The Linux Blog UNIX, LINUX, BSD, OSX

9May/100

How to log the user IP, not the proxy, in varnish access log

varnish-logo-red-64After long search, I managed to bring up issues with varnish+apache logs (real ip instead of 127.0.0.1). Here's what it is:

First, install mod_rpaf from here.

cd /usr/local/src

wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz

tar xzf mod_rpaf-0.6.tar.gz

cd mod_rpaf-0.6

Compiling rpaf module:

nano /usr/local/src/mod_rpaf-0.6/makefile

Change APXS=$(shell which apxs) to APXS=/usr/sbin/apxs.

Compile ways:

I)

make rpaf-2.0 && make install-2.0

II)

apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

Next you must do following:

mcedit /etc/httpd/conf/httpd.conf

Add following lines:

LoadModule rpaf_module modules/mod_rpaf-2.0.so

#Mod_rpaf settings
RPAFenable On
RPAFproxy_ips 127.0.0.1 REALIP1 REALIP2

RPAFsethostname On

That's it!

Don't forget to run service httpd restart! :)

Cheers

Filed under: Headline, Tutorials No Comments
11Dec/090

How to install XCache for Centos / Redhat / Fedora – Php5

How do I install Xcache opcode cacher for PHP 5 under RHEL / CentOS version 5.0 server?

XCache is a open-source opcode cacher, which means that it accelerates the performance of PHP on servers. It optimizes performance by removing the compilation time of PHP scripts by caching the compiled state of PHP scripts into the shm (RAM) and uses the compiled version straight from the RAM. This will increase the rate of page generation time by up to 5 times as it also optimizes many other aspects of php scripts and reduce serverload.

Step # 1: Download xcache source code

Use wget command to download latest stable release:
# cd /opt
# wget http://xcache.lighttpd.net/pub/Releases/1.2.1/xcache-1.2.1.tar.gz

Step # 2: Untar tar ball

Use tar command:
# tar -zxvf xcache-1.2.1.tar.gz
# cd xcache-1.2.1

Step # 2: Compile and install xcahce

Use phpize command to prepare xcache as a PHP extension for compiling:
# phpize
Configure, compile and install xcache:
# ./configure --enable-xcache
# make
# make install

Default xcache.so installation location

  • 64 bit PHP module installed at /usr/lib64/php/modules/xcache.so
  • 32 bit PHP module installed at /usr/lib/php/modules/xcache.so

Step # 3: Create xcache.ini file

Under RHEL / CentOS, you place php modules configuration at /etc/php.d/ directory:
# cd /etc/php.d/
Create xcache.ini file:
# vi xcache.ini
Append configuration directives:

[xcache-common]
; change me - 64 bit php => /usr/lib64/php/modules/xcache.so
; 32 bit php => /usr/lib/php/modules/xcache.so
zend_extension = /usr/lib64/php/modules/xcache.so

[xcache.admin]
xcache.admin.auth = On
xcache.admin.user = "mOo"
; xcache.admin.pass = md5($your_password)
xcache.admin.pass = ""

[xcache]
xcache.shm_scheme =        "mmap"
xcache.size  =               32M
xcache.count =                 1
xcache.slots =                8K
xcache.ttl   =              3600
xcache.gc_interval =         300

; Same as aboves but for variable cache
; If you don't know for sure that you need this, you probably don't
xcache.var_size  =            0M
xcache.var_count =             1
xcache.var_slots =            8K
xcache.var_ttl   =             0
xcache.var_maxttl   =          0
xcache.var_gc_interval =     300

; N/A for /dev/zero
xcache.readonly_protection = Off

xcache.mmap_path =    "/dev/zero"

xcache.cacher =               On
xcache.stat   =               On

Save and close the file.

