Source: https://blog.csdn.net/cmzhuang/article/details/53537591 https://www.cnblogs.com/adforce/archive/2012/11/23/2784664.html
Mainly include: What is .htaccess, operation scope, how to achieve, 10 commonly used configurations,
Configuration tool: https://htaccess.iapolo.com/#a_Pic
Step into the topic
What is .htaccess
The .htaccess file (or "distributed configuration file") provides a method for changing the configuration of a directory, that is, placing a file containing one or more instructions in a specific document directory to act on this directory and all its children table of Contents. As a user, the commands that can be used are restricted. The administrator can set it through Apache's AllowOverride command.
In summary, the htaccess file is a configuration file in the Apache server, which is responsible for web page configuration in the relevant directory. Through the htaccess file, we can help us achieve: Web page 301 redirection, custom 404 error page, change the file extension, allow / block access to specific users or directories, prohibit directory listing, configure default documents and other functions.
To enable .htaccess, you need to modify httpd.conf, enable AllowOverride, and you can use AllowOverride to restrict the use of specific commands. If you need to use a file name other than .htaccess, you can use the AccessFileName command to change it. For example, if you need to use .config, you can configure it in the server configuration file as follows: AccessFileName .config.
In a nutshell, .htaccess can help us achieve: folder password protection, automatic user redirection, custom error pages, change your file extension, block users with specific IP addresses, users who only allow specific IP addresses, and prohibit Directory listing, and some functions such as using other files as index files.
working principle
The .htaccess file (or "distributed configuration file") provides a method to change the configuration for each directory, that is, to place a file containing instructions in a specific directory, where the instructions act on this directory and all its subdirectories.
Note:
If you need to use a file name other than .htaccess, you can use the AccessFileName command to change it. For example, if you need to use .config, you can configure it in the server configuration file as follows:
AccessFileName .config
Generally, the configuration syntax used by the .htaccess file is the same as the main configuration file. The AllowOverride directive determines which directives in the .htaccess file are valid by category. If a command is allowed to be used in .htaccess, then in the description of this manual, this command will have an override item section, which describes the value that must be set in the AllowOverride command in order for this command to take effect.
(Not) when using .htaccess files
In general, you should not use .htaccess files unless you do not have access to the main configuration file. There is a very common misconception that user authentication can only be achieved through .htaccess files, which is not the case. It is completely feasible to write user authentication in the main configuration file, and it is a good method.
The .htaccess file should be used when the content provider needs to change the server configuration for a specific directory without root permissions. If the server administrator is not willing to modify the configuration frequently, you can allow the user to modify the configuration through the .htaccess file, especially if the ISP runs multiple user sites on the same machine and wants the user to change the configuration by himself.
Nonetheless, you should generally avoid using .htaccess files whenever possible. Any configuration that you want to put in the .htaccess file can be placed in the <Directory> section of the main configuration file, and it is more efficient.
There are two main reasons to avoid using .htaccess files.
The first is performance. If AllowOverride has enabled the .htaccess file, Apache needs to find the .htaccess file in each directory, so whether or not it is actually used, enabling .htaccess will cause performance degradation. In addition, for each request, the .htaccess file needs to be read once.
Also, Apache must look for .htaccess files in all superior directories to make all valid directives work (see Effectiveness of directives), so if you request a page in / www / htdocs / example, Apache must find the following Files:
/.htaccess /www/.htaccess /www/htdocs/.htaccess /www/htdocs/example/.htaccess
A total of 4 additional files are accessed, even if these files do not exist. (Note that this may only be because the root directory "/" is allowed to use .htaccess, although this is not the case.)
The second is safety. This will allow users to modify the configuration of the server themselves, which may lead to some unexpected modifications, so please carefully consider whether users should be given such privileges. However, if users are granted less privileges and cannot meet their needs, additional technical support requests will be brought in, so users must be clearly informed of the permissions they have been given, explain the value of AllowOverride setting, and guide them to the corresponding Explain, so as not to cause a lot of trouble in the future.
Note that placing directives in the .htaccess file in the / www / htdocs / example directory is exactly equivalent to placing the same directive in the <Directory / www / htdocs / example> section of the main configuration file.
The contents of the .htaccess file in the / www / htdocs / example directory:
AddType text / example .exm
httpd.conf file excerpt:
<Directory / www / htdocs / example>
AddType text / example .exm
</ Directory>
However , It is more efficient to put the configuration in the main configuration file, because it only needs to be read once when Apache starts, rather than every time the file is requested.
