Apache: Useful .htaccess tips & tricks

.htaccess is just not file extension rather an effective tool to manage Web Server configurations that makes life very easy specially for web hosting companies. From Authorization/Authentication to URL rewriting, Server side includes (SSI) to Directory Listing, Customized error handling to Cache control & managing MIME type, everything can be controlled from this file and that even without restarting web server. On top of it, .htaccess files affect the directory they are placed in and all sub-directories.

Hiding webpage extensions & redirecting
RewriteEngine On
RewriteCond %{THE_REQUEST} s/+(.+).php[s?] [NC]
RewriteRule ^ /%1 [R=302,L,NE]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^.]+)$ $1.php [NC,QSA,L]
Redirecting non-www to www version
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule ^(.*)$ "http://www.example.com/$1" [R=301,L]

RewriteCond %{HTTPS_HOST} ^example.com$
RewriteRule ^(.*)$ "https://www.example.com/$1" [R=301,L]
Redirecting www to non-www in subfolder
RewriteCond %{HTTP_HOST} ^www.example.com [NC]
RewriteRule (.*) http://example.com/folder-name/$1 [R=301,L]
Redirect the site IP address (A.B.C.D) to the domain name
RewriteCond %{HTTP_HOST} ^A.B.C.D$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
Turn http www mode into https non-www mode
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www.example.com$ [NC]
RewriteRule ^(.*)$ https://example.com/$1 [R=301,L]
Serve content from a different server or host or sub-domain as a subfolder without redirection
RewriteRule ^/subdomain/(.*) http://subdomain.example.com/$1 [P]
ProxyPassReverse  /subdomain/ http://subdomain.example.com/
Control caching
# Caching for 1 Year
<FilesMatch ".(ico|svg|woff|eot|ttf)$">
Header set Cache-Control "max-age=31536000, public"

# Caching for 1 Week
<FilesMatch ".(jpg|png|gif|css|js)$">
Header set Cache-Control "max-age=604800, public"

Defining MIME types for different file type
<IfModule mod_mime.c>
    AddType application/javascript          js
    AddType application/vnd.ms-fontobject   eot
    AddType application/x-font-ttf          ttf ttc
    AddType font/opentype                   otf
    AddType application/x-font-woff         woff
    AddType image/svg+xml                   svg svgz 
    AddEncoding gzip                        svgz
Enable GZIP compression
<IfModule mod_deflate.c>
<FilesMatch ".(html|php|txt|xml|js|css)$">
SetOutputFilter DEFLATE
Redirection for Maintenance windows
#Allowing only admin website
RewriteCond %{REQUEST_URI} !^/admin/ [NC]
RewriteCond %{REQUEST_URI} !((.*).css|(.*).js|(.*).jpg|(.*).gif|(.*).png) [NC]
RewriteRule ^(.*)$ /ErrorPages/UnderMaintenence.html [NC,L,U,QSA]
Force lowercase urls
RewriteMap lowercase int:tolower
RewriteCond $1 [A-Z]
RewriteRule ^((.*).html|(.*).htm|(.*).asp|(.*).aspx|(.*).ashx|(.*).php)$ ${lowercase:$1} [R=301,L]
Block external access to sensitive files
#  Block external access to the httpd.ini and httpd.parse.errors files
RewriteRule ^/httpd(?:.ini|.parse.errors).*$ / [NC,F,O]
#  Block external access to the Helper ISAPI Extension
RewriteRule ^.*.isrwhlp$ / [NC,F,O]
Prevent Directory Listing
Options -Indexes
Set external redirection map file
# Set redirection map
RewriteMap siterewritemap txt:rewrite-map.txt
RewriteMap lower int:tolower

# Use redirection map
RewriteCond %{QUERY_STRING} ^(.+)
RewriteCond ${siterewritemap:${lower:%{REQUEST_URI}}?${lower:%{QUERY_STRING}}} (.+) [NC]
RewriteRule .* %2 [NC,L,R=301]
Allow cross-domain Web fonts to work
<FilesMatch ".(ttf|ttc|otf|eot|woff)$">
    <IfModule mod_headers.c>
        Header set Access-Control-Allow-Origin "*"
Allow resources like fonts, js and css to be loaded from sub-domain strictly
SetEnvIf Origin "http(s)?://(.+.)?(example.com)$" ORIGIN_DOMAIN=$0
<IfModule mod_headers.c>
    <FilesMatch ".(eot|font.css|otf|ttc|ttf|woff|js|png|jpg|jpeg|gif)$">
        Header set Access-Control-Allow-Origin %{ORIGIN_DOMAIN}e env=ORIGIN_DOMAIN

Try playing around htaccess rules using http://htaccess.madewithlove.be/

(Visited 169 times, 1 visits today)