Alternatively, you can also copy default xcache.ini to /etc/php.d/
# cp xcache.ini /etc/php.d/
# vi /etc/php.d/xcache.ini

Restart your Apache web server:
# service httpd restart

If you are using Lighttpd web server, enter:
# service lighttpd restart

Step # 4: Make sure xcache is working

Type the following command for verification:
$ php -v
Output:

PHP 5.1.6 (cli) (built: Nov 20 2007 11:11:52)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies
    with XCache v1.2.1, Copyright (c) 2005-2007, by mOo
Tagged as: , , , No Comments
27Aug/091

Dual boot Leopard Mac Osx and Windows Vista

osxleopardHere is a complete guide to get a dual boot setup with Windows Vista and Leopard running side by side. Please note this is a complete tutorial and if followed exactly you should be running Leopard and Vista side by side without any problems.

Disclaimer : This  Guide is for educational purposes only, I suggest you buy yourself a original Mac. Also please do not post links to the Torrent’s as they will be removed.

Well before we proceed with the guide, here is the stuff that you will need for a successful dual boot setup.

  • Vista Already installed on your Primary Hard Disk.
  • iATKOS v1.0 DVD. (Do not ask me where you can download this)

  • Windows Vista     Boot DVD (Just incase something goes wrong)

Well now that you have everything ready, lets get started then. Please note this is going to take sometime so I suggest you have some Music playing near by and grab yourself a cup of coffee while you do this. Sit tight, here we go……….

  • Install Vista on the First
    Partition     of your

    Hard Disk    . I am not going to elaborate into How to install Windows, I hope everyone knows it. If you already have it installed then read on..
  • Right click on My Computer and Click on Manage. Select Disk Management. Now Create a new Volume for OSX by shrinking an existing volume. You need atleast 5GB of space and the new volume should show up as Unallocated.
  • Make sure that the
    partition     shows up as Unallocated, else repeat the previous step.
  • Now restart the machine and boot into the Leopard DVD that you burned using the iATKOS v1.0 DVD Image.
  • Press F8 as the countdown begins and type -v at the prompt and hit enter.
  • You should see
    scrolling text     on the screen now. If it stops anywhere then drop a comment and I’ll try to help you out.
  • After a while you should be looking at
    the Leopard     Installer. Follow the instructions on Screen.
  • Once the Loading Bar vanishes Select Utilities -> Disk Utility .
  • Select the Volume you created previously and format it as
    MAC OSX     Journaled Extended.     Once the formatting is done the volume is ready for installation.
  • Now Close Disk Utility and Select Utilities -> Darwin Boot. Type Y at the prompt.
  • At the prompt when it asks for the Disk Number enter 0. For the
    Partition     Number if your Leopard

    Partition     is 2nd on the disk, then enter 2 and so on.
  • Accept the following prompts and you should see a success prompt saying that so many block of data were written successfully.
  • Now get back to
    the Leopard     Install Screen. Choose the

    partition     that you made in the beginning and follow the instructions on screen.     Please don’t select any patches etc during the installation, this is normally the reason for most failed installations. Just the plain install would do.
  • Once the Install is done, reboot with the DVD in the drive. Press F8 at Darwin Boot Loader and type -s and press enter.
  • Execute the following commands :fdisk -e /dev/rdisk0
    flag 1
    quit
    reboot
  • Now before the PC restarts remove the DVD. At this point you should be able to boot into Vista normally.Note: If you are unable to log into windows, because there is an error which says “winload.exe” correupted.! Relax. Just insert the
    Windows VISTA     boot DVD into the drive and restart. Click on “Repair computer” once you are inside the DVD and it will automatically detect if a problem exists and suggest “Repair and Restart”. Press the same, and remove the DVD once the PC is about to restart. You should now be able to log in to vista without any problem.
  • Now that we have almost everything
    running     fine, lets proceed with the

    dual boot

    setup    .
  • Boot into Vista. Copy the chain0 file from
    the Leopard     DVD to C:
  • Open the “Command prompt” with “Elevated Admin” privileges from the Start Menu.
  • Type the following into the promptbcdedit /copy {current} /d “Mac OS X”
    bcdedit /enum active
    bcdedit /set {GUID} PATH \chain0

    In the first command type {current} as it is, literally..nothing else..just {current} with the brackets. In the 3rd command however, replace the {GUID} with the alphanumeric GUID you see in the enumerated list under MAC OS X. You can see this list on your terminal as soon as you type the 2nd command above.