Setting AllowOverride to none completely prohibits the use of .htaccess files:
AllowOverride None
Scope of instruction
The configuration instructions in the .htaccess file act on the directory where the .htaccess file is located and all its subdirectories, but it is important to note that the parent directory may also have .htaccess files, and the instructions are effective in the order of search Yes, so the instructions in the .htaccess file in a specific directory may override the instructions in the .htaccess file in its parent directory, that is, the instructions in the subdirectory will override the instructions in the parent directory or the main configuration file.
Troubleshoot
If some instructions in the .htaccess file do not work, there may be multiple reasons.
The most common reason is that the AllowOverride command is not set correctly. You must ensure that AllowOverride None is not set for this file area. A good test method is to add some pointless garbage content in the .htaccess file. If the server does not return an error message, you can almost conclude that AllowOverride None is set.
When accessing the document, if you receive an error message from the server, you should check the Apache error log, you can know which instructions are not allowed in the .htaccess file, or you may find a syntax error that needs to be corrected.
.htaccess tool
Friends who ca n’t write, here is a very good introduction. Redirection of htaccess-URL rewriting tool rewriting-tool
--------------------------------------------------------------------------------
htaccess syntax tutorial
RewriteEngine On
RewriteCond% {HTTP_HOST} ^ (www \.)? Xxx \ .com $
RewriteCond% {REQUEST_URI}! ^ / Blog /
RewriteCond% {REQUEST_FILENAME}! -F
RewriteCond% {REQUEST_FILENAME}! -D
RewriteRule ^ (. * ) $ / blog / $ 1
# There is no default to enter the file name to the home page
RewriteCond% {HTTP_HOST} ^ (www \.)? xxx \ .com $
RewriteRule ^ (/)? $ blog / index.php [L]
Let me start to explain the above meaning:
[RewriteEngine On]
indicates that the rewrite engine is turned on and off, and the function is to conveniently turn on or off the following statements, so that there is no need for comment statements one by one.
[RewriteCond% {HTTP_HOST} ^ (www \.)? Xxx \ .com $]
This is the rewrite condition. The front% {HTTP_HOST} indicates the currently visited URL, only referring to the prefix part, and the format is www.xxx.com excluding "Http: //" and "/", ^ means the beginning of the string, $ means the end of the string, \. Means escaped. If it is not escaped, escaping is recommended, to prevent some servers from supporting it,? Means The parenthesis www \. Appears 0 or 1 times. The rule means that if the visited URL is xxx.com or www.xxx.com, the following statement is executed. If it does not match, skip it.
[RewriteCond% {REQUEST_URI}! ^ / Blog /]
is also a rewrite condition.% {REQUEST_URI} indicates the relative address of the visit, that is, the address of the relative root directory, which is the component behind the domain name /, and the format includes the first "/" ,! Means no, this sentence means that the address to be accessed does not start with / blog /, only the beginning ^, no end $
[RewriteCond% {REQUEST_FILENAME}! -F]
[RewriteCond% {REQUEST_FILENAME}! -D]
These two sentences mean that the requested file or path does not exist. If the file or path exists, it will return the existing file or path
[RewriteRule ^ (. *) $ / Blog / $ 1] The
rewrite rule, the most important part, means that when the above RewriteCond conditions are met, this rewrite rule will be executed, ^ (. *) $ Is a Regular expression matching, matching the currently requested URL, ^ (. *) $ Means matching any character of the current URL, means any single character, * means matching 0 times or N times (N> 0), followed by / blog / $ 1 is the rewriting component, which means rewriting the previously matched characters to / blog / $ 1. This $ 1 indicates a reverse match, referring to the first parenthesis component in the front, which is in ^ (. *) $. * In fact, there will be a problem here, discussed later.
[RewriteCond% {HTTP_HOST} ^ (www \.)? Xxx \ .com $]
[RewriteRule ^ (/)? $ Blog / index.php [L]]
These two sentences mean that the requested host address is www. xxx.com is that if there are only 0 or 1 "/" at the end of the address, it will be rewritten to the homepage in the subdirectory, I guess this is mainly because the rewritten address cannot automatically find the homepage, you need to own Specify.
Now to talk about the problem, the first part of RewriteRule ^ (. *) $ /Blog/$1^(.*)$ will match the current requested URL.
For example: the request URL is http://www.xxx.com/a.html, does it match the entire http://www.xxx.com/a.html, or does it match only /a.html which is the backslash The ingredients still only match a.html.
The answer is: According to the RewriteBase rule, if the rewritebase is /, it will match a.html without the backslash, so the previous statement should be written RewriteRule ^ (. *) $ Blog / $ 1 (without /), However, in practice, it can be used with the backslash in front, and it may work with or without. Now the problem comes out, if you do not set rewritebase to /, it will match the entire URL http://www.xxx.com/a.html, obviously this is wrong, so this should be added: RewiteBase /
Another problem is that there is no guarantee that the URL entered by everyone is lowercase. If you enter uppercase, the Linux system is case sensitive, so you should add [NC] after RewriteCond to ignore the case.
