FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home  »  Htaccess  »  .htaccess Examples: Cookies, Variables, Custom Headers

by 14 comments

Cookie Manipulation in .htaccess with RewriteRuleGot some fresh .htaccess and mod_rewrite code for you! Check out the Cookie Manipulation and Tests using mod_rewrite! Also see how to set environment variables and then use them to send custom Headers (like content-language) and Rewrite based on them. And a couple Mod_Security .htaccess examples, for those smart enough to run on DreamHost. Enjoy!



Mod_Rewrite .htaccess Examples

Redirect Request ending in .html/ to .html

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.+).html/ HTTP/
RewriteRule ^(.+).html/$ /$1.html [R=301,L]

Or a lower quality alternative

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^[^.]+.html/$
RewriteRule ^(.*).html.*$ /$1.html [R=301,L]

Redirect All Feeds to Feedburner's MyBrand

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(feed|wp-atom|wp-feed|wp-rss|wp-rdf|wp-commentsrss)(.*) HTTP/ [NC,OR]
RewriteCond %{QUERY_STRING} ^feed [NC]
RewriteCond %{HTTP_USER_AGENT} !^(FeedBurner|FeedValidator|talkr) [NC]
RewriteRule .* http://feeds.askapache.com/apache/htaccess? [R=307,L]

Cookie Manipulation and Tests with mod_rewrite

Set a Cookie based on Requested directory

This code sends the Set-Cookie header to create a cookie on the client with the value of a matching item in 2nd parantheses.

RewriteEngine On
RewriteBase /
RewriteRule ^(.*)(de|es|fr|it|ja|ru|en)/$ - [co=lang:$2:.askapache.com:7200:/]

Get Cookie Value

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} lang=([^;]+) [NC]
RewriteRule ^(.*)$ /$1?cookie-value=%1 [R,QSA,L]

Rewrite Based on Cookie Value

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} lang=([^;]+) [NC]
RewriteRule ^(.*)$ /$1?lang=%1 [NC,L,QSA]

Redirect If Cookie Not Set

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_COOKIE} !^.*cookie-name.*$ [NC]
RewriteRule .* /login-error/set-cookie-first.cgi [NC,L]

Setting Environment Variables

Set lang var to Accept-Language Header

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP:Accept-Language} ^.*(de|es|fr|it|ja|ru|en).*$ [NC]
RewriteRule ^(.*)$ - [env=lang:%1]

Set lang var to URI

RewriteEngine On
RewriteBase /
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(.+)/(de|es|fr|it|ja|ru|en)/ HTTP/ [NC]
RewriteRule ^(.*)$ - [env=lang:%2]

Using the Environment Variable

Send Content-Language Header based on environment variable

Header set Content-Language "%{lang}e" env=lang

Set a Cookie with env variable value only if has value

Header set Set-Cookie "language=%{lang}e; path=/;" env=lang

Echo all Headers back!

Header echo ^.*

Mod_Security .htaccess Examples

ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server module or standalone, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.

Turn OFF mod_security


SecFilterEngine Off
SecFilterScanPOST Off

Reject Requests with Status 500


# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"

Tags

March 29th, 2008

Comments Welcome


Related Articles


My Online Tools
Popular Articles


Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman









[hide]

It's very simple - you read the protocol and write the code. -Bill Joy

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

+Askapache | askapache

Site Map | Contact Webmaster | License and Disclaimer | Terms of Service

↑ TOPMain