I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. The only avenue on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it's almost as powerful as httpd.conf itself

The post Htaccess – The Ultimate Guide appeared first on AskApache.

Want to redirect all links with any uppercase characters to lowercase using pure mod_rewrite within an .htaccess file? Sure why not! OR how to use RewriteMap and mod_speling for those with access to httpd.conf

The post Htaccess Rewrite for Redirecting Uppercase to Lowercase appeared first on AskApache.

So here's the basic idea: There are 2 sites, a development site and a live site. They are essentially mirrors of each other in terms of they have the same files. You need to disallow all search engine robots from indexing and crawling the development site, while allowing full crawling of your live site. Htaccess to the rescue!

The post Alternate robots.txt files with Htaccess appeared first on AskApache.

Use mod_rewrite to enable phpMyAdmin links in the form: /dbname/table/

The post phpMyAdmin Shortcuts with .htaccess appeared first on AskApache.

These are a few of the mod_rewrite uses that BlogSecurity declared pushed the boundaries of Mod_Rewrite! Some of these snippets are quite exotic and unlike anything you may have seen before, also only for those who understand them as they can kill a website pretty quick.

The post Mod_Rewrite Security appeared first on AskApache.

htaccess rewrite / Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.

The post Htaccess Rewrites – Rewrite Tricks and Tips appeared first on AskApache.

There are a total of 57 HTTP Status Codes recognized by the Apache Web Server. Wouldn't you like to see what all those headers and their output, ErrorDocuments look like?

The post HTTP Status Codes and Htaccess ErrorDocuments appeared first on AskApache.

#### No https except to wp-admin -
# If the request is empty ( implies fopen or normal file access by a php script )
RewriteCond %{THE_REQUEST} ^$ [OR]
 
# OR if the request if for wp-admin or wp-login.php
RewriteCond %{REQUEST_URI} ^/(wp-admin|wp-login.php).*$ [NC,OR]
 
# OR if the Referer is https
RewriteCond %{HTTP_REFERER} ^https://www.askapache.com/.*$ [NC]
 
# THEN skip the following rule, basically all this does is force https or badhost to be redirected
# BUT because of the above 3 rewritecond's, this won't break poorly written admin scripts
RewriteRule .* - [S=1]
 
RewriteCond %{HTTPS} =on [OR]
RewriteCond %{HTTP_HOST} !^www.askapache.com$ [NC]
RewriteRule .* http://www.askapache.com%{REQUEST_URI} [R=301,L]
 
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9} /(wp-admin/.*|wp-login.php.*) HTTP/ [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

The post Actual Htaccess Files from My Server appeared first on AskApache.

Note: Extremely ILL Content
Find the key to unlocking mod_rewrite and you WILL be sick.. sick with a diamond disease on your wrist!

The post Crazy Advanced Mod_Rewrite Debug Tutorial appeared first on AskApache.

This is freaking sweet if you use SSL I promise you! Basically instead of having to check for HTTPS using a RewriteCond %{HTTPS} =on for every redirect that can be either HTTP or HTTPS, I set an environment variable once with the value "http" or "https" if HTTP or HTTPS is being used for that request, and use that env variable in the RewriteRule.

The post Smart HTTP and HTTPS .htaccess Rewrite appeared first on AskApache.