  • Close the Command Prompt and Restart Vista.
  • You Should now be looking at a screen with two options to boot into
    Mac OSX     or Vista.
  • Select Mac Osx to see if you can boot into it. You should see the familiar Darwin boot Loading screen with the timer going down. If you dont do anything, then it counts to zero and again shows the menu screen with Vista and
    MAC OSX     options. Dont panic!     Again select MAC OS X, and now as the timer counts down, Press F8. You would see a list of partitions on your disk with their names. Select the

    partition     with

    MAC OSX     installed by using up/down arrows and press ENTER.
  • Voila!! your Mac should be booting up as you read this..

See it was that simple. No more HFS+ and Blinking Cursor errors. Just follow this

guide step by step and you should be able to

dual boot

Windows Vista and Leopard in no time. If you have any questions just drop in a comment, I’ll reply at the earliest.

For Drivers and Patches I suggest you look at the InsanelyMac Forums. This

guide would have been nearly impossible without :

  • Uphuck Forums
  • InsanelyMac Forums
  • OSX86 Wiki.

If you are looking to Install Leopard on an AMD based machine follow the instructions here to patch your iATKOS v1.0 Image. Special Thanks to I Am Nihilist

Also special thanks to dailyapps.net !

Tagged as: , , , 1 Comment
27Aug/090

How to upgrade WordPress

wordpressBefore you get started, make sure you meet the minimum requirements.

Automatic Upgrade

Recent versions of WordPress feature an Automatic Upgrade. You can launch the automatic upgrade by clicking the link in the new version banner (if it's there) or by going to the Tools -> Upgrade menu. After that it should be straightforward.

Automatic Upgrades do fail sometimes, though, so remember to backup your database first, and deactivate your plugins before starting the upgrade.

Note that your files all need to be owned by the user under which your Apache server executes, or you will receive a dialog box asking for "connection information," and you will find that no matter what you enter, it won't work.

If the automatic upgrade doesn't work for you, don't panic, just try a manual upgrade.

Three Step Manual Upgrade

These are the short instructions, if you want more check out the extended upgrade instructions. If you experience problems with the Three Step Upgrade, you may want to review the more detailed upgrade instructions

For these instructions, it is assumed that your blog's URL is http://example.com/wordpress/. Note that during the upgrade process access to your blog may not work for your visitors.

A Warning before you start

If you run into problems Upgrading WordPress with the three Steps described here, you need to revert to your old version first before using the more detailed upgrade instructions (ie. restore the backup made in step 0). Even though you might not run into any errors with this process right away, you might run into problems later down the line. Then it may not be possible to revert far enough back to fix the problem without losing any recent changes.

So If you use Plugins and Themes other than the ones that come with the default WordPress installation, it is advisable to start over with the more detailed upgrade instructions.

Step 0: Before You Get Started

  • Just in case something goes wrong, make sure you have a backup. WordPress Backups is a comprehensive guide.
  • Make sure the database user name registered to WordPress has permission to create, modify, and delete database tables. If you installed WordPress in the standard way, and nothing has changed since then, you are fine.
  • Deactivate your plugins. A plugin might not be compatible with the new version, so it's nice to check for new versions of them and deactivate any that may cause problems. You can reactivate plugins one-by-one after the upgrade. This is particularly important when upgrading to WordPress 2.7!

Step 1: Replace WordPress files

  1. Get the latest WordPress. Either download and extract it to your computer or download it directly to the server.
    1. As a reminder, to extract a tar.gz to a folder use this command, replacing (folder name) with the name of your folder: tar -xvzf latest.tar.gz -C ./(folder name)
  2. Delete your old wp-includes and wp-admin directories.
  3. Copy the new WordPress files to your server, overwriting old files in the root, except perhaps the wp-content folder (see "NOTE" below). You may use FTP or shell commands to do so. Note that this means *all* the files, including all the files in the root directory as well. If you use the default or classic theme and have customized it, then you can skip that theme.

