The mod_rewrite
module in Apache allows for powerful and flexible URL rewriting. It can be used for various purposes, such as creating clean and user-friendly URLs, redirecting URLs, and implementing complex URL manipulations. Here’s a basic guide on how to use mod_rewrite
in Apache:
Enable mod_rewrite
Before using mod_rewrite
, ensure that the module is enabled. Open your Apache configuration file (httpd.conf
or a separate configuration file) and locate or add the following line to enable the module:
LoadModule rewrite_module modules/mod_rewrite.so
Then, restart Apache for Ubuntu/Debian Linux
sudo service apache2 restart # On Ubuntu/Debian
or restart Apache for CentOS/RHEL Linux
sudo systemctl restart httpd
Create or Edit .htaccess File
mod_rewrite
rules are often placed in a .htaccess
file in the root directory of your website. If a .htaccess
file doesn’t exist, you can create one.
sudo nano /path/to/your/website/.htaccess
mod_rewrite Directives & Parameters
mod_rewrite
is a powerful Apache module that provides a flexible and sophisticated way to manipulate URLs and control how the server processes requests. The module is driven by rules specified in the form of directives. Here are some key mod_rewrite
parameters and directives:
RewriteEngine
The RewriteEngine
is a directive in Apache’s mod_rewrite
module that enables or disables the URL rewriting engine. It acts as a master switch, determining whether the rewriting rules defined in your Apache configuration or .htaccess
file should be applied. The RewriteEngine
directive is typically used at the beginning of your configuration to activate the rewriting engine.
RewriteEngine On
You can use the RewriteEngine to:
- Enable URL Rewriting: Use
RewriteEngine On
when you want to activate URL rewriting capabilities. This is necessary if you intend to useRewriteRule
,RewriteCond
, and othermod_rewrite
directives to manipulate URLs, perform redirects, or customize the URL structure of your website.
- Disable URL Rewriting: If you want to temporarily disable URL rewriting, you can use
RewriteEngine Off
. This can be useful in situations where you want to bypass or turn off certain rewrite rules without removing them from your configuration.
In summary, use RewriteEngine On
when you want to employ URL rewriting features provided by mod_rewrite
to customize how URLs are processed and served by your Apache web server.
RewriteRule
The RewriteRule
is a directive in Apache’s mod_rewrite
module that defines rules for rewriting or redirecting URLs. It specifies a pattern to match in the requested URL and a substitution string to replace the matched pattern. The basic syntax is:
RewriteRule pattern substitution [flags]
- pattern: This is a regular expression pattern that the requested URL is compared against. If the pattern matches, the rule is applied.
- substitution: This is the replacement string that is used when the pattern matches. It can include back-references to capture groups from the pattern.
- flags (optional): Flags provide additional instructions to modify the rule’s behavior. For example, the
[L]
flag indicates that this is the last rule to be processed, and the[R=301]
flag specifies a permanent (301) redirect.
Here’s a simple example:
RewriteRule ^old-page$ /new-page [L,R=301]
This rule redirects requests for “old-page” to “new-page” with a 301 status code (permanent redirect). RewriteRule is a powerful tool for manipulating URLs, implementing redirects, and customizing the structure of your web application’s URLs.
RewriteCond
The RewriteCond
(Rewrite Condition) is a directive in Apache’s mod_rewrite
module used to specify conditions under which a RewriteRule
should be applied. It allows you to set conditions based on various aspects of the request, such as the request URL, server variables, or HTTP headers. If the conditions specified in RewriteCond
are met, the associated RewriteRule
is applied. The basic syntax of RewriteCond
is:
RewriteCond TestString CondPattern
- TestString: This is the string or variable to be tested against the condition.
- CondPattern: This is a regular expression pattern that, if matched, makes the condition true.
Here’s an example:
RewriteCond %{HTTP_USER_AGENT} Mozilla [NC]
RewriteRule ^.*$ /mozilla-page [L]
In this example, if the user agent in the HTTP request header contains the word “Mozilla” (case-insensitive, indicated by the [NC]
flag), the associated RewriteRule
will be applied, redirecting the request to “/mozilla-page.” RewriteCond
is crucial for specifying additional criteria that must be satisfied for a RewriteRule
to take effect.
RewriteBase
The RewriteBase
directive is used in Apache’s mod_rewrite
module to specify the base URL for per-directory (directory-relative) rewrites. It sets the base URL against which all relative substitutions in RewriteRule
patterns are resolved. The RewriteBase
directive is particularly useful when you have a set of rewrite rules in a directory and want to specify a base URL for their relative substitutions. The basic syntax is:
RewriteBase URL-path
- URL-path: This is the base URL against which relative substitutions in
RewriteRule
patterns are resolved. It is typically a relative path.
