DefaultCharset UTF-8
AddType text/plain sh
<Files ~ "^\.ht">
Allow from all
</Files>
RewriteRule . - [E=no-gzip:1]
DirectorySlash off
EnableSendfile Off
AuthType Basic
AuthName "Acces Restreint"
AuthUserFile /path/to/.htpasswd
AuthGroupFile /dev/null
require valid-user
Order allow,deny
Allow from 213.254.248.98
Satisfy Any
C|chainThe © or [chain] flag indicates that the RewriteRule is chained to the next rule.
That is, if the rule matches, then it is processed as usual and control moves on to the next rule.
However, if it does not match, then the next rule, and any other rules that are chained together, will be skipped. |
CO|cookieThe [CO], or [cookie] flag, allows you to set a cookie when a particular RewriteRule matches.
The argument consists of three required fields and two optional fields.
You must declare a name and value for the cookie to be set, and the domain for which you wish the cookie to be valid.
You may optionally set the lifetime of the cookie, and the path for which it should be returned.
By default, the lifetime of the cookie is the current browser session.
By default, the path for which the cookie will be valid is “/” – that is, the entire website.
Several examples are offered here:
RewriteEngine On
RewriteRule ^/index.html - [CO=frontdoor=yes:.apache.org:1440:/]
This rule doesn’t rewrite the request (the “-” rewrite target tells mod_rewrite to pass the request through unchanged)
but sets a cookie called ‘frontdoor’ to a value of ‘yes’.
The cookie is valid for any host in the .apache.org domain.
It will be set to expire in 1440 minutes (24 hours) and will be returned for all URIs.
E|envWith the [E], or [env] flag, you can set the value of an environment variable.
Note that some environment variables may be set after the rule is run, thus unsetting what you have set.
See the Environment Variables document for more details on how Environment variables work.
The following example sets an evironment variable called ‘image’ to a value of ‘1’ if the requested URI is an image file.
Then, that environment variable is used to exclude those requests from the access log.
RewriteRule %{REQUEST_URI} \.(png|gif|jpg) - [E=image:1]
CustomLog logs/access_log combined env=!image
Note that this same effect can be obtained using SetEnvIf. This technique is offered as an example, not as a recommendation.
F|forbiddenUsing the [F] flag causes Apache to return a 403 Forbidden status code to the client.
While the same behavior can be accomplished using the Deny directive, this allows more flexibility in assigning a Forbidden status.
The following rule will forbid .exe files from being downloaded from your server.
RewriteRule \.exe - [F]
This rule uses the “-” syntax for the rewrite target, which means that the requested URI is not modified.
G|goneGone flag
H|handlerHandler flag
L|lastLast flag
N|nextNext round flag
NC|nocaseUse of the [NC] flag causes the RewriteRule to be matched in a case-insensitive manner.
That is, it doesn’t care whether letters appear as upper-case or lower-case in the matched URI.
In the example below, any request for an image file will be proxied to your dedicated image server.
The match is case-insensitive, so that .jpg and .JPG files are both acceptable, for example.
RewriteRule (.*\.(jpg|gif|png))$ http://images.example.com$1 [P,NC]
NE|noescapeNo escape flag
NS|nosubreqNo internal subrequest flag
P|proxyProxy flag
PT|passthroughPassthrough flag
QSA|qsappendQuery String Append flag
R|redirectRedirect flag
S|skipThe [S] flag is used to skip rules that you don’t want to run.
This can be thought of as a goto statement in your rewrite ruleset.
In the following example, we only want to run the RewriteRule if the requested URI doesn’t correspond with an actual file.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .? - [S=2]
RewriteRule (.*\.gif) images.php?$1
writeRule (.*\.html) docs.php?$1
This technique is useful because a RewriteCond only applies to the RewriteRule immediately following it.
Thus, if you want to make a RewriteCond apply to several RewriteRules, one possible technique is to negate those conditions and use a [Skip] flag.
T|typeType flag
Header add Access-Control-Allow-Methods "POST, GET, OPTIONS" Header add Access-Control-Allow-Credentials true SetEnvIf Origin "^(.*)$" ORIGIN_SUB_DOMAIN=$1 Header add Access-Control-Allow-Origin "%{ORIGIN_SUB_DOMAIN}e"