NOTE The wp-content folder requires special handling, as do the plugins and themes folders. You should copy over the contents of these folders, not the entire folder. In some cases, copying the entire folder may overwrite all your customizations and added content.

Also take care to preserve the content of the wp-config.php file in the root directory. This file contains current settings for your existing installation, e.g. database sign-in information. Occasionally new versions of WordPress add statements to this file. (E.g. in version 2.5 the SECRET_KEY variable was added, see Extended upgrade instructions). Compare your existing file with the new installation file which is named wp-config-sample.php. Either transfer your settings to the sample-file and rename it to wp-config.php or copy the new statements from the sample file into your current file.

Step 2: Upgrade your installation

Visit your main WordPress admin page at /wp-admin. You may be asked to login again. If a database upgrade is necessary at this point, WordPress will detect it and give you a link to a URL like http://example.com/wordpress/wp-admin/upgrade.php. Follow that link and follow the instructions. This will update your database to be compatible with the latest code. If you fail to do this step, your blog might look funny.

Step 3: Do something nice for yourself

If you have caching enabled, your changes will appear to users more immediately if you clear the cache at this point (and if you don't, you may get confused when you see the old version number in page footers when you check to see if the upgrade worked).

Your WordPress installation is successfully upgraded. That's as simple as we can make it without Updating WordPress Using Subversion.

Consider rewarding yourself with a blog post about the upgrade, reading that book or article you've been putting off, or simply sitting back for a few moments and let the world pass you by.

Troubleshooting

If anything has gone wrong the first thing to do is go through all the steps in our extended upgrade instructions. That page also has information about some of the most common problems we see.

Thanks to wordpress.com

Tagged as: , No Comments
21Aug/090

How to install Java on Linux computer – Linux RPM package

sun-java-logoThis guide will provide you with advise and instructions on how to install Java for the Linux computer for Linux RPM package. In order to install the Linux RPM (self-extracting) file, please follow the instructions as provided below:
- Please type following command at the terminal:
su
- Now please enter the root password.
- You can change to the directory in which you want to install and for that please type following:
cd

- If you would like to install the software in the /usr/java/ directory, then please type:
cd /usr/java
- If you would like to change the permission of the file you downloaded to be executable, then please type following command:
chmod a+x jre-6u-linux-i586-rpm.bin
- you can commence thethe installation process by typing following:
./jre-6u-linux-i586-rpm.bin
This command will displas the binary license agreement. After reading the agreement, please. press the spacebar to display the next page. At the end, please enter yes to proceed with the installation.

Please note that the installation file creates jre-6u-linux-i586.rpm file in the current directory.

- In order to install the package, please run the RPM command at the terminal to install the packages and for that please type:
rpm -iv jre-6u-linux-i586.rpm

- Now Java is installed in jre1.6.0_ sub-directory under the current directory which is /usr/java/jre1.6.0_.
- If you want to verify that the jre1.6.0_ sub-directory is listed under the current directory, then please type:
ls

The installation is now complete. If you followed all the instructions as provided in this tutorial guide the Linux RPM is successfully installed on the Linux computer.

Filed under: Headline, Tutorials No Comments
25May/090

Forwarding Ports over an active SSH connection

There is no doubt about it that SSH is a handy administration and remote access tool. Have you ever wanted to add port forwarding or cancel port forwarding from within an active SSH connection? Well, a feature that many do not know about is the ssh escape feature. With this pseudo terminal you can do some nifty things, such as forward ports over an active SSH connection.

