more .htaccess tips
In my previous post .htaccess tips I had started with what is .htaccess file and some things that can be done using it. In this post I’ll cover more about .htaccess files.
Topics Covered:
- Directory index file
- Redirection
- Preferred domain (www or non-www)
- Redirect old site to new site
- Redirect all files in a directory
- Redirect a file in a directory
- Changing/displaying different file extension
- Redirect a URL having complete query string
- Redirect a URL starting with specific query string
- Redirect a URL containing specific query string
- Redirect based on ipaddress
- Ban visitors from specific ipaddress
- Ban visitors referred from certain sites
- Allow visitors only from specific ipaddress
- Disable Hotlinking
- Multiple domains on same file system
- Some RewriteRule Flags
- Change PHP Flags
Directory index file
When a user request a URL like http://www.example.com/test_dir/ we would want to display an index file. i.e. the user will be able to view http://www.example.com/test_dir/index.php just by visiting http://www.example.com/test_dir/
1
| DirectoryIndex index.php |
If we want to create fallback options i.e. if index.php does not exists server index.html, then we can use the following. The order in which the files are specified will be the order in which Apache will look for those files.
1
| DirectoryIndex index.php index.html index.htm |
Redirection using .htaccess file
.htaccess file can be used to redirect users from old site to new site, to a preferred domain, etc. To do this we use 301 redirects. 301 is HTTP Status Code meaning Moved Permanently. This indicates that the page was moved from the original location.
Note: 301 redirects (or Permanent Redirect) should be used only if you are permanently moving to a new domain or moving a page to new location. If you are moving the page temporarily then you should use 302 (or Temporary Redirect) to redirect to the temporary new location.
There is no limit on how many redirects can be done per site or per domain. Also, you can make a page redirect to another and then that page to another and create chain of such redirects. This is not recommended. It is always best to have just 1 or 2 hops in the redirect chain, because most search engine crawlers will stop following the redirects after 3-4 hops. So, the lesser number of hops in the chain redirects the better it is.
Preferred domain (www or non-www)
Websites http://www.example.com and http://example.com are considered different websites by search engines. So it is always better to have on domain as preferred domain for the site.
Redirect non www to www version of site: All users will be redirected to http://www.example.com even if they use the URL http://example.com
1
2
3
| RewriteEngine On RewriteCond %{HTTP_HOST} ^example.com RewriteRule (.*) http://www.example.com/$1 [R=301,L] |
Redirect www to non www version of site: All users will be redirected to http://example.com even if they use the URL http://www.example.com
1
2
3
| RewriteEngine On RewriteCond %{HTTP_HOST} ^www.example.com RewriteRule (.*) http://example.com/$1 [R=301,L] |
Redirect old site to new site
When you change the domain of your site, it is recommended to redirect the traffic from the old site to the new site. Doing a 301 redirect can help you redirecting the traffic to new site without losing the search engine rankings. The following code will redirect all traffic to the current site to http://newdomain.com
1
2
| RewriteEngine On RewriteRule (.*) http://newdomain.com/$1 [R=301,L] |
Redirect all files in a directory
If you change a directory then you will want to redirect all files in the directory to corresponding files in the new directory.
1
2
| RewriteEngine On RewriteRule ^old_dir/(.*)$ /new_dir/$1 [R=301,L] |
Redirect a file in a directory
If you have relocated just one file or only a few files in a directory to another directory, you can write a rewrite rule for each file.
1
2
| RewriteEngine On RewriteRule ^file.php /new_dir/file.php [R=301,L] |
You can also give absolute path if you are relocating it to a very different directory
1
2
| RewriteEngine On RewriteRule ^file.php http://www.example.com/new_dir/file.php [R=301,L] |
Change http://www.example.com to your domain.
Changing/displaying different file extension
You may want to hide the actual file extension from the user and display just .html extension. e.g. The user should be able to access the page from http://www.example.com/test.html when your actual file is test.php.