Here’s a simple example:
RewriteEngine On
RewriteBase /myapp
RewriteRule ^old-page$ new-page [L,R=301]
In this example, the RewriteBase /myapp
sets the base URL to “/myapp.” The subsequent RewriteRule
then applies to the URL path relative to “/myapp,” so it redirects requests for “/myapp/old-page” to “/myapp/new-page.” The RewriteBase
directive is optional, but it helps when working with relative substitutions in a directory context.
RewriteOptions
The RewriteOptions
directive in Apache’s mod_rewrite
module is used to configure various options for the rewriting engine. It provides a way to set global options that affect the behavior of all RewriteRule
directives in the configuration. The basic syntax is:
RewriteOptions option [option...]
Multiple options can be specified, and each option modifies the behavior of the mod_rewrite
engine in a specific way. Some commonly used options include:
- Inherit: This option makes the current configuration inherit the configuration of the parent directory. For example,
RewriteOptions InheritDown
inherits rules from the parent directory.
- InheritDown: This option, combined with
Inherit
, causes child directories to inherit rules from their parent.
- InheritDownBefore: This option is similar to
InheritDown
but applies the inherited rules before the local rules in the child directory.
- InheritBase: This option makes child directories inherit the
RewriteBase
directive from the parent.
Here’s an example:
RewriteEngine On
RewriteOptions InheritDown
In this example, the InheritDown
option ensures that child directories inherit the RewriteRule
directives from their parent directory. The RewriteOptions
directive is flexible and allows for fine-tuning the behavior of the mod_rewrite
engine in complex configurations.
RewriteMap
The RewriteMap
directive in Apache’s mod_rewrite
module is used to define an external mapping program for rewriting. It allows you to use an external script or program to perform custom substitutions in the rewriting process. The external program reads input values from the server and provides corresponding output values, which are then used in the RewriteRule
. The basic syntax is:
RewriteMap mapname maptype:mapsource
- mapname: This is the name by which the map is referenced in
RewriteRule
.
- maptype: Specifies the type of map, which can be
txt
(plain text) or other types such asdbm
(database map) orprg
(external program).
- mapsource: This is the source of the map, such as a file path for a
txt
map or a command for aprg
map.
Here’s an example using a plain text map:
RewriteMap examplemap txt:/path/to/mapfile.txt
RewriteRule ^/(.*)$ /${examplemap:$1} [R,L]
In this example, the RewriteMap
directive defines a plain text map named examplemap
from the file /path/to/mapfile.txt
. The subsequent RewriteRule
then uses this map to perform substitutions in the URL. RewriteMap is useful when you need dynamic or complex transformations that can be efficiently handled by an external script or program.
RewriteLog and RewriteLogLevel
The RewriteLog
and RewriteLogLevel
directives in Apache’s mod_rewrite
module are used for debugging and logging purposes.
RewriteLog
: This directive specifies the file path wheremod_rewrite
should write its debugging information. It is essential for understanding how rewrite rules are being processed and for diagnosing any issues. However, it’s important to note that usingRewriteLog
in a production environment can have performance implications, and it’s generally recommended to be used for debugging purposes only.
RewriteLog "/var/log/httpd/rewrite.log"
In this example, mod_rewrite
will log its debugging information to the specified file.
RewriteLogLevel
: This directive sets the level of verbosity for the logging. It determines the amount of detail written to the log file. Levels range from 0 (no logging) to 9 (maximum detail).
RewriteLogLevel 3
In this example, the logging level is set to 3, which provides a moderate level of detail. Adjust the level based on the specific debugging needs.
It’s crucial to use these directives judiciously, especially in a production environment, as excessive logging can impact server performance. Once debugging is complete, it’s recommended to disable or remove these directives to avoid unnecessary resource usage.
RewriteCond Back-references
RewriteCond
back-references in Apache’s mod_rewrite
module allow you to reference matched groups from the last matched RewriteCond
or RewriteRule
. These back-references are denoted by %
followed by the group number (e.g., %1
, %2
). When a regular expression pattern is used in a RewriteCond
and a match occurs, the matched text can be referred to later in the same rule or in subsequent rules.
Here’s a simple example:
RewriteCond %{HTTP_HOST} ^([a-z]+)\.example\.com$ [NC]
RewriteRule ^(.*)$ /pages/%1/$1 [L]
In this example, %1
refers to the first back-reference, which is the subdomain captured by the regular expression in the RewriteCond
. If the incoming URL is “subdomain.example.com/path,” the RewriteRule
will rewrite it to “/pages/subdomain/path.”
