Search For Rewrites

Htaccess Rewrites for Moving Urls

Post by AskApache Oct 29, 20111 comment

Category: Htaccess
Tags: 301 Redirects, Htaccess

3 Ways to Serve PDF Files using Htaccess Cookies, Headers, Rewrites

Post by AskApache Aug 20, 20117 comments

FYI, using the Mod_Rewrite Variables Cheatsheet makes this example, and all advanced .htaccess code easier to understand. This demo lets you set a cookie with 1 of 3 values, then you just request the pdf file with a normal link click and get 1 of 3 different responses. This is accomplished with a nice bit of .htaccess code.

Category: Htaccess

Htaccess Rewrites – Rewrite Tricks and Tips

Post by AskApache Apr 10, 2011130 comments

htaccess rewrite / Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.

Category: Htaccess

PHP to handle HTTP Status Codes for ErrorDocument

Post by AskApache Nov 18, 20102 comments

Fast, HTTP Protocol, protection. If you are reading this article, you already know enough about the benefits of making sure your site can handle HTTP Protocol Errors. This is a nice single php file with no dependencies or requirements, will work on anything. Optimized for minimizing bandwidth and resource-hogging connections from bots and spambots.

<?php
ob_start();
@set_time_limit(5);
@ini_set('memory_limit', '64M');
@ini_set('display_errors', 'Off');
error_reporting(0);

Category: PHP
Tags: ErrorDocument, HTTP, PHP

Mod_Rewrite Variables Cheatsheet

Post by AskApache Aug 03, 20106 comments

We've figured out what mod_rewrite variables look like, a cheatsheet of the actual value.

Category: Htaccess
Tags: cheatsheet, Htaccess, mod_rewrite

Actual Htaccess Files from My Server

Post by AskApache Apr 17, 20106 comments

#### No https except to wp-admin -
# If the request is empty ( implies fopen or normal file access by a php script )
RewriteCond %{THE_REQUEST} ^$ [OR]
 
# OR if the request if for wp-admin or wp-login.php
RewriteCond %{REQUEST_URI} ^/(wp-admin|wp-login\.php).*$ [NC,OR]
 
# OR if the Referer is https
RewriteCond %{HTTP_REFERER} ^https://www.askapache.com/.*$ [NC]
 
# THEN skip the following rule, basically all this does is force https or badhost to be redirected
# BUT because of the above 3 rewritecond's, this won't break poorly written admin scripts
RewriteRule .* - [S=1]
 
RewriteCond %{HTTPS} =on [OR]
RewriteCond %{HTTP_HOST} !^www\.askapache\.com$ [NC]
RewriteRule .* http://www.askapache.com%{REQUEST_URI} [R=301,L]
 
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(wp-admin/.*|wp-login\.php.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

Category: Htaccess

Optimize a Website for Speed, Security, and Easy Management

Post by AskApache Feb 18, 201011 comments

Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I'm piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.

Category: Hosting

Crazy Advanced Mod_Rewrite Debug Tutorial

Post by AskApache Sep 11, 200935 comments

Note: Extremely ILL Content
Find the key to unlocking mod_rewrite and you WILL be sick.. sick with a diamond disease on your wrist!

Category: Htaccess

SSI in Htaccess for ErrorDocuments, DirectoryIndexing, SEO

Post by AskApache Mar 09, 20091 comment

3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site's error handling to the next level, enhanced ErrorDocuments that go beyond 404's.

Category: Htaccess

THE Ultimate Htaccess

Post by AskApache Jan 10, 200988 comments

Skip this - still under edit

I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and "share" the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don't use .htaccess much, if AT ALL. It's much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I've never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it's almost as powerful as httpd.conf itself!

Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It's common to see "computer gurus" on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf - I wonder if these "gurus" know the history of the htaccess file, like it's use in the earliest versions of the HTTP Server- NCSA's HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.

Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA's, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)

Category: Htaccess

Pimp out your FeedBurner Count

Post by AskApache Aug 19, 20081 comment

I've had a lot of people ask about the FeedBurner FeedCount image on AskApache. Specifically how to set it up with custom messages and different colors each page view... It is pretty sweet..

Category: Hacking

Blocking Bad Bots and Scrapers with .htaccess

Post by AskApache Apr 08, 200824 comments

Want to block a bad robot or web scraper using .htaccess files? Here are 2 methods that illustrate blocking 436 various user-agents.

Category: Htaccess

Apache SSL in htaccess examples

Post by AskApache Mar 29, 200821 comments

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com

Some of the Ins and Outs of using SSL Connections with Apache.

Category: Htaccess
Tags: 301 Redirects, Htaccess, mod_rewrite, SSL

.htaccess mod_rewrite rewrite examples

Post by AskApache Feb 09, 20085 comments

A hit-list of some of my favorite mod_rewrite code snippets for .htaccess files

Category: Htaccess

Skeleton .htaccess file for Powweb Hosting

Post by AskApache Jan 11, 2008comment

If you have a Powweb Webhosting account, you will appreciate this simple skeleton .htaccess file for use on their systems.

Category: Htaccess

Redirecting RSS to Feedburner

Post by AskApache Jan 07, 200812 comments

FeedBurner is so RAD! I love it. Here's an alternative method to redirect scrapers and feed requests to your feedburner url, in my case, I use Branding by feedburner, which is so hot, taking advantage of CNAMEs in your DNS record.

Category: Htaccess

A better way to use PDF files online

Post by AskApache Nov 26, 20079 comments

.htaccess and php example serves .pdf files to give visitors the choice to open in an external program or save to disk without having to open it in the browser

PDF Before and after Fix - Firefox

Category: Htaccess

Online JavaScript Compressor, Obfuscator, Pretty Printer

Post by AskApache Oct 09, 2007Comments Off

Category:

WordPress RewriteRules Viewer

Post by AskApache Sep 18, 200718 comments

Often I am programming a plugin, or modifying my .htaccess rules, or editing a WordPress template file and I get stuck when it comes to how WordPress rewrites url's internally. This simple plugin displays all the internal WordPress rewrites.

Category: WordPress

Top methods for Faster, Speedier web sites

Post by AskApache Jun 01, 20071 comment

Category: Optimization