The mod_rewrite module in Apache allows for powerful and flexible URL rewriting. It can be used for various purposes, such as creating clean and user-friendly URLs, redirecting URLs, and implementing complex URL manipulations. Here’s a basic guide on how to use mod_rewrite in Apache:

Enable mod_rewrite

Before using mod_rewrite, ensure that the module is enabled. Open your Apache configuration file (httpd.conf or a separate configuration file) and locate or add the following line to enable the module:

   LoadModule rewrite_module modules/mod_rewrite.so

Then, restart Apache for Ubuntu/Debian Linux

sudo service apache2 restart   # On Ubuntu/Debian

or restart Apache for CentOS/RHEL Linux

sudo systemctl restart httpd   

Create or Edit .htaccess File

mod_rewrite rules are often placed in a .htaccess file in the root directory of your website. If a .htaccess file doesn’t exist, you can create one.

sudo nano /path/to/your/website/.htaccess

mod_rewrite Directives & Parameters

mod_rewrite is a powerful Apache module that provides a flexible and sophisticated way to manipulate URLs and control how the server processes requests. The module is driven by rules specified in the form of directives. Here are some key mod_rewrite parameters and directives:

RewriteEngine

The RewriteEngine is a directive in Apache’s mod_rewrite module that enables or disables the URL rewriting engine. It acts as a master switch, determining whether the rewriting rules defined in your Apache configuration or .htaccess file should be applied. The RewriteEngine directive is typically used at the beginning of your configuration to activate the rewriting engine.

RewriteEngine On

You can use the RewriteEngine to:

• Enable URL Rewriting: Use RewriteEngine On when you want to activate URL rewriting capabilities. This is necessary if you intend to use RewriteRule, RewriteCond, and other mod_rewrite directives to manipulate URLs, perform redirects, or customize the URL structure of your website.

• Disable URL Rewriting: If you want to temporarily disable URL rewriting, you can use RewriteEngine Off. This can be useful in situations where you want to bypass or turn off certain rewrite rules without removing them from your configuration.

In summary, use RewriteEngine On when you want to employ URL rewriting features provided by mod_rewrite to customize how URLs are processed and served by your Apache web server.

RewriteRule

The RewriteRule is a directive in Apache’s mod_rewrite module that defines rules for rewriting or redirecting URLs. It specifies a pattern to match in the requested URL and a substitution string to replace the matched pattern. The basic syntax is:

RewriteRule pattern substitution [flags]

• pattern: This is a regular expression pattern that the requested URL is compared against. If the pattern matches, the rule is applied.

• substitution: This is the replacement string that is used when the pattern matches. It can include back-references to capture groups from the pattern.

• flags (optional): Flags provide additional instructions to modify the rule’s behavior. For example, the [L] flag indicates that this is the last rule to be processed, and the [R=301] flag specifies a permanent (301) redirect.

Here’s a simple example:

RewriteRule ^old-page$ /new-page [L,R=301]

This rule redirects requests for “old-page” to “new-page” with a 301 status code (permanent redirect). RewriteRule is a powerful tool for manipulating URLs, implementing redirects, and customizing the structure of your web application’s URLs.

RewriteCond

The RewriteCond (Rewrite Condition) is a directive in Apache’s mod_rewrite module used to specify conditions under which a RewriteRule should be applied. It allows you to set conditions based on various aspects of the request, such as the request URL, server variables, or HTTP headers. If the conditions specified in RewriteCond are met, the associated RewriteRule is applied. The basic syntax of RewriteCond is:

RewriteCond TestString CondPattern

• TestString: This is the string or variable to be tested against the condition.
• CondPattern: This is a regular expression pattern that, if matched, makes the condition true.

Here’s an example:

RewriteCond %{HTTP_USER_AGENT} Mozilla [NC]
RewriteRule ^.*$ /mozilla-page [L]

In this example, if the user agent in the HTTP request header contains the word “Mozilla” (case-insensitive, indicated by the [NC] flag), the associated RewriteRule will be applied, redirecting the request to “/mozilla-page.” RewriteCond is crucial for specifying additional criteria that must be satisfied for a RewriteRule to take effect.

RewriteBase

The RewriteBase directive is used in Apache’s mod_rewrite module to specify the base URL for per-directory (directory-relative) rewrites. It sets the base URL against which all relative substitutions in RewriteRule patterns are resolved. The RewriteBase directive is particularly useful when you have a set of rewrite rules in a directory and want to specify a base URL for their relative substitutions. The basic syntax is:

RewriteBase URL-path

• URL-path: This is the base URL against which relative substitutions in RewriteRule patterns are resolved. It is typically a relative path.