The following .htaccess will call .php file for all .html files. However, the user will still see .html in the browser
1
2
| RewriteEngine On RewriteRule ^(.+).html$ http://www.example.com/$1.php [NC] |
The above code allows you to change the file extension and execute any file (e.g. php file) in the background without letting the user know about it. However, this can result in same content accessible from 2 different locations .html and .php file. It is best avoided as this causes duplicate content. So, you can just redirect all .html files to .php files. This can be done as follows:
1
2
| RewriteEngine On RewriteRule ^(.*).html$ http://www.example.com/$1.php [R,NC] |
The above code will enable redirect the users to .php page. e.g. If a user is coming to www.example.com/test.html or www.example.com/test.php he will always be redirected to www.example.com/test.php
Redirect a URL having complete query string
Sometimes you would want to redirect only the URL with certain query string. The following code will redirect the page index.php?query=string to /new_dir/index.php?query=string
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} ^query=string$ [NC] RewriteRule index.php http://www.example.com/new_dir/index.php [L,R=301] |
If you do not want to pass the query string to the new URL add ‘?’ to the end of the new URL.
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} ^query=string$ [NC] RewriteRule index.php http://www.example.com/new_dir/index.php? [L,R=301] |
Redirect a URL starting with specific query string
To redirect only URL starting a query string. The difference between the above rule and this rule is there is no ‘$’ at the end of the Query String
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} ^query=string [NC] RewriteRule index.php http://www.example.com/new_dir/index.php [L,R=301] |
If you do not want to pass the query string to the new URL add ‘?’ to the end of the new URL.
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} ^query=string [NC] RewriteRule index.php http://www.example.com/new_dir/index.php? [L,R=301] |
Redirect a URL containing specific query string
To redirect any URL containing a query string. The difference between the above rule and this rule is there is no ‘^’ and ‘$’ along with the Query String. The below code will redirect any URL containing searchword.
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} searchword= [NC] RewriteRule index.php http://www.example.com/new_dir/index.php [L,R=301] |
If you do not want to pass the query string to the new URL add ‘?’ to the end of the new URL.
1
2
3
| RewriteEngine On RewriteCond %{QUERY_STRING} searchword= [NC] RewriteRule index.php http://www.example.com/new_dir/index.php? [L,R=301] |
Redirect based on ipaddress
Many times you would want access to some page/directory only internally and redirect all other users to some other page. An excellent scenario of this case could be when you want to perform some maintenance on your site. During this time you have to take the site down for all external users be internally you still want to be able to access it. So we can use the following rule to allow all traffic through a particular ipaddress and redirect all other users to a maintenance page.
1
2
3
| RewriteCond %{REMOTE_HOST} !123.456.789.012 RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC] RewriteRule .* /maintainence.html [R=301,L] |
The above rule will redirect all users not from ipaddress 123.456.789.012 and not requesting maintenance.html page to maintainence.html
Ban visitors from specific ipaddress
If you want to ban visitors from certain ipaddress you can use the following rules.
1
2
3
4
5
6
| order allow,deny deny from 123.456.789.012 deny from 123.456.789. deny from 123.456. deny from 123. allow from all |
In the above code the 1st line “deny from 123.456.789.012″ will block the visitors from the specific ipaddress 123.456.789.012
The next line blocks the visitors from all ip within the range 123.456.789.xxx (i.e. 123.456.789.000 – 123.456.789.255).
The next line blocks the visitors from all ip within the range 123.456.xxx.xxx
The last line blocks the visitors from all ip within the range 123.xxx.xxx.xxx
The next line blocks the visitors from all ip within the range 123.456.789.xxx (i.e. 123.456.789.000 – 123.456.789.255).
The next line blocks the visitors from all ip within the range 123.456.xxx.xxx
The last line blocks the visitors from all ip within the range 123.xxx.xxx.xxx
Note: When you block an entire ip range as you may be accidentally blocking the legitimate visitors too. So be careful in which ipaddress or which range of ipaddress you are blocking.
Ban visitors referred from certain sites
1
2
3
4
5
| RewriteEngine on RewriteCond %{HTTP_REFERER} baddomain.com [NC] RewriteCond %{HTTP_REFERER} subdomain.baddomain.com [NC] RewriteCond %{HTTP_REFERER} baddomain. [NC] RewriteRule .* - [F] |
The above code would check the referer of the current visitor and sends a 403 Forbidden code to any visitor coming for the sites.
