\documentclass[10pt,a4paper]{article} % Packages \usepackage{fancyhdr} % For header and footer \usepackage{multicol} % Allows multicols in tables \usepackage{tabularx} % Intelligent column widths \usepackage{tabulary} % Used in header and footer \usepackage{hhline} % Border under tables \usepackage{graphicx} % For images \usepackage{xcolor} % For hex colours %\usepackage[utf8x]{inputenc} % For unicode character support \usepackage[T1]{fontenc} % Without this we get weird character replacements \usepackage{colortbl} % For coloured tables \usepackage{setspace} % For line height \usepackage{lastpage} % Needed for total page number \usepackage{seqsplit} % Splits long words. %\usepackage{opensans} % Can't make this work so far. Shame. Would be lovely. \usepackage[normalem]{ulem} % For underlining links % Most of the following are not required for the majority % of cheat sheets but are needed for some symbol support. \usepackage{amsmath} % Symbols \usepackage{MnSymbol} % Symbols \usepackage{wasysym} % Symbols %\usepackage[english,german,french,spanish,italian]{babel} % Languages % Document Info \author{1080000000kmph (1080000000kmph)} \pdfinfo{ /Title (htaccess-at-its-best.pdf) /Creator (Cheatography) /Author (1080000000kmph (1080000000kmph)) /Subject (htaccess at its best! Cheat Sheet) } % Lengths and widths \addtolength{\textwidth}{6cm} \addtolength{\textheight}{-1cm} \addtolength{\hoffset}{-3cm} \addtolength{\voffset}{-2cm} \setlength{\tabcolsep}{0.2cm} % Space between columns \setlength{\headsep}{-12pt} % Reduce space between header and content \setlength{\headheight}{85pt} % If less, LaTeX automatically increases it \renewcommand{\footrulewidth}{0pt} % Remove footer line \renewcommand{\headrulewidth}{0pt} % Remove header line \renewcommand{\seqinsert}{\ifmmode\allowbreak\else\-\fi} % Hyphens in seqsplit % This two commands together give roughly % the right line height in the tables \renewcommand{\arraystretch}{1.3} \onehalfspacing % Commands \newcommand{\SetRowColor}[1]{\noalign{\gdef\RowColorName{#1}}\rowcolor{\RowColorName}} % Shortcut for row colour \newcommand{\mymulticolumn}[3]{\multicolumn{#1}{>{\columncolor{\RowColorName}}#2}{#3}} % For coloured multi-cols \newcolumntype{x}[1]{>{\raggedright}p{#1}} % New column types for ragged-right paragraph columns \newcommand{\tn}{\tabularnewline} % Required as custom column type in use % Font and Colours \definecolor{HeadBackground}{HTML}{333333} \definecolor{FootBackground}{HTML}{666666} \definecolor{TextColor}{HTML}{333333} \definecolor{DarkBackground}{HTML}{8D00A3} \definecolor{LightBackground}{HTML}{F7EFF9} \renewcommand{\familydefault}{\sfdefault} \color{TextColor} % Header and Footer \pagestyle{fancy} \fancyhead{} % Set header to blank \fancyfoot{} % Set footer to blank \fancyhead[L]{ \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{C} \SetRowColor{DarkBackground} \vspace{-7pt} {\parbox{\dimexpr\textwidth-2\fboxsep\relax}{\noindent \hspace*{-6pt}\includegraphics[width=5.8cm]{/web/www.cheatography.com/public/images/cheatography_logo.pdf}} } \end{tabulary} \columnbreak \begin{tabulary}{11cm}{L} \vspace{-2pt}\large{\bf{\textcolor{DarkBackground}{\textrm{htaccess at its best! Cheat Sheet}}}} \\ \normalsize{by \textcolor{DarkBackground}{1080000000kmph (1080000000kmph)} via \textcolor{DarkBackground}{\uline{cheatography.com/93332/cs/40788/}}} \end{tabulary} \end{multicols}} \fancyfoot[L]{ \footnotesize \noindent \begin{multicols}{3} \begin{tabulary}{5.8cm}{LL} \SetRowColor{FootBackground} \mymulticolumn{2}{p{5.377cm}}{\bf\textcolor{white}{Cheatographer}} \\ \vspace{-2pt}1080000000kmph (1080000000kmph) \\ \uline{cheatography.com/1080000000kmph} \\ \uline{\seqsplit{www}.seo-experts-score.nl} \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Cheat Sheet}} \\ \vspace{-2pt}Published 13th October, 2023.\\ Updated 13th October, 2023.\\ Page {\thepage} of \pageref{LastPage}. \end{tabulary} \vfill \columnbreak \begin{tabulary}{5.8cm}{L} \SetRowColor{FootBackground} \mymulticolumn{1}{p{5.377cm}}{\bf\textcolor{white}{Sponsor}} \\ \SetRowColor{white} \vspace{-5pt} %\includegraphics[width=48px,height=48px]{dave.jpeg} Measure your website readability!\\ www.readability-score.com \end{tabulary} \end{multicols}} \begin{document} \raggedright \raggedcolumns % Set font size to small. Switch to any value % from this page to resize cheat sheet text: % www.emerson.emory.edu/services/latex/latex_169.html \footnotesize % Small font. \begin{tabularx}{17.67cm}{X} \SetRowColor{DarkBackground} \mymulticolumn{1}{x{17.67cm}}{\bf\textcolor{white}{All in CHEATSHEET {[}.htaccess{]}}} \tn \SetRowColor{LightBackground} \mymulticolumn{1}{x{17.67cm}}{To protect your privacy remote resources have been blocked. \newline \newline Example .htaccess Code Snippets \newline \newline Here are some specific examples taken from the Htaccess Guide. \newline Redirect Everyone Except IP address to alternate page \newline \newline ErrorDocument 403 http://www.yahoo.com/ \newline Order deny,allow \newline Deny from all \newline Allow from 208.113.134.190 \newline \newline When developing sites \newline \newline This lets google crawl the page, lets me access without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org) \newline \newline AuthName "Under Development" \newline AuthUserFile \seqsplit{/home/sitename.com/.htpasswd} \newline AuthType basic \newline Require