. htaccess Introduction

Source: Internet
Author: User
Tags deprecated parent directory php source code response code password protection

I.. what is htaccess?

The. htaccess file (or "Distributed Profile") provides a way to configure the directory to change the. htaccess file that contains one or more instructions in a particular document directory to act on this directory and all its subdirectories. As a user, the commands you can use are limited. The administrator can set it through Apache's allowoverride instructions.

As an overview, the htaccess file is a configuration file in the Apache server that is responsible for the Web page configuration under the relevant directory. Through the htaccess file, you can help us: page 301 redirect, custom 404 error page, change file extension, allow/block specific user or directory access, prohibit directory list, configure default document and other functions.

Enable. htaccess, you need to modify httpd.conf, enable allowoverride, and use allowoverride to limit the usage of specific commands. If you need to use a file name other than. htaccess, you can use the Accessfilename directive to change it. For example, if you need to use. config, you can configure it in the server configuration file as follows: Accessfilename. config.

Broadly speaking,. Htaccess can help us implement include: folder password protection, user Auto Redirect, custom error page, change your file extension, block specific IP address of the user, only allow the specific IP address of the user, prohibit directory list, and use other files as index files and other features.

Second, the principle of work

Set the Allowoverride=all in the specified directory to open the. htaccess file directive. Apache must look up the. htaccess file in all the parent directories and execute the instructions in turn to make all valid directives effective. For example: To request a page in/www/htdocs/example, Apache must look for the following files:

/.htaccess/www/.htaccess/www/htdocs/.htaccess/www/htdocs/example/.htaccess

A total of 4 additional files will be accessed, even if none of these files exist. (Note that this may only be due to allowing the root directory "/" to be used. htaccess, although this is not a lot.) )

Directives are in order of lookup, so directives in a. htaccess file in a specific directory may overwrite instructions in the. htaccess file in their parent directory, i.e. directives in subdirectories overwrite the parent directory or instructions in the master configuration file.

Iii.. htaccess and redirection

"Rewriteengine on": means that the rewrite engine is on, off off, the function is convenient to turn on or off the following statement, so that no one comment statement.

"Rewritecond%{http_host} ^xxx\.com$ [NC]": This is the overriding condition, the previous%{http_host} represents the URL of the current visit, only the prefix part, the format is www.xxx.com does not include "http:/" and "/", ^ Represents the beginning of the string, $ means the end of the string, \. Indicates escaped. If the line is not escaped, it is recommended to escape and prevent some servers from not being supported. This rule means that if the URL that is visited is xxx.com execute the following statement, the non-conformance is skipped. [NC] Indicates that case matching is ignored.

"Rewriterule ^ (. *) $ http://www.xxx.com/$1 [l,r=301]": This is the rewrite rule, which means that the preceding matching word rename characters is written as/blog/$1, which represents a reverse match, referring to the component of the first parenthesis above, i.e. ^ ( . *) $ in. *, in fact there will be a problem, and then discuss.

The ^ (. *) $ in the above instruction will match the current URL. But the problem is:

If the request URL is http://www.xxx.com/a.html, exactly matches the entire http://www.xxx.com/a.html, or only matches/a.html that is the back slash behind the ingredient, or only matches a.html?

The answer is: according to rewritebase rules, if the rewritebase is/, will match a.html, without the preceding backslash, so the last statement should be written rewriterule ^ (. *) $ blog/$1 (without/), However, the actual application with the front of the backslash, can also be used, may not take the line. Now the problem comes out, if not set Rewritebase to/, will match the entire URL http://www.xxx.com/a.html, obviously this is wrong, so should add this: rewitebase/



The following is a simple grammar rule and flags

"Rewritecond syntax"
Rewritecond teststring Condpattern [flags]