Here’s a simple example:

RewriteEngine On
RewriteBase /myapp
RewriteRule ^old-page$ new-page [L,R=301]

In this example, the RewriteBase /myapp sets the base URL to “/myapp.” The subsequent RewriteRule then applies to the URL path relative to “/myapp,” so it redirects requests for “/myapp/old-page” to “/myapp/new-page.” The RewriteBase directive is optional, but it helps when working with relative substitutions in a directory context.

RewriteOptions

The RewriteOptions directive in Apache’s mod_rewrite module is used to configure various options for the rewriting engine. It provides a way to set global options that affect the behavior of all RewriteRule directives in the configuration. The basic syntax is:

RewriteOptions option [option...]

Multiple options can be specified, and each option modifies the behavior of the mod_rewrite engine in a specific way. Some commonly used options include:

• Inherit: This option makes the current configuration inherit the configuration of the parent directory. For example, RewriteOptions InheritDown inherits rules from the parent directory.

• InheritDown: This option, combined with Inherit, causes child directories to inherit rules from their parent.

• InheritDownBefore: This option is similar to InheritDown but applies the inherited rules before the local rules in the child directory.

• InheritBase: This option makes child directories inherit the RewriteBase directive from the parent.

Here’s an example:

RewriteEngine On
RewriteOptions InheritDown

In this example, the InheritDown option ensures that child directories inherit the RewriteRule directives from their parent directory. The RewriteOptions directive is flexible and allows for fine-tuning the behavior of the mod_rewrite engine in complex configurations.

RewriteMap

The RewriteMap directive in Apache’s mod_rewrite module is used to define an external mapping program for rewriting. It allows you to use an external script or program to perform custom substitutions in the rewriting process. The external program reads input values from the server and provides corresponding output values, which are then used in the RewriteRule. The basic syntax is:

RewriteMap mapname maptype:mapsource

• mapname: This is the name by which the map is referenced in RewriteRule.

• maptype: Specifies the type of map, which can be txt (plain text) or other types such as dbm (database map) or prg (external program).

• mapsource: This is the source of the map, such as a file path for a txt map or a command for a prg map.

Here’s an example using a plain text map:

RewriteMap examplemap txt:/path/to/mapfile.txt
RewriteRule ^/(.*)$ /${examplemap:$1} [R,L]

In this example, the RewriteMap directive defines a plain text map named examplemap from the file /path/to/mapfile.txt. The subsequent RewriteRule then uses this map to perform substitutions in the URL. RewriteMap is useful when you need dynamic or complex transformations that can be efficiently handled by an external script or program.

RewriteLog and RewriteLogLevel

The RewriteLog and RewriteLogLevel directives in Apache’s mod_rewrite module are used for debugging and logging purposes.

• RewriteLog: This directive specifies the file path where mod_rewrite should write its debugging information. It is essential for understanding how rewrite rules are being processed and for diagnosing any issues. However, it’s important to note that using RewriteLog in a production environment can have performance implications, and it’s generally recommended to be used for debugging purposes only.

RewriteLog "/var/log/httpd/rewrite.log"

In this example, mod_rewrite will log its debugging information to the specified file.

• RewriteLogLevel: This directive sets the level of verbosity for the logging. It determines the amount of detail written to the log file. Levels range from 0 (no logging) to 9 (maximum detail).

  RewriteLogLevel 3

In this example, the logging level is set to 3, which provides a moderate level of detail. Adjust the level based on the specific debugging needs.

It’s crucial to use these directives judiciously, especially in a production environment, as excessive logging can impact server performance. Once debugging is complete, it’s recommended to disable or remove these directives to avoid unnecessary resource usage.

RewriteCond Back-references

RewriteCond back-references in Apache’s mod_rewrite module allow you to reference matched groups from the last matched RewriteCond or RewriteRule. These back-references are denoted by % followed by the group number (e.g., %1, %2). When a regular expression pattern is used in a RewriteCond and a match occurs, the matched text can be referred to later in the same rule or in subsequent rules.

Here’s a simple example:

RewriteCond %{HTTP_HOST} ^([a-z]+)\.example\.com$ [NC]
RewriteRule ^(.*)$ /pages/%1/$1 [L]

In this example, %1 refers to the first back-reference, which is the subdomain captured by the regular expression in the RewriteCond. If the incoming URL is “subdomain.example.com/path,” the RewriteRule will rewrite it to “/pages/subdomain/path.”

These back-references provide a powerful way to reuse matched patterns and create more dynamic and flexible rewrite rules in your Apache configuration.

Basic mod_rewrite Rules

We use the parameters and directives we talked about above to define conditions and rules for URL manipulation, enabling tasks like redirects, URL rewriting, access control, and more.