valid-user \newline Order deny,allow \newline Deny from all \newline Allow from 208.113.134.190 w3.org htmlhelp.com googlebot.com \newline Satisfy Any \newline \newline Fix double-login prompt \newline \newline Redirect non-https requests to https server and ensure that .htpasswd authorization can only be entered across HTTPS \newline \newline SSLOptions +StrictRequire \newline SSLRequireSSL \newline SSLRequire \%\{HTTP\_HOST\} eq "askapache.com" \newline ErrorDocument 403 https://askapache.com \newline \newline Set Timezone of the Server (GMT) \newline \newline SetEnv TZ America/Indianapolis \newline \newline Administrator Email for ErrorDocument \newline \newline SetEnv SERVER\_ADMIN webmaster@google.com \newline \newline ServerSignature for ErrorDocument \newline \newline ServerSignature off | on | email \newline \newline Charset and Language headers \newline \newline Article: Setting Charset in htaccess, and article by Richard Ishida \newline \newline AddDefaultCharset UTF-8 \newline DefaultLanguage en-US \newline \newline Disallow Script Execution \newline \newline Options -ExecCGI \newline AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi \newline \newline Deny Request Methods \newline \newline RewriteCond \%\{REQUEST\_METHOD\} !\textasciicircum{}(GET|HEAD|OPTIONS|POST|PUT) \newline RewriteRule .{\emph{ - {[}F{]} \newline \newline Force "File Save As" Prompt \newline \newline AddType application/octet-stream .avi .mpg .mov .pdf .xls .mp4 \newline \newline Show CGI Source Code \newline \newline RemoveHandler cgi-script .pl .py .cgi \newline AddType text/plain .pl .py .cgi \newline \newline Serve all .pdf files on your site using .htaccess and mod\_rewrite with the php script. \newline \newline RewriteEngine On \newline RewriteBase / \newline RewriteCond \%\{REQUEST\_FILENAME\} -f \newline RewriteRule \textasciicircum{}(.+)\textbackslash{}.pdf\$ \seqsplit{/cgi-bin/pdf.php?file=\$1} {[}L,NC,QSA{]} \newline \newline Rewrite to www \newline \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(robots\textbackslash{}.txt|favicon\textbackslash{}.ico|sitemap\textbackslash{}.xml)\$ \newline RewriteCond \%\{HTTP\_HOST\} !\textasciicircum{}www\textbackslash{}.askapache\textbackslash{}.com\$ {[}NC{]} \newline RewriteRule \textasciicircum{}(.}})\$ \seqsplit{https://www.askapache.com/\$1} {[}R=301,L{]} \newline \newline Rewrite to www dynamically \newline \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/robots\textbackslash{}.txt\$ {[}NC{]} \newline RewriteCond \%\{HTTP\_HOST\} !\textasciicircum{}www\textbackslash{}.{[}a-z-{]}+\textbackslash{}.{[}a-z{]}\{2,6\} {[}NC{]} \newline RewriteCond \%\{HTTP\_HOST\} ({[}a-z-{]}+\textbackslash{}.{[}a-z{]}\{2,6\})\$ {[}NC{]} \newline RewriteRule \textasciicircum{}/(.{\emph{)\$ http://\%1/\$1 {[}R=301,L{]} \newline \newline 301 Redirect Old File \newline \newline Redirect 301 /old/file.html \seqsplit{https://www.askapache.com/new/file/} \newline \newline 301 Redirect Entire Directory \newline \newline RedirectMatch 301 /blog(.}}) \seqsplit{https://www.askapache.com/\$1} \newline \newline Protecting your php.cgi \newline \newline \textless{}FilesMatch "\textasciicircum{}php5?\textbackslash{}.(ini|cgi)\$"\textgreater{} \newline Order Deny,Allow \newline Deny from All \newline Allow from env=REDIRECT\_STATUS \newline \textless{}/FilesMatch\textgreater{} \newline \newline Set Cookie based on Request \newline \newline This code sends the Set-Cookie header to create a cookie on the client with the value of a matching item in 2nd parantheses. \newline \newline RewriteEngine On \newline RewriteBase / \newline RewriteRule \textasciicircum{}(.{\emph{)(de|es|fr|it|ja|ru|en)/\$ - {[}co=lang:\$2:.askapache.com:7200:/{]} \newline \newline Set Cookie with env variable \newline \newline Header set Set-Cookie "language=\%\{lang\}e; path=/;" env=lang \newline \newline Custom ErrorDocuments \newline \newline ErrorDocument 100 /100\_CONTINUE \newline ErrorDocument 101 \seqsplit{/101\_SWITCHING\_PROTOCOLS} \newline ErrorDocument 102 /102\_PROCESSING \newline ErrorDocument 200 /200\_OK \newline ErrorDocument 201 /201\_CREATED \newline ErrorDocument 202 /202\_ACCEPTED \newline ErrorDocument 203 /203\_NON\_AUTHORITATIVE \newline ErrorDocument 204 /204\_NO\_CONTENT \newline ErrorDocument 205 /205\_RESET\_CONTENT \newline ErrorDocument 206 /206\_PARTIAL\_CONTENT \newline ErrorDocument 207 /207\_MULTI\_STATUS \newline ErrorDocument 300 /300\_MULTIPLE\_CHOICES \newline ErrorDocument 301 /301\_MOVED\_PERMANENTLY \newline ErrorDocument 302 /302\_MOVED\_TEMPORARILY \newline ErrorDocument 303 /303\_SEE\_OTHER \newline ErrorDocument 304 /304\_NOT\_MODIFIED \newline ErrorDocument 305 /305\_USE\_PROXY \newline ErrorDocument 307 \seqsplit{/307\_TEMPORARY\_REDIRECT} \newline ErrorDocument 400 /400\_BAD\_REQUEST \newline ErrorDocument 401 /401\_UNAUTHORIZED \newline ErrorDocument 402 /402\_PAYMENT\_REQUIRED \newline ErrorDocument 403 /403\_FORBIDDEN \newline ErrorDocument 404 /404\_NOT\_FOUND \newline \newline ErrorDocument 405 \seqsplit{/405\_METHOD\_NOT\_ALLOWED} \newline ErrorDocument 406 /406\_NOT\_ACCEPTABLE \newline ErrorDocument 407 \seqsplit{/407\_PROXY\_AUTHENTICATION\_REQUIRED} \newline ErrorDocument 408 /408\_REQUEST\_TIME\_OUT \newline ErrorDocument 409 /409\_CONFLICT \newline ErrorDocument 410 /410\_GONE \newline ErrorDocument 411 /411\_LENGTH\_REQUIRED \newline ErrorDocument 412 \seqsplit{/412\_PRECONDITION\_FAILED} \newline ErrorDocument 413 \seqsplit{/413\_REQUEST\_ENTITY\_TOO\_LARGE} \newline ErrorDocument 414 \seqsplit{/414\_REQUEST\_URI\_TOO\_LARGE} \newline ErrorDocument 415 \seqsplit{/415\_UNSUPPORTED\_MEDIA\_TYPE} \newline ErrorDocument 416 \seqsplit{/416\_RANGE\_NOT\_SATISFIABLE} \newline ErrorDocument 417 \seqsplit{/417\_EXPECTATION\_FAILED} \newline ErrorDocument 422 \seqsplit{/422\_UNPROCESSABLE\_ENTITY} \newline ErrorDocument 423 /423\_LOCKED \newline ErrorDocument 424 /424\_FAILED\_DEPENDENCY \newline ErrorDocument 426 /426\_UPGRADE\_REQUIRED \newline ErrorDocument 500 \seqsplit{/500\_INTERNAL\_SERVER\_ERROR} \newline ErrorDocument 501 /501\_NOT\_IMPLEMENTED \newline ErrorDocument 502 /502\_BAD\_GATEWAY \newline ErrorDocument 503 \seqsplit{/503\_SERVICE\_UNAVAILABLE} \newline ErrorDocument 504 /504\_GATEWAY\_TIME\_OUT \newline ErrorDocument 505 \seqsplit{/505\_VERSION\_NOT\_SUPPORTED} \newline ErrorDocument 506 \seqsplit{/506\_VARIANT\_ALSO\_VARIES} \newline ErrorDocument 507 \seqsplit{/507\_INSUFFICIENT\_STORAGE} \newline ErrorDocument 510 /510\_NOT\_EXTENDED \newline \newline Implementing a Caching Scheme with .htaccess \newline \newline \# year \newline \textless{}FilesMatch "\textbackslash{}.(ico|pdf|flv|jpg|jpeg|png|gif|swf|mp3|mp4)\$"\textgreater{} \newline Header set Cache-Control "public" \newline Header set Expires "Thu, 15 Apr 2010 20:00:00 GMT" \newline Header unset Last-Modified \newline \textless{}/FilesMatch\textgreater{} \newline \#2 hours \newline \textless{}FilesMatch "\textbackslash{}.(html|htm|xml|txt|xsl)\$"\textgreater{} \newline Header set Cache-Control "max-age=7200, must-revalidate" \newline \textless{}/FilesMatch\textgreater{} \newline \textless{}FilesMatch "\textbackslash{}.(js|css)\$"\textgreater{} \newline SetOutputFilter DEFLATE \newline Header set Expires "Thu, 15 Apr 2010 20:00:00 GMT" \newline \textless{}/FilesMatch\textgreater{} \newline \newline Password Protect single file \newline \newline \textless{}Files login.php\textgreater{} \newline AuthName "Prompt" \newline AuthType Basic \newline AuthUserFile \seqsplit{/home/askapache.com/.htpasswd} \newline Require valid-user \newline \textless{}/Files\textgreater{} \newline \newline Password Protect multiple files \newline \newline \textless{}FilesMatch "\textasciicircum{}(private|phpinfo).}}\$"\textgreater{} \newline AuthName "Development" \newline AuthUserFile /.htpasswd \newline AuthType basic \newline Require valid-user \newline \textless{}/FilesMatch\textgreater{} \newline \newline Send Custom Headers \newline \newline Header set P3P \seqsplit{"policyref="https://www.askapache.com/w3c/p3p.xml""} \newline Header set X-Pingback \seqsplit{"https://www.askapache.com/xmlrpc.php"} \newline Header set Content-Language "en-US" \newline Header set Vary "Accept-Encoding" \newline \newline Blocking based on User-Agent Header \newline \newline SetEnvIfNoCase \textasciicircum{}User-Agent\$ .{\emph{(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures) HTTP\_SAFE\_BADBOT \newline SetEnvIfNoCase \textasciicircum{}User-Agent\$ .}}(libwww-perl|aesop\_com\_spiderman) HTTP\_SAFE\_BADBOT \newline Deny from env=HTTP\_SAFE\_BADBOT \newline \newline Blocking with RewriteCond \newline \newline RewriteCond \%\{HTTP\_USER\_AGENT\} \textasciicircum{}.{\emph{(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|collector|grabber|webpictures).}}\$ {[}NC{]} \newline RewriteRule . - {[}F,L{]} \newline \newline .htaccess for mod\_php \newline \newline SetEnv PHPRC \seqsplit{/location/todir/containing/phpinifile} \newline \newline .htaccess for php as cgi \newline \newline AddHandler php-cgi .php .htm \newline Action php-cgi /cgi-bin/php5.cgi \newline \newline Shell wrapper for custom php.ini \newline \newline \#!/bin/sh \newline export PHP\_FCGI\_CHILDREN=3 \newline exec php5.cgi -c /abs/php5/php.ini \newline \newline Add values from HTTP Headers \newline \newline SetEnvIfNoCase \textasciicircum{}If-Modified-Since\$ "(.+)" \seqsplit{HTTP\_IF\_MODIFIED\_SINCE=\$1} \newline SetEnvIfNoCase \textasciicircum{}If-None-Match\$ "(.+)" \seqsplit{HTTP\_IF\_NONE\_MATCH=\$1} \newline SetEnvIfNoCase \textasciicircum{}Cache-Control\$ "(.+)" HTTP\_CACHE\_CONTROL=\$1 \newline SetEnvIfNoCase \textasciicircum{}Connection\$ "(.+)" HTTP\_CONNECTION=\$1 \newline SetEnvIfNoCase \textasciicircum{}Keep-Alive\$ "(.+)" HTTP\_KEEP\_ALIVE=\$1 \newline SetEnvIfNoCase \textasciicircum{}Authorization\$ "(.+)" HTTP\_AUTHORIZATION=\$1 \newline SetEnvIfNoCase \textasciicircum{}Cookie\$ "(.+)" HTTP\_MY\_COOKIE=\$1 \newline \newline Stop hotlinking \newline \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}\$ \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}http://(www\textbackslash{}.)?askapache\textbackslash{}.com/.{\emph{\$ {[}NC{]} \newline RewriteRule \textbackslash{}.(gif|jpg|swf|flv|png)\$ \seqsplit{https://www.askapache.com/feed.gif} {[}R=302,L{]} \newline \newline Turn logging off for IP \newline \newline SecFilterSelective REMOTE\_ADDR "208\textbackslash{}.113\textbackslash{}.183\textbackslash{}.103" "nolog,noauditlog,pass" \newline \newline Turn logging on for IP \newline \newline SecFilterSelective REMOTE\_ADDR "!