Other uses of Rewritecond:
"-D" (directory)
Treat TestString as a pathname and test whether it is a directory that exists.
"-F" (regular file)
Treat teststring as a path name and test whether it is a regular file that exists.
"-S" (non-empty regular file)
Treat TestString as a pathname and test whether it is an existing regular file with a size greater than 0.
"-L" (symbolic Connection)
Treat TestString as a pathname and test whether it is an existing symbolic connection.
"-X" (executable)
Treat TestString as a pathname and test whether it is an existing file with executable permissions. This permission is detected by the operating system.
"-F" (Files that exist on a child request)
Check if teststring is a valid file and can be accessed under the current access control configuration of the server. It uses an internal sub-request to do the check, because it will reduce the performance of the server, so please use it carefully!
"-U" (the URL where the child request exists)
Check if teststring is a valid URL and can be accessed under the current access control configuration of the server. It uses an internal sub-request to do the check, because it will reduce the performance of the server, so please use it carefully!

"rewriterule syntax:"
Rewriterule Pattern Substitution [flags]

"Flags"
"Chain| C "(link next rule)
This tag links the current rule to the next rule. It produces this effect: if a rule is matched, it continues to process its successor, that is, the tag does not work, and if the rule is not matched, its successor rule is skipped. For example, when performing an external redirect in a directory-level rule, you may need to delete ". www" (". www" should not appear here).

"Cookie|CO=name:val:domain[:lifetime[:p Ath]] "(Set Cookies)
Set a cookie on the client. The name of the cookie is "name" and the value is Val. Domains are the domain of the cookie, such as ". Apache.org", the optional lifetime is the lifetime of the cookie (in minutes), and the optional path is the cookie.

"Env|E=var:val "(Setting environment variables)
This tag will have an environment variable var value of Val,val that can contain extensible regular expression inverse references ($N and%n). This tag can be used multiple times to set multiple variables. These variables can be indirectly referenced in many subsequent cases, usually in Xssi (<!– #echo var= "var" –>) or CGI ($ENV {"var"}). It can also be referenced by%{env:var} in the Condpattern parameter of the subsequent rewritecond instruction. Use it to remember the information that is stripped from the URL.

"Forbidden|F(Enforce Forbidden URL)
Forces the current URL to be suppressed, that is, to immediately respond to an HTTP response code of 403 (forbidden). With this tag, you can link several rewriteconds to conditionally block certain URLs.

"Gone|G(Force discard URLs)
Forces the current URL to be deprecated, that is, immediately feedback an HTTP response code of 410 (deprecated). Using this tag, you can indicate that the page has been deprecated and does not exist.

"Handler| H=content-handler "(enforces the specified content processor)
Changzi the content processor for the target file is Content-handler. For example, the Scriptalias directive used to emulate the Mod_alias module to force all files in the mapped folder to be handled by the "Cgi-script" processor.

"Last|L"(End rule)
Stops the rewrite operation immediately and no longer applies another rewrite rule. It corresponds to the last command in Perl or the break command in the C language. This flag is used to prevent URLs that are currently overridden from being rewritten again by subsequent rules. For example, you can use it to override the URL of the root path ("/") to a URL that actually exists (for example: "/e/www/").

"Next|N(from the Beginning)
Re-executes the rewrite operation (starting with the first rule). The URL that was processed again at this point is not the original URL, but the URL that was processed by the last rewrite rule. It corresponds to the next command in Perl or the Continue command in the C language. This tag can restart the rewrite operation (immediately to the beginning of the loop). But be careful not to create a dead loop!

"Nocase|NC"(ignoring case)
It makes the pattern ignore case, that is, "A-Z" and "A-Z" do not differ when pattern matches the current URL.

"Noescape|NE"(Do not escape URIs in the output)
This flag prevents Mod_rewrite from applying a general URI escape rule to the overridden result. In general, special characters ("%", "$", ";") And so on) are escaped to the equivalent hexadecimal encoding ("%25′,"%24′, "%3b", etc.). This flag prevents such escapes from allowing symbols such as percent signs to appear in the output, such as:
rewriterule/foo/(. *)/bar?arg=p1\%3d$1 [R,ne]
You can turn the/foo/zed to a secure request "/bar?arg=p1=zed".