These back-references provide a powerful way to reuse matched patterns and create more dynamic and flexible rewrite rules in your Apache configuration.
Basic mod_rewrite Rules
We use the parameters and directives we talked about above to define conditions and rules for URL manipulation, enabling tasks like redirects, URL rewriting, access control, and more.
Here are some common examples of mod_rewrite
rules:
Redirect URLs
URL redirection in Apache is necessary when you want to forward or redirect requests from one URL to another. This can be useful for several reasons, such as when you have changed the structure of your website, moved content to a new location, or when you want to enforce a specific URL scheme (e.g., forcing HTTPS).
Redirects help maintain SEO rankings, prevent broken links, and ensure a seamless user experience. You might also use redirects to handle canonicalization issues, ensuring that users and search engines consistently access your content through the preferred URL.
Apache provides the mod_rewrite
module for URL redirection. You can use
directives to redirect from “http://example.com” to “http://www.example.com”. Here’s an example mod_rewrite
.htaccess
file:
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirect non-www to www and enforce HTTPS
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [L,R=301]
</IfModule>
The above code snippet checks if the mod_rewrite
module is enabled, and if so, it turns on the RewriteEngine. The subsequent rules enforce a redirect from non-www to www and ensure that the connection uses HTTPS. The RewriteCond directives check if either HTTPS is off or the requested host does not start with “www.” in a case-insensitive manner. If either condition is true, the RewriteRule redirects the request to “https://www.example.com” while preserving the requested URI. The [L,R=301] flags indicate that it’s the last rule to be processed, and a permanent (301) redirect should be performed.
Redirect the Old page to the New page
Redirecting old pages to new pages is essential in various scenarios, primarily when there are changes in a website’s structure, content, or URL format. It becomes necessary during website redesigns, migrations, or updates to ensure a seamless user experience and maintain search engine optimization (SEO) rankings.
Redirects play a crucial role in preserving inbound links, preventing users from encountering broken links or 404 errors and guiding search engines to updated content. This is vital for retaining the credibility of the website, preventing loss of traffic, and ensuring that users and search engines can access the most relevant and up-to-date information, contributing to a positive overall user experience and the site’s overall online visibility.
If you want to redirect requests from old URLs to new URLs using Apache’s mod_rewrite, you can use the following example code in your Apache configuration or .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
# Redirect old-page.html to new-page.html
RewriteRule ^old-page\.html$ /new-page.html [L,R=301]
</IfModule>
In this example, any request for “old-page.html” will be redirected to “new-page.html” with a 301 status code, indicating a permanent redirect. Adjust the old and new page URLs accordingly based on your specific requirements. You can extend this pattern for multiple redirects if needed.
Remove File Extension
Removing file extensions from URLs is often done for aesthetic and SEO purposes, making URLs more user-friendly and cleaner. This practice is particularly beneficial when constructing a website with human-readable URLs that convey the content’s nature without exposing underlying technologies or file types.
For example, transforming “example.com/page.html” into “example.com/page” simplifies the URL, enhancing its readability and memorability for users. Additionally, eliminating file extensions can provide flexibility in the backend infrastructure, allowing you to change technologies or file types without affecting the visible URLs. This practice is common in modern web development to create a more elegant and intuitive user experience, making URLs that are easier to share and understand.
If you want to remove file extensions from URLs using Apache’s mod_rewrite, you can use the following example code in your Apache configuration or .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
# Remove .html extension
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.html -f
RewriteRule ^(.*)$ $1.html [L]
</IfModule>
This code removes the “.html” extension from URLs. For example, a request to “example.com/page.html” would internally be processed as if it were “example.com/page”. This can make your URLs appear cleaner and more user-friendly. Adjust the extension and file types as needed for your specific scenario.
Keep in mind that this example assumes your files have a “.html” extension. If your files have a different extension, modify the RewriteRule
accordingly (e.g., .php
, .txt
, etc.). Additionally, make sure to test thoroughly after making changes to ensure the desired behavior.
Force HTTPS
Forcing HTTPS is essential to enhance the security of web communication by encrypting data transmitted between the user’s browser and the web server. This is particularly crucial when dealing with sensitive information, such as login credentials or personal data.
To enforce HTTPS on an Apache web server, you can use mod_rewrite in the server configuration or .htaccess file. Here’s an example:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
This code checks if the connection is not using HTTPS, and if so, it redirects the user to the same URL with “https://” instead of “http://”, using a 301 status code for a permanent redirect. This ensures that all traffic is securely transmitted over HTTPS, improving the overall security of the website.