Here are some common examples of mod_rewrite rules:

Redirect URLs

URL redirection in Apache is necessary when you want to forward or redirect requests from one URL to another. This can be useful for several reasons, such as when you have changed the structure of your website, moved content to a new location, or when you want to enforce a specific URL scheme (e.g., forcing HTTPS).

Redirects help maintain SEO rankings, prevent broken links, and ensure a seamless user experience. You might also use redirects to handle canonicalization issues, ensuring that users and search engines consistently access your content through the preferred URL.

Apache provides the mod_rewrite module for URL redirection. You can use mod_rewrite directives to redirect from “http://example.com” to “http://www.example.com”. Here’s an example .htaccess file:

<IfModule mod_rewrite.c>
    RewriteEngine On
    
    # Redirect non-www to www and enforce HTTPS
    RewriteCond %{HTTPS} off [OR]
    RewriteCond %{HTTP_HOST} !^www\. [NC]
    RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,R=301]
</IfModule>

The above code snippet checks if the mod_rewrite module is enabled, and if so, it turns on the RewriteEngine. The subsequent rules enforce a redirect from non-www to www and ensure that the connection uses HTTPS. The RewriteCond directives check if either HTTPS is off or the requested host does not start with “www.” in a case-insensitive manner. If either condition is true, the RewriteRule redirects the request to “https://www.example.com” while preserving the requested URI. The [L,R=301] flags indicate that it’s the last rule to be processed, and a permanent (301) redirect should be performed.

Redirect the Old page to the New page

Redirecting old pages to new pages is essential in various scenarios, primarily when there are changes in a website’s structure, content, or URL format. It becomes necessary during website redesigns, migrations, or updates to ensure a seamless user experience and maintain search engine optimization (SEO) rankings.

Redirects play a crucial role in preserving inbound links, preventing users from encountering broken links or 404 errors and guiding search engines to updated content. This is vital for retaining the credibility of the website, preventing loss of traffic, and ensuring that users and search engines can access the most relevant and up-to-date information, contributing to a positive overall user experience and the site’s overall online visibility.

If you want to redirect requests from old URLs to new URLs using Apache’s mod_rewrite, you can use the following example code in your Apache configuration or .htaccess file:

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Redirect old-page.html to new-page.html
    RewriteRule ^old-page\.html$ /new-page.html [L,R=301]
</IfModule>

In this example, any request for “old-page.html” will be redirected to “new-page.html” with a 301 status code, indicating a permanent redirect. Adjust the old and new page URLs accordingly based on your specific requirements. You can extend this pattern for multiple redirects if needed.

Remove File Extension

Removing file extensions from URLs is often done for aesthetic and SEO purposes, making URLs more user-friendly and cleaner. This practice is particularly beneficial when constructing a website with human-readable URLs that convey the content’s nature without exposing underlying technologies or file types.

For example, transforming “example.com/page.html” into “example.com/page” simplifies the URL, enhancing its readability and memorability for users. Additionally, eliminating file extensions can provide flexibility in the backend infrastructure, allowing you to change technologies or file types without affecting the visible URLs. This practice is common in modern web development to create a more elegant and intuitive user experience, making URLs that are easier to share and understand.

If you want to remove file extensions from URLs using Apache’s mod_rewrite, you can use the following example code in your Apache configuration or .htaccess file:

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Remove .html extension
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME}\.html -f
    RewriteRule ^(.*)$ $1.html [L]
</IfModule>

This code removes the “.html” extension from URLs. For example, a request to “example.com/page.html” would internally be processed as if it were “example.com/page”. This can make your URLs appear cleaner and more user-friendly. Adjust the extension and file types as needed for your specific scenario.

Keep in mind that this example assumes your files have a “.html” extension. If your files have a different extension, modify the RewriteRule accordingly (e.g., .php, .txt, etc.). Additionally, make sure to test thoroughly after making changes to ensure the desired behavior.

Force HTTPS

Forcing HTTPS is essential to enhance the security of web communication by encrypting data transmitted between the user’s browser and the web server. This is particularly crucial when dealing with sensitive information, such as login credentials or personal data.

To enforce HTTPS on an Apache web server, you can use mod_rewrite in the server configuration or .htaccess file. Here’s an example:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

This code checks if the connection is not using HTTPS, and if so, it redirects the user to the same URL with “https://” instead of “http://”, using a 301 status code for a permanent redirect. This ensures that all traffic is securely transmitted over HTTPS, improving the overall security of the website.