"Nosubreq|NS(Do not process internal child requests)
This token forces the rewrite engine to skip the rewrite rule when the current request is an internal child request. For example, when Mod_include tries to search the directory default file (INDEX.XXX), Apache generates a child request internally. For a child request, the rewrite rule is not necessarily useful, and it may even throw an error if the entire rule set works. Therefore, you can use this tag to exclude certain rules.
Usage guidelines: If you add a CGI script prefix to a URL to force them to be handled by a CGI script, the error rate (or resource overhead) of the child request processing is high, in which case the token can be used.

"Proxy|P"(Mandatory for proxy)
This token causes the replacement component to be internally forced to send as a proxy request, and immediately interrupts the rewrite process and then transfers the processing to the Mod_proxy module. You must make sure that this replacement string is a valid URI that can be processed by mod_proxy (for example, starting with http://hostname), or you will get an error returned by a proxy module. With this tag, some remote components can be mapped to the local server domain name space, thereby enhancing the functionality of the Proxypass directive.
Note: To use this feature, the Mod_proxy module must already be enabled.

"Passthrough|PT(hand over to the next processor)
This flag forces the rewrite engine to set the URI field in the internal REQUEST_REC structure to the value of the FileName field, a small modification that allows the output of the rewriterule instruction to be Alias, Scriptalias, from the URI to the file name, Redirect and other instructions for follow-up processing [original: This flag was just a hack to enable post-processing of the output of rewriterule directives, using Ali As, Scriptalias, Redirect, and other directives from various uri-to-filename translators. Give an example of what it means: if you want to rewrite/abc to/def, and then use Mod_alias to convert/def to/ghi, you can:
Rewriterule ^/abc (. *)/def$1 [PT]
Alias/def/ghi
If the PT mark is omitted, though the uri=/abc/... Rewrite for filename=/def/... Section works fine, but subsequent mod_alias are invalidated when attempting to convert a URI to a file name.
Note: You must use this tag if you need to mix multiple modules that convert URIs to file names: Mixed use of Mod_alias and mod_rewrite here is a typical example.

"Qsappend|QSA"(Append query string)
This flag forces the rewrite engine to append a query string to an existing replacement string, rather than a simple replacement. You can use this tag if you need to add information to the request string through a rewrite rule.

"Redirect|R[=code] "(forced redirection)
If substitution begins with http://thishost[:thisport]/(making the new URL a URI), an external redirect can be enforced. If code is not specified, an HTTP response code of 302 (temporary move) is generated. If you need to use a different response code in the range of 300-400, just specify it here (or use one of the following symbol names: Temp (default), Permanent, seeother). You can use it to feed the normalized URL back to the client, such as "/~" to "/u/", or always to/u/user with a slash, and so on.
Note: When you use this tag, you must make sure that the replacement field is a valid URL. Otherwise, it will point to an invalid location! And keep in mind that this tag itself simply adds a http://thishost[:thisport]/prefix to the URL, and the rewrite operation continues. In general, you will also want to stop the rewrite operation and immediately redirect, then you need to use the "L" tag.

"Skip|S=num "(Skip the successor rule)
This flag forces the rewrite engine to skip NUM rules after the current matching rule. It simulates the IF-THEN-ELSE structure: The last rule is the then clause, and the skip=n rule that is skipped is the ELSE clause. Note: it and "chain| C "tag is different!

"Type|T=mime-type "(Force MIME type)
The force target file has a MIME type of mime-type and can be used to force the content type to be set based on certain conditions. For example, the following instruction allows a. php file to be displayed by mod_php according to the MIME type of the PHP source code (APPLICATION/X-HTTPD-PHP-SOURCE) in the case of a. Phps extension:
Rewriterule ^ (. +\.php) S $ $ [T=application/x-httpd-php-source]

. htaccess Introduction

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.