\textasciicircum{}208\textbackslash{}.113\textbackslash{}.183\textbackslash{}.103" "nolog,noauditlog,pass" \newline SecFilterSelective REMOTE\_ADDR "208\textbackslash{}.113\textbackslash{}.183\textbackslash{}.103" "log,auditlog,pass" \newline \newline Example .htaccess Files \newline \newline Here are some samples and examples taken from different .htaccess files I've used over the years. Specific solutions are farther down on this page and throughout the site. \newline \newline \# Set the Time Zone of your Server \newline SetEnv TZ America/Indianapolis \newline \newline \# ServerAdmin: This address appears on some server-generated pages, such as error documents. \newline SetEnv SERVER\_ADMIN webmaster@askapache.com \newline \newline \# Possible values for the Options directive are "None", "All", or any combination of: \newline \# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews \newline Options -ExecCGI -MultiViews -Includes -Indexes FollowSymLinks \newline \newline \# DirectoryIndex: sets the file that Apache will serve if a directory is requested. \newline DirectoryIndex index.html index.php /index.php \newline \newline \# Action lets you define media types that will execute a script whenever \newline \# a matching file is called. This eliminates the need for repeated URL \newline \# pathnames for oft-used CGI file processors. \newline \# Format: Action media/type /cgi-script/location \newline \# Format: Action handler-name /cgi-script/location \newline \# \newline Action php5-cgi /bin/php.cgi \newline \newline \# AddHandler allows you to map certain file extensions to "handlers": \newline \# actions unrelated to filetype. These can be either built into the server \newline \# or added with the Action directive (see below) \newline \# \newline \# To use CGI scripts outside of ScriptAliased directories: \newline \# (You will also need to add "ExecCGI" to the "Options" directive.) \newline \# \newline AddHandler php-cgi .php .inc \newline \newline \# Commonly used filename extensions to character sets. \newline AddDefaultCharset UTF-8 \newline \newline \# AddType allows you to add to or override the MIME configuration \newline AddType 'application/rdf+xml; charset=UTF-8' .rdf \newline AddType 'application/xhtml+xml; charset=UTF-8' .xhtml \newline AddType 'application/xhtml+xml; charset=UTF-8' .xhtml.gz \newline AddType 'text/html; charset=UTF-8' .html \newline AddType 'text/html; charset=UTF-8' .html.gz \newline AddType application/octet-stream .rar .chm .bz2 .tgz .msi .pdf .exe \newline AddType application/vnd.ms-excel .csv \newline AddType \seqsplit{application/x-httpd-php-source} .phps \newline AddType application/x-pilot .prc .pdb \newline AddType \seqsplit{application/x-shockwave-flash} .swf \newline AddType application/xrds+xml .xrdf \newline AddType text/plain .ini .sh .bsh .bash .awk .nawk .gawk .csh .var .c .in .h .asc .md5 .sha .sha1 \newline AddType video/x-flv .flv \newline \newline \# AddEncoding allows you to have certain browsers uncompress information on the fly. Note: Not all browsers support this. \newline AddEncoding x-compress .Z \newline AddEncoding x-gzip .gz .tgz \newline \newline \# DefaultType: the default MIME type the server will use for a document. \newline DefaultType text/html \newline \newline \# Optionally add a line containing the server version and virtual host \newline \# name to server-generated pages (internal error documents, FTP directory \newline \# listings, mod\_status and mod\_info output etc., but not CGI generated \newline \# documents or custom error documents). \newline \# Set to "EMail" to also include a mailto: link to the ServerAdmin. \newline \# Set to one of: On | Off | EMail \newline ServerSignature Off \newline \newline \#\# MAIN DEFAULTS \newline Options +ExecCGI -Indexes \newline DirectoryIndex index.html index.htm index.php \newline DefaultLanguage en-US \newline AddDefaultCharset UTF-8 \newline ServerSignature Off \newline \newline \#\# ENVIRONMENT VARIABLES \newline SetEnv PHPRC /webroot/includes \newline SetEnv TZ America/Indianapolis \newline \newline SetEnv SERVER\_ADMIN webmaster@askapache.com \newline \newline \#\# MIME TYPES \newline AddType video/x-flv .flv \newline AddType \seqsplit{application/x-shockwave-flash} .swf \newline AddType image/x-icon .ico \newline \newline \#\# FORCE FILE TO DOWNLOAD INSTEAD OF APPEAR IN BROWSER \newline \# \seqsplit{http://www.htaccesselite.com/addtype-addhandler-action-vf6.html} \newline AddType application/octet-stream .mov .mp3 .zip \newline \newline \#\# ERRORDOCUMENTS \newline \# \seqsplit{http://askapache.com/htaccess/apache-status-code-headers-errordocument/} \newline ErrorDocument 400 /e400/ \newline ErrorDocument 401 /e401/ \newline ErrorDocument 402 /e402/ \newline ErrorDocument 403 /e403/ \newline ErrorDocument 404 /e404/ \newline \newline \# Handlers be builtin, included in a module, or added with Action directive \newline \# default-handler: default, handles static content (core) \newline \# send-as-is: Send file with HTTP headers (mod\_asis) \newline \# cgi-script: treat file as CGI script (mod\_cgi) \newline \# imap-file: Parse as an imagemap rule file (mod\_imap) \newline \# server-info: Get server config info (mod\_info) \newline \# server-status: Get server status report (mod\_status) \newline \# type-map: type map file for content negotiation (mod\_negotiation) \newline \# fastcgi-script: treat file as fastcgi script (mod\_fastcgi) \newline \# \newline \# \seqsplit{https://www.askapache.com/php/custom-phpini-tips-and-tricks/} \newline \newline \#\# PARSE AS CGI \newline AddHandler cgi-script .cgi .pl .spl \newline \newline \#\# RUN PHP AS APACHE MODULE \newline AddHandler application/x-httpd-php .php .htm \newline \newline \#\# RUN PHP AS CGI \newline AddHandler php-cgi .php .htm \newline \newline \#\# CGI PHP WRAPPER FOR CUSTOM PHP.INI \newline AddHandler phpini-cgi .php .htm \newline Action phpini-cgi \seqsplit{/cgi-bin/php5-custom-ini.cgi} \newline \newline \#\# FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI \newline AddHandler fastcgi-script .fcgi \newline AddHandler php-cgi .php .htm \newline Action php-cgi \seqsplit{/cgi-bin/php5-wrapper.fcgi} \newline \newline \#\# CUSTOM PHP CGI BINARY SETUP \newline AddHandler php-cgi .php .htm \newline Action php-cgi /cgi-bin/php.cgi \newline \newline \#\# PROCESS SPECIFIC FILETYPES WITH CGI-SCRIPT \newline Action image/gif /cgi-bin/img-create.cgi \newline \newline \#\# CREATE CUSTOM HANDLER FOR SPECIFIC FILE EXTENSIONS \newline AddHandler custom-processor .ssp \newline Action custom-processor /cgi-bin/myprocessor.cgi \newline \newline \#\#\# HEADER CACHING \newline \# \seqsplit{https://www.askapache.com/htaccess/speed-up-sites-with-htaccess-caching/} \newline \textless{}FilesMatch "\textbackslash{}.(flv|gif|jpg|jpeg|png|ico)\$"\textgreater{} \newline Header set Cache-Control "max-age=2592000" \newline \textless{}/FilesMatch\textgreater{} \newline \textless{}FilesMatch "\textbackslash{}.(js|css|pdf|swf)\$"\textgreater{} \newline Header set Cache-Control "max-age=604800" \newline \textless{}/FilesMatch\textgreater{} \newline \textless{}FilesMatch "\textbackslash{}.(html|htm|txt)\$"\textgreater{} \newline Header set Cache-Control "max-age=600" \newline \textless{}/FilesMatch\textgreater{} \newline \textless{}FilesMatch "\textbackslash{}.(pl|php|cgi|spl|scgi|fcgi)\$"\textgreater{} \newline Header unset Cache-Control \newline \textless{}/FilesMatch\textgreater{} \newline \newline \#\# ALTERNATE EXPIRES CACHING \newline \# \seqsplit{htaccesselite.com/d/use-htaccess-to-speed-up-your-site-discussion-vt67.html} \newline ExpiresActive On \newline ExpiresDefault A604800 \newline ExpiresByType image/x-icon A2592000 \newline ExpiresByType application/x-javascript A2592000 \newline ExpiresByType text/css A2592000 \newline ExpiresByType text/html A300 \newline \newline \textless{}FilesMatch "\textbackslash{}.(pl|php|cgi|spl|scgi|fcgi)\$"\textgreater{} \newline ExpiresActive Off \newline \textless{}/FilesMatch\textgreater{} \newline \newline \#\# META HTTP-EQUIV REPLACEMENTS \newline \textless{}FilesMatch "\textbackslash{}.(html|htm|php)\$"\textgreater{} \newline Header set imagetoolbar "no" \newline \textless{}/FilesMatch\textgreater{} \newline \newline Here are some default MOD\_REWRITE code examples. \newline \newline \#\# REWRITE DEFAULTS \newline RewriteEngine On \newline RewriteBase / \newline \newline \#\# REQUIRE SUBDOMAIN \newline RewriteCond \%\{HTTP\_HOST\} !\textasciicircum{}\$ \newline RewriteCond \%\{HTTP\_HOST\} !\textasciicircum{}subdomain\textbackslash{}.askapache\textbackslash{}.com\$ {[}NC{]} \newline RewriteRule \textasciicircum{}/(.}})\$ \seqsplit{http://subdomain.askapache.com/\$1} {[}L,R=301{]} \newline \newline \#\# SEO REWRITES \newline RewriteRule \textasciicircum{}(.{\emph{)/ve/(.}})\$ \seqsplit{\$1/voluntary-employee/\$2} {[}L,R=301{]} \newline RewriteRule \textasciicircum{}(.{\emph{)/hsa/(.}})\$ \seqsplit{\$1/health-saving-account/\$2} {[}L,R=301{]} \newline \newline \#\# WORDPRESS \newline RewriteCond \%\{REQUEST\_FILENAME\} !-f \# Existing File \newline RewriteCond \%\{REQUEST\_FILENAME\} !-d \# Existing Directory \newline RewriteRule . /index.php {[}L{]} \newline \newline \#\# ALTERNATIVE ANTI-HOTLINKING \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}\$ \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}http://(subdomain\textbackslash{}.)?askapache\textbackslash{}.com/.{\emph{\$ {[}NC{]} \newline RewriteRule \textasciicircum{}.}}\textbackslash{}.(bmp|tif|gif|jpg|jpeg|jpe|png)\$ - {[}F{]} \newline \newline \#\# REDIRECT HOTLINKERS \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}\$ \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}http://(subdomain\textbackslash{}.)?askapache\textbackslash{}.com/.{\emph{\$ {[}NC{]} \newline RewriteRule \textasciicircum{}.}}\textbackslash{}.(bmp|tif|gif|jpg|jpeg|jpe|png)\$ http://google.com {[}R{]} \newline \newline \#\# DENY REQUEST BASED ON REQUEST METHOD \newline RewriteCond \%\{REQUEST\_METHOD\} \textasciicircum{}(TRACE|TRACK|OPTIONS|HEAD)\$ {[}NC{]} \newline RewriteRule \textasciicircum{}.{\emph{\$ - {[}F{]} \newline \newline \#\# REDIRECT UPLOADS \newline RewriteCond \%\{REQUEST\_METHOD\} \textasciicircum{}(PUT|POST)\$ {[}NC{]} \newline RewriteRule \textasciicircum{}(.}})\$ \seqsplit{/cgi-bin/form-upload-processor}.cgi?p=\$1 {[}L,QSA{]} \newline \newline \#\# REQUIRE SSL EVEN WHEN MOD\_SSL IS NOT LOADED \newline RewriteCond \%\{HTTPS\} !=on {[}NC{]} \newline RewriteRule \textasciicircum{}.{\emph{\$ https://\%\{SERVER\_NAME\}\%\{REQUEST\_URI\} {[}R,L{]} \newline \newline \#\#\# ALTERNATATIVE TO USING ERRORDOCUMENT \newline \# \seqsplit{http://www.htaccesselite.com/d/htaccess-errordocument-examples-vt11.html} \newline RewriteCond \%\{REQUEST\_FILENAME\} !-f \newline RewriteCond \%\{REQUEST\_FILENAME\} !-d \newline RewriteRule \textasciicircum{}.