To do this, follow these instructions:

Open up the ssh pseudo terminal control with the ssh escape function and open up a command line as follows:

[user@linuxblog.ro ~]$ ~C
ssh> help
Commands:
-L[bind_address:]port:host:hostport Request local forward
-R[bind_address:]port:host:hostport Request remote forward
-KR[bind_address:]port Cancel remote forward

As you can see from the ssh command line that the syntax is very similar to if you were forwarding a port before making the ssh connection. I normally do a local forward so I most often use the -L <port>:<host><host port> syntax. You will need to issue the ~C again to get back into ssh command mode once you’ve viewed the help to actually issue your forwarded port.

So an actual local port forward over an active SSH connection would look like this:

[user@linuxblog.ro ~]$ ~C
ssh> -L 8080:192.168.0.10:80

The above opens port 8080 locally (if allowed) and forwards it to the 192.168.0.10 host on port 80.

Hope this helps, happy forwarding!

Tagged as: , No Comments
25May/090

Use VNC through SSH

Here is another quick tutorial;

Some times its nice to tunnel through SSH. Perhaps you have SSH running but the firewall does not allow anything but SSH in. You can tunnel VNC (or any other service) through SSH by doing the following:

On the machine local to you establish an SSH connection to the remote machine with “Local (-L)”  port forwarding. This may seem confusing and often confuses me, where <-p PORT> is optional

ssh -L 5901:localhost:5900 username@HOST <-p PORT>

Once I have the connection established I can now use vncviewer to connect to my local host with the port specified

vncviewer  localhost:5901

Thats all there is to it, have fun!

Tagged as: , , No Comments
23May/09Off

How to configure Suhosin php module

Step 1: Installing the Hardened-PHP Project Signaturekey

You should first grab a copy of the Hardened-PHP Project's Release Signaturekey and import it into your GNU Privacy Guard keychain. (For further information on the usage of gnupg please consult it’s manpage)
#> gpg --import < hardened-php-signature-key.asc
gpg: /root/.gnupg/trustdb.gpg: trust-db erzeugt
gpg: key 0A864AA1: public key "Hardened-PHP Signature Key" imported
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg:                              importiert: 1

Step 2: Downloading and verifying the necessary files

It is now time to grab a copy of a fresh PHP tarball and the latest version of the Suhosin-Patch. Additionally you should get the digital signature (*.sig) files. You can grab all of this on our suhosin download page.
As a first precaution you can check the MD5 hashs of the downloaded files against those you find on the download page.
#> md5sum php-5.1.4.tar.bz2
66a806161d4a2d3b5153ebe4cd0f2e1c  php-5.1.4.tar.bz2
#> md5sum suhosin-patch-5.1.4-0.9.0.patch.gz
ea9026495c4ce34a329fd0a87474f1ba  suhosin-patch-5.1.4-0.9.0.patch.gz
When the MD5 hash values are valid you can check the digital signatures like this.
#> gpg php-5.1.4.tar.bz2.sig
gpg: Signature made Di 16 Mai 2006 23:39:04 CEST using DSA key ID 0A864AA1
gpg: Good signature from "Hardened-PHP Signature Key"
#> gpg suhosin-patch-5.1.4-0.9.0.patch.gz.sig
gpg: Signature made So 21 August 2006 20:02:53 CEST using DSA key ID 0A864AA1
gpg: Good signature from "Hardened-PHP Signature Key"

Step 3: Unpacking and Patching

You now have to unpack the PHP tarball, gunzip the patchfile and then apply the patch.
#> tar -xfj php-5.1.4.tar.bz2
#> gunzip suhosin-patch-5.1.4-0.9.0.patch.gz
#> cd php-5.1.4
#> patch -p 1 -i ../suhosin-patch-5.1.4-0.9.0.patch
If you prefer to have suhosin as builtin extension you can also download the suhosin extension source code and copy the src files into the ext/suhosin directory within your PHP source tree.

