.htaccess
definition:
Apache server software provides distributed (i.e., directory-level) configuration via Hypertext Access files. These .
htaccess
files enable the localized fine-tuning of Apache’s universal system-configuration directives, which are defined in Apache’s main configuration file. The localized .
htaccess
directives must operate from within a file named .
htaccess
. The user must have appropriate file permissions to access and/or edit the .
htaccess
file. Further, .
htaccess
file permissions should never allow world write access — a secure permissions setting is “644â€, which allows universal read access and user-only write access. Finally, .
htaccess
rules apply to the parent directory and all subdirectories. Thus to apply configuration rules to an entire website, place the .
htaccess
file in the root directory of the site.
Comments on .htaccess
code
Comments are essential to maintaining control over any involved portion of code. Comments in .
htaccess
code are fashioned on a per-line basis, with each line of comments beginning with a pound sign #
. Thus, comments spanning multiple lines in the .
htaccess
file require multiple pound signs. Further, due to the extremely volatile nature of htaccess voodoo, it is wise to include only alphanumeric characters (and perhaps a few dashes and underscores) in any .
htaccess
comments.
Important Notes for .htaccess Noobs [ ^ ]
As a configuration file, .
htaccess
is very powerful. Even the slightest syntax error (like a missing space) can result in severe server malfunction. Thus it is crucial to make backup copies of everything related to your site (including any original .
htaccess
files) before working with your Hypertext Access file(s). It is also important to check your entire website thoroughly after making any changes to your .
htaccess
file. If any errors or other problems are encountered, employ your backups immediately to restore original functionality.
Performance Issues [ ^ ]
.
htaccess
directives provide directory-level configuration without requiring access to Apache’s main server cofiguration file (httpd.conf). However, due to performance and security concerns, the main configuration file should always be used for server directives whenever possible. For example, when a server is configured to process .
htaccess
directives, Apache must search every directory within the domain and load any and all .
htaccess
files upon every document request. This results in increased page processing time and thus decreases performance. Such a performance hit may be unnoticeable for sites with light traffic, but becomes a more serious issue for more popular websites. Therefore, .
htaccess
files should only be used when the main server configuration file is inaccessible. See the “Performance Tricks†section of this article for more information.
Regex Character Definitions for htaccess2 [ ^ ]
#
- the
#
instructs the server to ignore the line. used for including comments. each line of comments requires it’s own#
. when including comments, it is good practice to use only letters, numbers, dashes, and underscores. this practice will help eliminate/avoid potential server parsing errors. [F]
- Forbidden: instructs the server to return a
403 Forbidden
to the client. [L]
- Last rule: instructs the server to stop rewriting after the preceding directive is processed.
[N]
- Next: instructs Apache to rerun the rewrite rule until all rewriting directives have been achieved.
[G]
- Gone: instructs the server to deliver
Gone (no longer exists)
status message. [P]
- Proxy: instructs server to handle requests by
mod_proxy
[C]
- Chain: instructs server to chain the current rule with the previous rule.
[R]
- Redirect: instructs Apache to issue a redirect, causing the browser to request the rewritten/modified URL.
[NC]
- No Case: defines any associated argument as case-insensitive. i.e., “NC” = “No Case”.
[PT]
- Pass Through: instructs
mod_rewrite
to pass the rewritten URL back to Apache for further processing. [OR]
- Or: specifies a logical “or” that ties two expressions together such that either one proving true will cause the associated rule to be applied.
[NE]
- No Escape: instructs the server to parse output without escaping characters.
[NS]
- No Subrequest: instructs the server to skip the directive if internal sub-request.
[QSA]
- Append Query String: directs server to add the query string to the end of the expression (URL).
[S=x]
- Skip: instructs the server to skip the next “x” number of rules if a match is detected.
[E=variable:value]
- Environmental Variable: instructs the server to set the environmental variable “variable” to “value”.
[T=MIME-type]
- Mime Type: declares the mime type of the target resource.
[]
- specifies a character class, in which any character within the brackets will be a match. e.g., [xyz] will match either an x, y, or z.
[]+
- character class in which any combination of items within the brackets will be a match. e.g., [xyz]+ will match any number of x’s, y’s, z’s, or any combination of these characters.
[^]
- specifies not within a character class. e.g., [^xyz] will match any character that is neither x, y, nor z.
[a-z]
- a dash (-) between two characters within a character class ([]) denotes the range of characters between them. e.g., [a-zA-Z] matches all lowercase and uppercase letters from a to z.
a{n}
- specifies an exact number,
n
, of the preceding character. e.g., x{3} matches exactly threex
’s. a{n,}
- specifies
n
or more of the preceding character. e.g., x{3,} matches three or morex
’s. a{n,m}
- specifies a range of numbers, between
n
andm
, of the preceding character. e.g., x{3,7} matches three, four, five, six, or sevenx
’s. ()
- used to group characters together, thereby considering them as a single unit. e.g., (perishable)?press will match press, with or without the perishable prefix.
^
- denotes the beginning of a regex (regex = regular expression) test string. i.e., begin argument with the proceeding character.
$
- denotes the end of a regex (regex = regular expression) test string. i.e., end argument with the previous character.
?
- declares as optional the preceding character. e.g.,
monzas?
will match monza or monzas, whilemon(za)?
will match either mon or monza. i.e.,x?
matches zero or one ofx
. !
- declares negation. e.g., “
!string
†matches everything except “string
â€. .
- a dot (or period) indicates any single arbitrary character.
-
- instructs “not to†rewrite the URL, as in “
...domain.com.* - [F]
â€. +
- matches one or more of the preceding character. e.g.,
G+
matches one or more G’s, while “+” will match one or more characters of any kind. *
- matches zero or more of the preceding character. e.g., use “
.*
†as a wildcard. |
- declares a logical “or†operator. for example,
(x|y)
matchesx
ory
. \
- escapes special characters (
^ $ ! . * |
). e.g., use “\.
†to indicate/escape a literal dot. \.
- indicates a literal dot (escaped).
/*
- zero or more slashes.
.*
- zero or more arbitrary characters.
^$
- defines an empty string.
^.*$
- the standard pattern for matching everything.
[^/.]
- defines one character that is neither a slash nor a dot.
[^/.]+
- defines any number of characters which contains neither slash nor dot.
http://
- this is a literal statement — in this case, the literal character string, “http://â€.
^domain.*
- defines a string that begins with the term “
domain
â€, which then may be proceeded by any number of any characters. ^domain\.com$
- defines the exact string “
domain.com
â€. -d
- tests if string is an existing directory
-f
- tests if string is an existing file
-s
- tests if file in test string has a non-zero value
Redirection Header Codes [ ^ ]
- 301 – Moved Permanently
- 302 – Moved Temporarily
- 403 – Forbidden
- 404 – Not Found
- 410 – Gone
Posted in .htaccess, Tips n Trik | |