}}\$ /error.php {[}L{]} \newline \newline \#\# SEO REDIRECTS \newline Redirect 301 /2006/oldfile.html \seqsplit{http://subdomain.askapache.com/newfile/} \newline RedirectMatch 301 /o/(.{\emph{)\$ \seqsplit{http://subdomain.askapache.com/s/dl/\$1} \newline \newline Examples of protecting your files and securing with password protection. \newline \newline \# \newline \# Require (user|group|valid-user) (username|groupname) \newline \# \newline \#\# BASIC PASSWORD PROTECTION \newline AuthType basic \newline AuthName "prompt" \newline AuthUserFile /.htpasswd \newline AuthGroupFile /dev/null \newline Require valid-user \newline \newline \#\# ALLOW FROM IP OR VALID PASSWORD \newline Require valid-user \newline Allow from 192.168.1.23 \newline Satisfy Any \newline \newline \#\# PROTECT FILES \newline \textless{}FilesMatch "\textbackslash{}.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)\$"\textgreater{} \newline Order Allow,Deny \newline Deny from all \newline \textless{}/FilesMatch\textgreater{} \newline \newline \#\# PREVENT HOTLINKING \newline SetEnvIfNoCase Referer "\textasciicircum{}http://subdomain.askapache.com/" good \newline SetEnvIfNoCase Referer "\textasciicircum{}\$" good \newline \textless{}FilesMatch "\textbackslash{}.(png|jpg|jpeg|gif|bmp|swf|flv)\$"\textgreater{} \newline Order Deny,Allow \newline Deny from all \newline Allow from env=good \newline ErrorDocument 403 \seqsplit{http://www.google.com/intl/en\_ALL/images/logo.gif} \newline ErrorDocument 403 \seqsplit{/images/you\_bad\_hotlinker}.gif \newline \textless{}/FilesMatch\textgreater{} \newline \newline \#\# LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK \newline \#bytes, 0-2147483647(2GB) \newline LimitRequestBody 10240000 \newline \newline \#\# MOST SECURE WAY TO REQUIRE SSL \newline \# \seqsplit{https://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples/} \newline SSLOptions +StrictRequire \newline SSLRequireSSL \newline SSLRequire \%\{HTTP\_HOST\} eq "askapache.com" \newline ErrorDocument 403 https://askapache.com \newline \newline \#\# COMBINED DEVELOPER HTACCESS CODE-USE THIS \newline \textless{}FilesMatch "\textbackslash{}.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)\$"\textgreater{} \newline Header set Cache-Control "max-age=5" \newline \textless{}/FilesMatch\textgreater{} \newline AuthType basic \newline AuthName "Ooops! Temporarily Under Construction..." \newline AuthUserFile /.htpasswd \newline AuthGroupFile /dev/null \newline Require valid-user \# password prompt for everyone else \newline Order Deny,Allow \newline Deny from all \newline Allow from 192.168.64.5 \# Your, the developers IP address \newline Allow from w3.org \# css/xhtml check \seqsplit{jigsaw.w3.org/css-validator/} \newline Allow from googlebot.com \# Allows google to crawl your pages \newline Satisfy Any \# no password required if host/ip is Allowed \newline \newline \#\# DONT HAVE TO EMPTY CACHE OR RELOAD TO SEE CHANGES \newline ExpiresDefault A5 \#If using mod\_expires \newline \textless{}FilesMatch "\textbackslash{}.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)\$"\textgreater{} \newline Header set Cache-Control "max-age=5" \newline \textless{}/FilesMatch\textgreater{} \newline \newline \#\# ALLOW ACCESS WITH PASSWORD OR NO PASSWORD FOR SPECIFIC IP/HOSTS \newline AuthType basic \newline AuthName "Ooops! Temporarily Under Construction..." \newline AuthUserFile /.htpasswd \newline AuthGroupFile /dev/null \newline Require valid-user \# password prompt for everyone else \newline Order Deny,Allow \newline Deny from all \newline Allow from 192.168.64.5 \# Your, the developers IP address \newline Allow from w3.org \# css/xhtml check \seqsplit{jigsaw.w3.org/css-validator/} \newline Allow from googlebot.com \# Allows google to crawl your pages \newline Satisfy Any \# no password required if host/ip is Allowed \newline \newline Advanced Mod\_Rewrites \newline \newline Here are some specific htaccess examples taken mostly from my WordPress Password Protection plugin, which does alot more than password protection as you will see from the following mod\_rewrite examples. These are a few of the mod\_rewrite uses that BlogSecurity declared pushed the boundaries of Mod\_Rewrite! Some of these snippets are quite exotic and unlike anything you may have seen before, also only for those who understand them as they can kill a website pretty quick. \newline Directory Protection \newline \newline Enable the DirectoryIndex Protection, preventing directory index listings and defaulting. {[}Disable{]} \newline \newline Options -Indexes \newline DirectoryIndex index.html index.php /index.php \newline \newline Password Protect wp-login.php \newline \newline Requires a valid user/pass to access the login page{[}401{]} \newline \newline \textless{}Files wp-login.php\textgreater{} \newline Order Deny,Allow \newline Deny from All \newline Satisfy Any \newline AuthName "Protected By AskApache" \newline AuthUserFile \seqsplit{/home/askapache.com/.htpasswda1} \newline AuthType Basic \newline Require valid-user \newline \textless{}/Files\textgreater{} \newline \newline Password Protect wp-admin \newline \newline Requires a valid user/pass to access any non-static (css, js, images) file in this directory.