Installing on a Generic Linux/Unix

After having prepared the PHP source tree the next step is not much different from the usual installation of PHP. If you have copied the suhosin extension into the ext directory you also have to activate it.
#> [./buildconf - in case you want to compile suhosin statically]
#> ./configure --with-whatever-you-want [--enable-suhosin]
#> make
#> make test
#> make install
By executing make test you can verify, that PHP still works and does not break anything.
If you are upgrading from a previous installation of PHP you do not need to recompile all installed PHP modules and extensions unless you are upgrading to a PHP version that breaks binary compatibility. However recompiling the extensions after having installed PHP with the Suhosin-Patch can protect them from possible format string vulnerabilities, which was built into the header files.
After having recompiled and installed everything, have a look at the bundled php.ini files for examples how to use the new configuration directives. For a documentation of the new directives consult the Configuration section.
Binary extensions from for example Zend should continue flawlessly. If you encounter any problem contact us immediately.
Installing the Extension
Unlike the Hardening-Patch for PHP, nearly all of Suhosin´s features are within the extension. Therefore you might want to only install the extension and use a plain unpatched PHP. Depending on the system we might already offer binary packages. You can check our Suhosin Downloads page. In that case you only need to activate the extension inside your php.ini and maybe add Configuration directives if you are not satisfied by the default values.
Before you continue compiling the Suhosin-Extension you should verify the file integrity. Please check the preparation section of this guide. The next step is unpacking the extension tarball and performing the usual compilation steps for PHP extensions.
#> cd suhosin
#> phpize
#> ./configure
#> make
#> make install
This should install suhosin in the correct extension directory. The final step is adding a load directive to php.ini
extension=suhosin.so
and optionally add some Configuration directives in case you do not like the default values.

Special Instructions

Some distributions already come with Suhosin source or binary packages. Here is a small overview how to install Suhosin on this distributions.
Installing on Gentoo
Installing and using Suhosin on Gentoo is very easy. At the moment the Suhosin patches and extensions are only available in the external PHP Overlay, and not yet in the Portage tree, you can expect them to also be available in the main Portage tree during October 2006. Let’s install the PHP Overlay then:
#> emerge layman
#> layman -f
#> layman -a php-testing
Now let’s install PHP with the Suhosin patch and extension:
#> echo "dev-lang/php" >> /etc/portage/package.keywords
(unstable version needed)
#> USE="suhosin" emerge =php-4* for PHP4, or =php-5* for PHP5
(NOTE: you cannot also have the "hardenedphp" USE flag enabled at the same time!)
That’s it, your PHP on Gentoo is now running with the Suhosin patch enabled, and the Suhosin extension was automatically installed (from the dev-php{4,5}/suhosin package).

Installing on FreeBSD

The Suhosin-Patch and the Suhosin extension are both within the FreeBSD ports. Therefore installing it on FreeBSD is very simple. The Suhosin-Patch is an option which you can choose when you install the lang/php4 or lang/php5 port. To install the patch just do
#> cd /usr/ports/lang/php5
#> make
... now select the menu item that says: Enable Suhosin Protection
#> make install
To install the extension just do
#> cd /usr/ports/security/php-suhosin
#> make
#> make install
After these simple steps Suhosin-Patch is successfully installed on your system.

Upgrading

Upgrading to a new PHP or new Suhosin-Patch version is quite identical to the normal installation process. This is like upgrading a normal PHP. That means, if the binary compatibility was broken between PHP versions you have to recompile all installed PHP modules/extension. Upgrading the Suhosin-Extension on the other hand is as simple as recompiling it (or using a binary), replacing the file and restarting your webserver.

Tagged as: , Comments Off
22Apr/090

Block Referrer Spam

Log files are a useful tool for webmasters. It helps to know how people are finding your site, and what software they are using to view it, among other things. A strange decision by a small group of bloggers, though, has given unscrupulous marketers another window of opportunity to manipulate search engines to increase their traffic.

The decision made by these short-sighted bloggers was to display, on their site, a list of recent referrers to each page. I can't imagine any reason why a visitor might be in the least bit interested in seeing this, but nevertheless many sites now display referrers on every page.