At this point, the complete statement should be:
RewriteEngine On
RewiteBase /
RewriteCond% {HTTP_HOST} ^ (www \.)? Xxx \ .com $ [NC]
RewriteCond% {REQUEST_URI}! ^ / Blog /
RewriteCond% {REQUEST_FILENAME}! -F
RewriteCond% {REQUEST_FILENAME}! -D
RewriteRule ^ (. *) $ Blog / $ 1
# There is no default to enter the file name to the home page
RewriteCond% {HTTP_HOST} ^ (www \.)? Xxx \ .com $ [NC]
RewriteRule ^ (/)? $ Blog / index .php [L]
If you continue to have statements later, you should not add the last [L], because this is the meaning of the last statement.
The anti-theft chain statement also needs to add RewiteBase /, as follows:
RewriteEngine on
RewiteBase /
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !xxx.info [NC]
RewriteRule \.(jpg|gif|png|bmp|swf|jpeg)$ /error/daolian.gif [R,NC,L]
If there are still statements in the back, you should not add the last [L], /error/daolian.gif is the picture displayed when others steal the link.
Attached below are simple grammar rules and flags
【RewriteCond语法】
RewriteCond TestString CondPattern [flags]
Other uses of rewritecond:
"-d" (directory)
treats TestString as a path name and tests whether it is an existing directory.
"-f" (regular file)
treats TestString as a path name and tests whether it is an existing regular file.
"-s" (non-empty regular file)
treats TestString as a path name and tests whether it is an existing regular file with a size greater than 0.
"-l" (symbolic link)
treats TestString as a path name and tests whether it is an existing symbolic link.
"-x" (executable)
treats TestString as a path name and tests whether it is an existing file with executable permissions. This permission is detected by the operating system.
"-F" (for files that exist in subrequests)
checks whether TestString is a valid file and can be accessed under the server's current access control configuration. It uses an internal sub-request to check, because it will reduce the performance of the server, so please use it with caution!
"-U" (URL to sub-request)
checks whether TestString is a valid URL and can be accessed under the server's current access control configuration. It uses an internal sub-request to check, because it will reduce the performance of the server, so please use it with caution!
【RewriteRule语法:】
RewriteRule Pattern Substitution [flags]
[Flags]
"chain | C" (link next rule)
This tag links the current rule with the next rule. It produces such an effect: if a rule is matched, it continues to process its successor rules, that is, this tag does not work; if the rule is not matched, its successor rules will be skipped. For example, when performing an external redirect in a directory-level rule, you may need to delete ".www" (".www" should not appear here).
"cookie | CO = NAME: VAL: domain [: lifetime [: path]]" (set cookie)
sets a cookie on the client. The name of the cookie is NAME and the value is VAL. domain is the domain of the cookie, such as ".apache.org", the optional lifetime is the validity period (minutes) of the cookie, and the optional path is the path of the cookie.
"env | E = VAR: VAL" (Set environment variable)
This tag sets the value of the environment variable VAR to VAL. VAL can contain extensible regular expression back references ($ N and% N). This tag can be used multiple times to set multiple variables. These variables can be indirectly referenced in many subsequent cases, usually in XSSI (<! – # Echo var = ”VAR” –>) or CGI ($ ENV {"VAR"}), or in subsequent RewriteCond The CondPattern parameter of the instruction is referenced by% {ENV: VAR}. Use it to remember information stripped from the URL.
"Forbidden | F" (Forbidden URL)
forces the current URL to be forbidden, that is, immediately returns an HTTP response code 403 (forbidden). Using this tag, you can link several RewriteConds to conditionally block certain URLs.
"gone | G" (force obsolete URL)
Force the current URL to be obsolete, that is, immediately return an HTTP response code 410 (obsolete). Using this tag, you can indicate that the page has been discarded and no longer exists.
"handler | H = Content-handler" (mandatory designation of content handlers) is a content handler that
strongly defines the target file. For example, the ScriptAlias instruction used to simulate the mod_alias module to force all files in the mapped folder to be processed by the "cgi-script" processor.
"last | L" (end rule)
immediately stops the rewrite operation, and no other rewrite rule is applied. It corresponds to the last command in Perl or the break command in C language. This tag is used to prevent URLs that have been rewritten from being rewritten by subsequent rules. For example, use it to rewrite the root path URL ("/") to the actual URL (for example: "/ e / www /").