{[}401{]} \newline \newline Options -ExecCGI -Indexes +FollowSymLinks -Includes \newline DirectoryIndex index.php /index.php \newline Order Deny,Allow \newline Deny from All \newline Satisfy Any \newline AuthName "Protected By AskApache" \newline AuthUserFile \seqsplit{/home/askapache.com/.htpasswda1} \newline AuthType Basic \newline Require valid-user \newline \textless{}FilesMatch "\textbackslash{}.(ico|pdf|flv|jpg|jpeg|mp3|mpg|mp4|mov|wav|wmv|png|gif|swf|css|js)\$"\textgreater{} \newline Allow from All \newline \textless{}/FilesMatch\textgreater{} \newline \textless{}FilesMatch "(async-upload)\textbackslash{}.php\$"\textgreater{} \newline \textless{}IfModule mod\_security.c\textgreater{} \newline SecFilterEngine Off \newline \textless{}/IfModule\textgreater{} \newline Allow from All \newline \textless{}/FilesMatch\textgreater{} \newline \newline Protect wp-content \newline \newline Denies any Direct request for files ending in .php with a 403 Forbidden.. May break plugins/themes {[}401{]} \newline \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /wp-content/.}}\$ {[}NC{]} \newline RewriteCond \%\{REQUEST\_FILENAME\} !\textasciicircum{}.+flexible-upload-wp25js.php\$ \newline RewriteCond \%\{REQUEST\_FILENAME\} \textasciicircum{}.+\textbackslash{}.(php|html|htm|txt)\$ \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Protect wp-includes \newline \newline Denies any Direct request for files ending in .php with a 403 Forbidden.. May break plugins/themes {[}403{]} \newline \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /wp-includes/.}}\$ {[}NC{]} \newline RewriteCond \%\{THE\_REQUEST\} !\textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /wp-includes/js/.+/.+\textbackslash{} HTTP/ {[}NC{]} \newline RewriteCond \%\{REQUEST\_FILENAME\} \textasciicircum{}.+\textbackslash{}.php\$ \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Common Exploits \newline \newline Block common exploit requests with 403 Forbidden. These can help alot, may break some plugins. {[}403{]} \newline \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} ///.{\emph{\textbackslash{} HTTP/ {[}NC,OR{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.}}\textbackslash{}?\textbackslash{}=?(http|ftp|ssl|https):/.{\emph{\textbackslash{} HTTP/ {[}NC,OR{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.}}\textbackslash{}?\textbackslash{}?.{\emph{\textbackslash{} HTTP/ {[}NC,OR{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.}}\textbackslash{}.(asp|ini|dll).{\emph{\textbackslash{} HTTP/ {[}NC,OR{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.}}\textbackslash{}.(htpasswd|htaccess|aahtpasswd).{\emph{\textbackslash{} HTTP/ {[}NC{]} \newline RewriteRule .}} - {[}F,NS,L{]} \newline \newline Stop Hotlinking \newline \newline Denies any request for static files (images, css, etc) if referrer is not local site or empty. {[}403{]} \newline \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}\$ \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).{\emph{ {[}NC{]} \newline RewriteCond \%\{HTTP\_REFERER\} !\textasciicircum{}https://www.askapache.com.}}\$ {[}NC{]} \newline RewriteRule \textbackslash{}.(ico|pdf|flv|jpg|jpeg|mp3|mpg|mp4|mov|wav|wmv|png|gif|swf|css|js)\$ - {[}F,NS,L{]} \newline \newline Safe Request Methods \newline \newline Denies any request not using GET,PROPFIND,POST,OPTIONS,PUT,HEAD{[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} !\textasciicircum{}(GET|HEAD|POST|PROPFIND|OPTIONS|PUT)\$ {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Forbid Proxies \newline \newline Denies any POST Request using a Proxy Server. Can still access site, but not comment. See Perishable Press {[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} =POST \newline RewriteCond \%\{HTTP:VIA\}\%\{HTTP:FORWARDED\}\%\{HTTP:USERAGENT\_VIA\}\%\{HTTP:X\_FORWARDED\_FOR\}\%\{HTTP:PROXY\_CONNECTION\} !\textasciicircum{}\$ {[}OR{]} \newline RewriteCond \%\{HTTP:XPROXY\_CONNECTION\}\%\{HTTP:HTTP\_PC\_REMOTE\_ADDR\}\%\{HTTP:HTTP\_CLIENT\_IP\} !\textasciicircum{}\$ \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Real wp-comments-post.php \newline \newline Denies any POST attempt made to a non-existing wp-comments-post.php{[}403{]} \newline \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.}}/wp-comments-post\textbackslash{}.php.{\emph{\textbackslash{} HTTP/ {[}NC{]} \newline RewriteRule .}} - {[}F,NS,L{]} \newline \newline HTTP PROTOCOL \newline \newline Denies any badly formed HTTP PROTOCOL in the request, 0.9, 1.0, and 1.1 only{[}403{]} \newline \newline RewriteCond \%\{THE\_REQUEST\} !\textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} .+\textbackslash{} HTTP/(0\textbackslash{}.9|1\textbackslash{}.0|1\textbackslash{}.1) {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline SPECIFY CHARACTERS \newline \newline Denies any request for a url containing characters other than "a-zA-Z0-9.+/-?=\&" - REALLY helps but may break your site depending on your links. {[}403{]} \newline \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteCond \%\{THE\_REQUEST\} !\textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} {[}a-zA-Z0-9\textbackslash{}.\textbackslash{}+\_/\textbackslash{}-\textbackslash{}?