The first line means if the referer is baddomain.com. The second line checks for subdomain.baddomain.com in the referer and the last line would check for domains baddomain.com or baddomain.net or baddomain.org or any other domain starting with baddomain.
The first line means if the referer is baddomain.com. The second line checks for subdomain.baddomain.com in the referer and the last line would check for domains baddomain.com or baddomain.net or baddomain.org or any other domain starting with baddomain.
Allow visitors only from specific ipaddress
If we want to allow access to our site only for certain ipaddress then we can use the following code in .htaccess file.
1
2
3
4
| Order Deny,Allow Deny from all Allow from 123.456.789.012 Allow from 456.789.012 |
The above code first denies access to all users and then allows access to users with ipaddress 123.456.789.012 or in the range 456.789.012.xxx
Disable Hotlinking
Many sites copy content for your website and even just pull content (like images) directly from your site. This results in higher bandwidth usage for your site.
The below code will send the hotlink.gif image is somebody tries to hotlink some images from your site.
1
2
3
4
5
| RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?example.com/ [NC] RewriteCond %{REQUEST_URI} !hotlink.gif [NC] RewriteRule .*.(gif|jpg|jpeg|png|js|css)$ http://example.com/img/hotlink.gif [NC] |
The first two lines of code allows all direct users and users accessing the content through your site (http://www.example.com in this case). The third line allows access to the hotlink.gif file. The last line would send hotlink.gif instead of the actual image requested.
The below code can be used to send a 403 Forbidden Status code when someone is accessing the hotlinked content.
1
2
3
4
| RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?example.com/.*$ [NC] RewriteRule .*.(gif|jpg|jpeg|png|js|css)$ - [F] |
The above code is similar to previous one. Only difference here is that we are sending 403 Forbidden Status code instead of the hotlink.gif image.
Multiple domains on same file system
If you have just one file system sharing across multiple domains, you can easily separate the files for different domains. e.g. use directories mydomain_one, mydomain_two etc for different domains and the following .htaccess rules to redirect the users for a domain to correct files.
1
2
3
4
5
6
7
| RewriteCond %{HTTP_HOST} mydomain-one.com RewriteCond %{REQUEST_URI} !^mydomain_one RewriteRule ^(.*)$ mydomain_one/$1 [L] RewriteCond %{HTTP_HOST} mydomain-two.com RewriteCond %{REQUEST_URI} !^mydomain_two RewriteRule ^(.*)$ mydomain_two/$1 [L] |
The above rules will direct the users for mydomain-one.com to mydomain_one and mydomain-two.com to mydomain_two directories. The above rules mean that if the requested domain is mydomain-one.com and the URL does not starts with mydomain_one, then rewrite the URL to mydomain_one directory.
Some RewriteRule Flags
Here are some flags that we have being using in the .htaccess rules.
RewriteRule flags are used to modify the behaviour of the rules. These flags are included in square brackets at the end of the rule. We can specify multiple flags for a rule by separating them using commas.
- F – Forbidden
This flag results in server returning a 403 Forbidden status code. - L – Last
This flag means that if a rule is matched no further rules should be processed. Any rule after this rule will be ignored for this condition. - NC – Nocase
This flag is used when we want a case-insensitive matching. e.g. in the following code we want to match the query string searchword= irrespective whether it is in lower case or upper case or even mixed case. This rule will match ‘searchword=’, ‘SEARCHWORD=’, ‘SearchWord=’.12RewriteCond %{QUERY_STRING} searchword= [NC]
RewriteRule index.php http://www.example.com/new_dir/index.php [L,R=301]
- R – Redirect
This flag is used to perform HTTP redirects. This flag can be used for any type of valid HTTP redirect using the syntax [R=301]. If no HTTP status code is provided with the flag it will used 302 status code as default.
This is not a complete list. List of all flags can be found here.
Change PHP Flags
.htaccess file can be used to change or set new PHP flags. Example to enable magic_quotes in PHP for specific directory add the following in .htaccess inside that directory.
1
| php_flag magic_quotes_gpc on |
0 comments:
Post a Comment