Redirect URLs with Query Parameters
Redirecting URLs with query parameters is often necessary during website restructuring, updates, or changes in URL conventions. It becomes crucial when you want to ensure that users and search engines are directed to the new URLs seamlessly while preserving important query parameters. This is particularly relevant when migrating content or when there’s a shift in the structure of dynamic URLs. Redirecting URLs with query parameters helps maintain SEO rankings, preventing broken links, and offering a consistent user experience.
Additionally, it aids in handling changes in the application’s functionality or when transitioning to a new technology stack, ensuring that URLs with specific parameters are appropriately redirected to their updated equivalents.
RewriteEngine On
RewriteCond %{QUERY_STRING} ^param=value$
RewriteRule ^path$ /new-path? [L,R=301]
This mod_rewrite code activates the rewriting engine, and if a request has the query parameter “param” with the value “value” in the URL, it redirects from the original “path” to “new-path” with a 301 status code for a permanent redirect. The “?” at the end of the destination URL removes the original query parameters, and the [L,R=301] flags indicate that it’s the last rule to be processed, and a permanent redirect should be performed. This rule is useful for redirecting specific URLs with certain query parameters to new locations, commonly used during website restructuring or updates.
Remove Trailing Slash
Removing trailing slashes from URLs is necessary to maintain consistency in web addresses and avoid duplicate content issues. This becomes crucial when web servers treat URLs with and without trailing slashes as distinct, potentially leading to SEO problems and usability issues.
By enforcing a consistent URL structure, you prevent the same content from being accessible through multiple URLs, which can impact search engine rankings and user experience. Additionally, some systems may treat URLs with trailing slashes differently, potentially causing issues with relative paths or links. Removing trailing slashes ensures that your URLs are uniform and reduces the risk of confusion or unintended behaviors in web applications.
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
The above provided mod_rewrite directives serve to remove trailing slashes from URLs. When the RewriteEngine is activated, the RewriteCond checks if the requested file path is not an existing directory, and if so, the RewriteRule captures the entire URL path excluding the trailing slash and redirects to the modified URL using a 301 status code for a permanent redirect.
This rule is useful for standardizing URL structures, preventing duplicate content issues, and ensuring a consistent user experience across a website. It effectively redirects URLs with trailing slashes to their non-trailing slash counterparts, contributing to cleaner and more predictable URL patterns.
Custom Error Page Redirect
Creating a custom error page redirect is essential when you want to provide a more user-friendly and informative experience for visitors encountering HTTP errors on your website.
Crafting a custom error page can offer clear explanations or alternative navigation options, helping users understand the issue and guiding them to relevant content. This is particularly valuable for common errors like 404 Not Found or 500 Internal Server Error. A customized error page enhances the overall user experience, mitigates frustration, and ensures that even in error situations, visitors are engaged with your website, potentially reducing bounce rates and encouraging them to explore other parts of the site.
<IfModule mod_rewrite.c>
RewriteEngine On
# Custom error page for 404 Not Found
ErrorDocument 404 /custom-error-page.html
</IfModule>
Adjust the ErrorDocument
directive to specify the appropriate HTTP status code and the path to your custom error page.
Redirect to the Maintenance Page
Redirecting to a maintenance page is necessary when performing updates, modifications, or essential maintenance tasks on a website, temporarily rendering it inaccessible. This ensures that users visiting the site during maintenance are informed about the temporary unavailability and prevents them from encountering broken or incomplete pages. To implement a maintenance page redirect using an .htaccess file, you can add the following mod_rewrite rules:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^Your_IP_Address$
RewriteRule ^.*$ /maintenance.html [R=503,L]
</IfModule>
Replace “Your_IP_Address” with your actual IP address to exempt yourself from the maintenance redirect. This code checks if the visitor’s IP address does not match the specified one and redirects all requests to the “maintenance.html” page with a 503 status code, indicating that the server is temporarily unavailable. This effectively informs users about the ongoing maintenance and ensures a smoother experience during the update process.
Blocking Hotlinking of Images
Blocking the hotlinking of images is necessary when you want to prevent other websites from directly linking to and displaying images hosted on your server. This practice is essential to conserve bandwidth, protect your content, and maintain control over how your images are used. When hotlinking occurs, external websites consume your server resources, leading to increased costs and potential performance issues. Using mod_rewrite rules in the .htaccess file, you can implement hotlink protection by checking the referrer and allowing access only to requests originating from your own domain. Here’s an example:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png)$ - [F]
</IfModule>
Replace “yourdomain.com” with your actual domain. This code checks if the referrer is not empty and not from your domain, and if so, it blocks access to image files (specified by extensions gif, jpg, jpeg, png) with a forbidden (403) status code. This protects your server resources and ensures that your images are only displayed on your intended web pages.