Redirect URLs with Query Parameters

Redirecting URLs with query parameters is often necessary during website restructuring, updates, or changes in URL conventions. It becomes crucial when you want to ensure that users and search engines are directed to the new URLs seamlessly while preserving important query parameters. This is particularly relevant when migrating content or when there’s a shift in the structure of dynamic URLs. Redirecting URLs with query parameters helps maintain SEO rankings, preventing broken links, and offering a consistent user experience.

Additionally, it aids in handling changes in the application’s functionality or when transitioning to a new technology stack, ensuring that URLs with specific parameters are appropriately redirected to their updated equivalents.

RewriteEngine On
RewriteCond %{QUERY_STRING} ^param=value$
RewriteRule ^path$ /new-path? [L,R=301]

This mod_rewrite code activates the rewriting engine, and if a request has the query parameter “param” with the value “value” in the URL, it redirects from the original “path” to “new-path” with a 301 status code for a permanent redirect. The “?” at the end of the destination URL removes the original query parameters, and the [L,R=301] flags indicate that it’s the last rule to be processed, and a permanent redirect should be performed. This rule is useful for redirecting specific URLs with certain query parameters to new locations, commonly used during website restructuring or updates.

Remove Trailing Slash

Removing trailing slashes from URLs is necessary to maintain consistency in web addresses and avoid duplicate content issues. This becomes crucial when web servers treat URLs with and without trailing slashes as distinct, potentially leading to SEO problems and usability issues.

By enforcing a consistent URL structure, you prevent the same content from being accessible through multiple URLs, which can impact search engine rankings and user experience. Additionally, some systems may treat URLs with trailing slashes differently, potentially causing issues with relative paths or links. Removing trailing slashes ensures that your URLs are uniform and reduces the risk of confusion or unintended behaviors in web applications.

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]

The above provided mod_rewrite directives serve to remove trailing slashes from URLs. When the RewriteEngine is activated, the RewriteCond checks if the requested file path is not an existing directory, and if so, the RewriteRule captures the entire URL path excluding the trailing slash and redirects to the modified URL using a 301 status code for a permanent redirect.

This rule is useful for standardizing URL structures, preventing duplicate content issues, and ensuring a consistent user experience across a website. It effectively redirects URLs with trailing slashes to their non-trailing slash counterparts, contributing to cleaner and more predictable URL patterns.

Custom Error Page Redirect

Creating a custom error page redirect is essential when you want to provide a more user-friendly and informative experience for visitors encountering HTTP errors on your website.

Crafting a custom error page can offer clear explanations or alternative navigation options, helping users understand the issue and guiding them to relevant content. This is particularly valuable for common errors like 404 Not Found or 500 Internal Server Error. A customized error page enhances the overall user experience, mitigates frustration, and ensures that even in error situations, visitors are engaged with your website, potentially reducing bounce rates and encouraging them to explore other parts of the site.

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Custom error page for 404 Not Found
    ErrorDocument 404 /custom-error-page.html
</IfModule>

Adjust the ErrorDocument directive to specify the appropriate HTTP status code and the path to your custom error page.

Redirect to the Maintenance Page

Redirecting to a maintenance page is necessary when performing updates, modifications, or essential maintenance tasks on a website, temporarily rendering it inaccessible. This ensures that users visiting the site during maintenance are informed about the temporary unavailability and prevents them from encountering broken or incomplete pages. To implement a maintenance page redirect using an .htaccess file, you can add the following mod_rewrite rules:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REMOTE_ADDR} !^Your_IP_Address$
    RewriteRule ^.*$ /maintenance.html [R=503,L]
</IfModule>

Replace “Your_IP_Address” with your actual IP address to exempt yourself from the maintenance redirect. This code checks if the visitor’s IP address does not match the specified one and redirects all requests to the “maintenance.html” page with a 503 status code, indicating that the server is temporarily unavailable. This effectively informs users about the ongoing maintenance and ensures a smoother experience during the update process.

Blocking Hotlinking of Images

Blocking the hotlinking of images is necessary when you want to prevent other websites from directly linking to and displaying images hosted on your server. This practice is essential to conserve bandwidth, protect your content, and maintain control over how your images are used. When hotlinking occurs, external websites consume your server resources, leading to increased costs and potential performance issues. Using mod_rewrite rules in the .htaccess file, you can implement hotlink protection by checking the referrer and allowing access only to requests originating from your own domain. Here’s an example:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
    RewriteRule \.(gif|jpg|jpeg|png)$ - [F]
</IfModule>

Replace “yourdomain.com” with your actual domain. This code checks if the referrer is not empty and not from your domain, and if so, it blocks access to image files (specified by extensions gif, jpg, jpeg, png) with a forbidden (403) status code. This protects your server resources and ensures that your images are only displayed on your intended web pages.