.
favicon.ico) in the document root. The second allows access to the two directories images and docs without a rewritten URL.
The complete .htaccess file would look like
RewriteEngine On
RewriteBase /
RewriteCond $2 ico
RewriteRule ^(.*)\.(.*)$ - [NC,L]
RewriteCond $1 (images|docs)
RewriteRule ^([a-z]*)/(.*)$ - [NC,L]
RewriteCond $1 (ajax|index)
RewriteRule ^([a-z]*)\.php(.*)$ - [NC,L]
RewriteRule ^(.+?)/(.+)$ index.php?id=$1&$2 [L]
RewriteRule ^(.+?)/?$ index.php?id=$1&%{QUERY_STRING} [L]
RewriteRule ^(.*)$ index.php [L]
For a perfect website the error pages should be custom made as well
ErrorDocument 400 /accerr?err=400 ErrorDocument 401 /accerr?err=401 ErrorDocument 403 /accerr?err=403 ErrorDocument 404 /accerr?err=404 ErrorDocument 500 /accerr?err=500Just append these lines to
.htaccess and create an accerr.php script which creates the error messages.
In order to maintain a website sometimes one has to disable the access for the public.
The access should still be possible for a predefined IP-address, or by using a secret password.
This can easily be achieved with rewrite rules and without changing anything in the CMS system.
ErrorDocument 503 "<h1>Service temporarily unavailable</h1>"
RewriteCond %{QUERY_STRING} PASSTHRU=SecretCode$
RewriteRule .* - [cookie=PASSTHRU:SecretCode:www.zeitnitz.eu:3600:/]
RewriteCond %{REMOTE_ADDR} !^178\.000\.111\.001$
RewriteCond %{HTTP_COOKIE} !PASSTHRU\=SecretCode
RewriteRule .* - [R=503,L]
The first line defines the text to be shown in case the access is blocked
(can be replaced by a html file as well).
The second checks for the existance of the parameter PASSTHRU in the query string (case sensitive!) with a value SecretCode. Be aware, that the secret code shows up three times in the rules.
If found, a cookie is generated with a lifetime of 1 hour (3600 seconds). Within this hour the cookie grants access to the website without
any additional parameters and from any IP address.
Line 4 checks, if the access comes from a predefined IP address.
If neither this nor the cookie are found, a return code 503 is generated (temporarily not available) and the corresponding error page ist shown. Otherwise the page is shown as usual.
In order to use these rules, just adjust the IP address and the secret code (three times) and add these lines to the beginning of your rewrite rules in .htaccess.
You would like to make a password protected web page or a webdav directory accessible to an external user/customer. The person accessing the page should be made aware, that some rules apply when using the page (like confidential content etc). All this can be achieved by some Apache rewrite rules in conjunction with a cookie.
In the following I assume, that the directory is located at /AccDir. The user is called johndoe and has to be added to the .htpasswd and added to the access list of the directory. Consult your preferred search engine how to do this.
The following content of the .htaccess file in the directory will display the file .eula.html in the case that no valid cookie is found. If the correct button is pressed, the cookie is placed with 1h lifetime. If the eula is not accepted the request fails.
RewriteEngine On
RewriteBase /AccDir
RewriteRule ^allowAccDir$ /AccDir [cookie=ACCDIR:JOHNDOE:mydomain.de:3600:/,NC,L]
RewriteRule ^notAllowed$ - [F,NC,L]
RewriteCond %{HTTP_COOKIE} !ACCDIR=JOHNDOE [NC]
RewriteRule ^.*$ .eula.html
IndexIgnore .*
In more detail
allowAccDir, which is created, when the accept button is pressed in the eula. In this case the request is rewritten to the directory AccDir and the cookie is set with name ACCDIR, content JOHNDOE and a lifetime of 3600 secondsRewriteRule ^.*notAllowed$ MyNoAccPage.html [L].eula.html.htaccess and .eula.html should be invisible. In addition you should set the ACL to avoid accidental deletion of these files.<h1>Agreement for the usage of data stored in AccDir</h1>
<p>Here goes the user agreement text</p>
<table style="width: 100%;">
<tbody><tr> <td align="center"><a href="allowAccDir">accept</a></td>
<td align="center"><a href="notAllowed">do not accept</a></td>
</tr></tbody>
</table>