\textbackslash{}=\textbackslash{}\&{]}+\textbackslash{} HTTP/ {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline BAD Content Length \newline \newline Denies any POST request that doesnt have a Content-Length Header{[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} =POST \newline RewriteCond \%\{HTTP:Content-Length\} \textasciicircum{}\$ \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline BAD Content Type \newline \newline Denies any POST request with a content type other than application/x-www-form-urlencoded|multipart/form-data{[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} =POST \newline RewriteCond \%\{HTTP:Content-Type\} !\textasciicircum{}(application/x-www-form-urlencoded|multipart/form-data.}}(boundary.{\emph{)?)\$ {[}NC{]} \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Missing HTTP\_HOST \newline \newline Denies requests that dont contain a HTTP HOST Header.{[}403{]} \newline \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).}} {[}NC{]} \newline RewriteCond \%\{HTTP\_HOST\} \textasciicircum{}\$ \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Bogus Graphics Exploit \newline \newline Denies obvious exploit using bogus graphics{[}403{]} \newline \newline RewriteCond \%\{HTTP:Content-Disposition\} \textbackslash{}.php {[}NC{]} \newline RewriteCond \%\{HTTP:Content-Type\} image/.+ {[}NC{]} \newline RewriteRule .}} - {[}F,NS,L{]} \newline \newline No UserAgent, Not POST \newline \newline Denies POST requests by blank user-agents. May prevent a small number of visitors from POSTING. {[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} =POST \newline RewriteCond \%\{HTTP\_USER\_AGENT\} \textasciicircum{}-?\$ \newline RewriteCond \%\{REQUEST\_URI\} !\textasciicircum{}/(wp-login.php|wp-admin/|wp-content/plugins/|wp-includes/).{\emph{ {[}NC{]} \newline RewriteRule .}} - {[}F,NS,L{]} \newline \newline No Referer, No Comment \newline \newline Denies any comment attempt with a blank HTTP\_REFERER field, highly indicative of spam. May prevent some visitors from POSTING. {[}403{]} \newline \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.{\emph{/wp-comments-post\textbackslash{}.php.}}\textbackslash{} HTTP/ {[}NC{]} \newline RewriteCond \%\{HTTP\_REFERER\} \textasciicircum{}-?\$ \newline RewriteRule .{\emph{ - {[}F,NS,L{]} \newline \newline Trackback Spam \newline \newline Denies obvious trackback spam. See Holy Shmoly! {[}403{]} \newline \newline RewriteCond \%\{REQUEST\_METHOD\} =POST \newline RewriteCond \%\{HTTP\_USER\_AGENT\} \textasciicircum{}.}}(opera|mozilla|firefox|msie|safari).{\emph{\$ {[}NC{]} \newline RewriteCond \%\{THE\_REQUEST\} \textasciicircum{}{[}A-Z{]}\{3,9\}\textbackslash{} /.+/trackback/?\textbackslash{} HTTP/ {[}NC{]} \newline RewriteRule .}} - {[}F,NS,L{]} \newline \newline Map all URIs except those corresponding to existing files to a handler \newline \newline RewriteEngine On \newline RewriteCond \%\{DOCUMENT\_ROOT\}\%\{REQUEST\_URI\} !-d \newline RewriteCond \%\{DOCUMENT\_ROOT\}\%\{REQUEST\_URI\} !-f \newline RewriteRule . /script.php \newline \newline Map any request to a handler \newline \newline In the case where all URIs should be sent to the same place (including potentially requests for static content) the method to use depends on the type of the handler. For php scripts, use: For other handlers such as php scripts, use: \newline \newline RewriteEngine On \newline RewriteCond \%\{REQUEST\_URI\} !=/script.php \newline RewriteRule .{\emph{ /script.php \newline \newline And for CGI scripts: \newline \newline ScriptAliasMatch .}} /var/www/script.cgi \newline \newline Map URIs corresponding to existing files to a handler instead \newline \newline RewriteEngine On \newline RewriteCond \%\{DOCUMENT\_ROOT\}\%\{REQUEST\_URI\} -d {[}OR{]} \newline RewriteCond \%\{DOCUMENT\_ROOT\}\%\{REQUEST\_URI\} -f \newline RewriteCond \%\{REQUEST\_URI\} !=/script.php \newline RewriteRule .{\emph{ /script.php \newline \newline If the existing files you wish to have handled by your script have a common set of file extensions distinct from that of the hander, you can bypass mod\_rewrite and use instead mod\_actions. Let's say you want all .html and .tpl files to be dealt with by your script: \newline \newline Action foo-action /script.php \newline AddHandler foo-action html tpl \newline \newline Deny access if var=val contains the string foo. \newline \newline RewriteCond \%\{QUERY\_STRING\} foo \newline RewriteRule \textasciicircum{}/url - {[}F{]} \newline \newline Removing the Query String \newline \newline RewriteRule \textasciicircum{}/url /url? \newline \newline Adding to the Query String \newline \newline Keep the existing query string using the Query String Append flag, but add var=val to the end. \newline \newline RewriteRule \textasciicircum{}/url /url?var=val {[}QSA{]} \newline \newline Rewriting For Certain Query Strings \newline \newline Rewrite URLs like \seqsplit{http://askapache.com/url1?var=val} to \seqsplit{http://askapache.com/url2?var=val} but don't rewrite if val isn't present. \newline \newline RewriteCond \%\{QUERY\_STRING\} val \newline RewriteRule \textasciicircum{}/url1 /url2 \newline \newline Modifying the Query String \newline \newline Change any single instance of val in the query string to other\_val when accessing /path. Note that \%1 and \%2 are back-references to the matched part of the regular expression in the previous RewriteCond. \newline \newline RewriteCond \%\{QUERY\_STRING\} \textasciicircum{}(.}})val(.*)\$ \newline RewriteRule /path /path?\%1other\_val\%2} \tn \hhline{>{\arrayrulecolor{DarkBackground}}-} \end{tabularx} \par\addvspace{1.3em} \end{document}