.htaccess Examples: Cookies, Variables, Custom Headers

Got some fresh .htaccess and mod_rewrite code for you! Check out the Cookie Manipulation and Tests using mod_rewrite! Also see how to set environment variables and then use them to send custom Headers (like content-language) and Rewrite based on them. And a couple Mod_Security .htaccess examples, for those smart enough to run on DreamHost. Enjoy!

• Mod_Rewrite .htaccess Examples
• Cookie Manipulation and Tests with mod_rewrite
• Setting Environment Variables
• Using the Environment Variable
• Mod_Security .htaccess Examples

Mod_Rewrite .htaccess Examples

Redirect Request ending in .html/ to .html

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.+)\.html/\ HTTP/
RewriteRule ^(.+)\.html/$ http://www.askapache.com/$1.html [R=301,L]

Or a lower quality alternative

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^[^\.]+\.html/$
RewriteRule ^(.*)\.html.*$ http://www.askapache.com/$1.html [R=301,L]

Redirect All Feeds to Feedburner's MyBrand

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(feed|wp-atom|wp-feed|wp-rss|wp-rdf|wp-commentsrss)(.*)\ HTTP/ [NC,OR]
RewriteCond %{QUERY_STRING} ^feed [NC]
RewriteCond %{HTTP_USER_AGENT} !^(FeedBurner|FeedValidator|talkr) [NC]
RewriteRule .* http://feeds.askapache.com/apache/htaccess? [R=307,L]

Cookie Manipulation and Tests with mod_rewrite

Set a Cookie based on Requested directory

This code sends the Set-Cookie header to create a cookie on the client with the value of a matching item in 2nd parantheses.

RewriteEngine On
RewriteBase /
RewriteRule ^(.*)(de|es|fr|it|ja|ru|en)/$ - [co=lang:$2:.askapache.com:7200:/]

Get Cookie Value

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} lang=([^;]+) [NC]
RewriteRule ^(.*)$ /$1?cookie-value=%1 [R,QSA,L]

Rewrite Based on Cookie Value

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} lang=([^;]+) [NC]
RewriteRule ^(.*)$ /$1?lang=%1 [NC,L,QSA]

Redirect If Cookie Not Set

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} !^.*cookie-name.*$ [NC]
RewriteRule .* /login-error/set-cookie-first.cgi [NC,L]

Setting Environment Variables

Set lang var to Accept-Language Header

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:Accept-Language} ^.*(de|es|fr|it|ja|ru|en).*$ [NC]
RewriteRule ^(.*)$ - [env=lang:%1]

Set lang var to URI

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.+)/(de|es|fr|it|ja|ru|en)/\ HTTP/ [NC]
RewriteRule ^(.*)$ - [env=lang:%2]

Using the Environment Variable

Send Content-Language Header based on environment variable

Header set Content-Language "%{lang}e" env=lang

Set a Cookie with env variable value only if has value

Header set Set-Cookie "language=%{lang}e; path=/;" env=lang

Echo all Headers back!

Header echo ^.*

Mod_Security .htaccess Examples

ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.

Turn OFF mod_security

<ifModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</ifModule>

Reject Requests with Status 500

<ifModule mod_security.c>
# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"
</ifModule>

• Feed for this Entry
• Trackback
• htaccess files

Reader Comments

1. AskApache ~October 7, 2011 @ 1:14 pm

   @Matatat This is one I myself use, pay attention to the beginning and ending wildcards in the rewritecond for HTTP_COOKIE.

   RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.*)\ HTTP/ [NC]
   RewriteCond %{HTTP_COOKIE} !^.*cookiename=thecookievaluegoeshere.*$ [NC]
   RewriteRule . https://www.askapache.com/wp-login.php?redirect_to=%1 [R=302,L]

2. Matatat ~August 4, 2011 @ 10:50 am

   Good article here - I have a tricky one that I cannot find the answer to so posting here to see if anyone can help. I need to create a rewrite condition to detect if a cookie is there. If the cookie is there and the value is not XX then the rewrute rule should apply. I have got the existance check for the cookie which works but when I add the conditional check for if it is there and value is XX the condition fails :( Any ideas - the first one works but with the introduction of the second both fail? The scenario will be that some users may have the cookie and some may not. For those that have if the value is set to XX i want to rewrite. My rule is as below:

   #    if CO mycookie exists and the value != 'XX' then do not redirect
   RewriteCond %{HTTP_COOKIE} !^.*mycookie.*$ [NC]
   RewriteCond %{HTTP_COOKIE} mycookie=XX [NC]

3. Paul O-H ~July 7, 2011 @ 11:39 am

   httpd-2.0.53 Running on port 8040 When connected, how do I prevent the port number from displaying in the URL? e.g. Link is http://site:8040 Want URL to display http://site
4. Ezra ~July 16, 2009 @ 6:47 pm

   Thank you so much! I been searching for ages to figure out how to rewrite based on the value of a cookie.
5. jorge ~July 1, 2009 @ 11:29 pm

   In the example: Redirect If Cookie Not Set, I think you need space, like:

   RewriteCond %{HTTP_COOKIE} !^.*cookie-name.*$ [NC]

6. Jairo Gelvez ~January 15, 2009 @ 6:59 pm

   Excelentes ejemplos, me ha quedado muy claro el manejo de las cookies.

   Excellent examples, I have been very clear about the handling of cookies.

7. Tom ~January 15, 2009 @ 12:16 am

   Is it possible to set the environment to the value of the URI in the current url? In other words save the URI until the next visitor arrives. Using htaccess...
8. David ~October 28, 2008 @ 10:23 am

   I was looking for .htaccess examples like these... thank you!
9. Mithilesh ~July 26, 2008 @ 4:14 pm

   Yep very nice Cookie Manipulation. Hope you will write more topics like URL Hotlink Protections and Vertiual Directory Creations
10. htaccess cookie monster ~March 30, 2008 @ 5:11 am

    Wow awesome cookie examples!

Add Comment!