"next | N" (start again
from the beginning) re-execute the rewrite operation (start from the first rule). At this time, the URL to be processed again is not the original URL, but the URL processed by the last rewriting rule. It corresponds to the next command in Perl or the continue command in C language. This marker can restart the rewrite operation (return to the beginning of the loop immediately). But be careful not to create an endless loop!
"nocase | NC" (ignore case)
It makes Pattern ignore case, that is, when Pattern matches the current URL, there is no difference between "AZ" and "az".
"noescape | NE" (URI is not escaped in the output)
This tag prevents mod_rewrite from applying the regular URI escape rules to the rewrite result. In general, special characters ("%", "
RewriteRule /foo/(.*) / bar? Arg = P1 \% 3d $ 1 [R, NE]
can redirect "/ foo / zed to a secure request" / bar? Arg = P1 = zed ".
" Nosubreq | NS "(Does not process internal subrequests)
When the current request is an internal subrequest, this tag forces the rewrite engine to skip the rewrite rule. For example, when mod_include attempts to search the default file of the directory (index.xxx), Apache Sub-requests are generated internally. For sub-requests, rewriting the rules is not necessarily useful, and if the entire rule set is in effect, it may even cause errors. So, you can use this tag to exclude certain rules.
Usage principles: If You added a CGI script prefix to the URL to force them to be processed by the CGI script, but the error rate (or resource overhead) for sub-request processing is high, in this case, you can use this tag.
"Proxy | P" ( Forced as proxy)
This tag causes the replacement component to be internally forced to be sent as a proxy request, and immediately interrupt the rewriting process, and then transfer the process to the mod_proxy module. You must ensure that the replacement string is a valid URI that can be processed by mod_proxy Take http: // The beginning of hostname), otherwise you will get an error returned by the proxy module. Using this tag, you can map some remote components to the local server domain name space, thereby enhancing the function of the ProxyPass instruction.
Note: to use this function, you must The mod_proxy module is enabled.
"Passthrough | PT" (transfer to the next processor)
This tag forces the rewrite engine to set the uri field in the internal request_rec structure to the value of the filename field. This small modification allows the output of the RewriteRule instruction to be converted (from URI to file name) by Alias, ScriptAlias, Redirect, etc. Subsequent processing [Original: This flag is just a hack to enable post-processing of the output of RewriteRule directives, using Alias, ScriptAlias, Redirect, and other directives from various URI-to-filename translators.]. Give an example that can explain its meaning: If you want to rewrite / abc to / def, and then use mod_alias to convert / def to / ghi, you can do this:
RewriteRule ^ / abc (. *) / Def $ 1 [PT]
Alias / def / ghi
If the PT mark is omitted, although the part where uri = / abc / ... is rewritten to filename = / def / ... works normally, the subsequent mod_alias will fail when trying to convert the URI to the file name.
Note: If you need to mix multiple modules that convert URIs to file names, you must use this tag. . Mixing mod_alias and mod_rewrite here is a typical example.
"qsappend | QSA" (additional query string)
This tag forces the rewrite engine to append a query string to the existing replacement string instead of simply replacing it. If you need to add information to the request string through rewriting rules, you can use this tag.
"redirect | R [= code]" (force redirect)
If the Substitution starts with http: // thishost [: thisport] / (making the new URL a URI), an external redirect can be enforced. If no code is specified, an HTTP response code 302 (temporary move) is generated. If you need to use another response code in the range of 300-400, just specify it here (or use one of the following symbolic names: temp (default), permanent, seeother). Use it to feedback the normalized URL to the client, such as rewriting "/ ~" to "/ u /", or always adding a slash to / u / user, and so on.
Note: When using this tag, you must ensure that the replacement field is a valid URL. Otherwise, it will point to an invalid location! And remember, this tag itself just prefixes the URL with http: // thishost [: thisport] /, and the rewriting operation will continue. Usually, you will also want to stop the rewrite operation and redirect immediately, then you also need to use the "L 'tag.
" Skip | S = num "(skip successor rule)
This tag forces the rewrite engine to skip after the current matching rule Num rules. It can simulate if-then-else structure: the last rule is then clause, and skip = N rules are else clause. Note: it is different from "chain | C" tag!
"type | T = MIME-type" (mandatory MIME type)
forces the MIME type of the target file to be MIME-type, which can be used to force the content type based on certain specific conditions. For example, the following command can make When the .phps extension is called, mod_php displays it according to the MIME type of PHP source code (application / x-httpd-php-source):
RewriteRule ^ (. + \. php) s $ $ 1 [T = application / x-httpd -php-source]
.htaccess instance
Reference: http://baike.baidu.com/view/91163.htm
http://hi.baidu.com/wojiubaibudu/item/4b3513c74a8fe47aced4f817