As search engine spiders visit sites, they grab the contents of each page they visit. They use this snapshot in their index - meaning that although a page may change every minute or two, a search engine may be using a single copy of a page for several days, or even weeks.

So a referral URL that is on a page when the spiders come to visit can have quite a bit of value, if the search engine visiting uses link popularity in any way (Google uses link popularity, as do many others).

So marketers have started to use programs to visit pages using a fake referral header, to get their URLs listed on as many sites as possible, in the hopes that this will increase their traffic.

However, this renders log files almost completely useless. These fake visitors usually visit from search engines, having searched for a keyphrase relevant to their own site. They skew statistics relating to number of visitors received, the countries used to visit, the technology used to view the page, how users found the page, how long they spent on the site ... and so on.

A webmaster may find their search engine rankings dropping because of this, and they may find search engines have removed them completely. Many sites that use spam techniques are quickly identified and penalised, and penalties will often be applied to sites that link to them as well.

There are plenty of techniques available for blocking referrer spam, and everyone has their favourite. Personally, I use a combination of two techniques.

The first is fairly simple - my referrer log is not indexable. I don't display referrers on the pages of my site. My referral log is publicly available, but search engines are instructed to ignore it. This removes the main incentive for people to referrer-spam my site (the other reason for this type of spam - the hope that the site owner will themselves visit the spamming URL - is less common, because it has such a low response rate).

Second, I use an .htaccess file to block requests from whatever I've managed to identify as either a crawler designed to find URLs to spam or a spamming URL. This is a relatively simple blacklist, and though it cannot work as a long term solution to this problem, it keeps me happy for now.

To implement this technique on your own site, first make sure you are running Apache with mod_rewrite. If you are, create a file called ".htaccess" (just that, not .htaccess.txt or anything else) and paste the following into it:

Update: 14th September 2005

The list below has been expanded substantially over the last year, and now covers much more spam than before. As stated before, this is not a practical solution to the problem in the long term, as this list can only ever get longer and longer, and may become unmaintainable, or even (eventually) slow a site to a crawl as all the rules are processed. However, as of now, it is still a useful tool.

  1. RewriteEngine on
  3. # Block Referrer Spam
  5. # Drugs / Herbal
  7. RewriteCond %{HTTP_REFERER} (sleep-?deprivation) [NC,OR]
  8. RewriteCond %{HTTP_REFERER} (sleep-?disorders) [NC,OR]
  9. RewriteCond %{HTTP_REFERER} (insomnia) [NC,OR]
  10. RewriteCond %{HTTP_REFERER} (phentermine) [NC,OR]
  11. RewriteCond %{HTTP_REFERER} (phentemine) [NC,OR]
  12. RewriteCond %{HTTP_REFERER} (vicodin) [NC,OR]
  13. RewriteCond %{HTTP_REFERER} (hydrocodone) [NC,OR]
  14. RewriteCond %{HTTP_REFERER} (levitra) [NC,OR]
  15. RewriteCond %{HTTP_REFERER} (hgh-) [NC,OR]
  16. RewriteCond %{HTTP_REFERER} (-hgh) [NC,OR]
  17. RewriteCond %{HTTP_REFERER} (ultram-) [NC,OR]
  18. RewriteCond %{HTTP_REFERER} (-ultram) [NC,OR]
  19. RewriteCond %{HTTP_REFERER} (cialis) [NC,OR]
  20. RewriteCond %{HTTP_REFERER} (soma-) [NC,OR]
  21. RewriteCond %{HTTP_REFERER} (-soma) [NC,OR]
  22. RewriteCond %{HTTP_REFERER} (diazepam) [NC,OR]
  23. RewriteCond %{HTTP_REFERER} (gabapentin) [NC,OR]
  24. RewriteCond %{HTTP_REFERER} (celebrex) [NC,OR]
  25. RewriteCond %{HTTP_REFERER} (viagra) [NC,OR]
  26. RewriteCond %{HTTP_REFERER} (fioricet) [NC,OR]
  27. RewriteCond %{HTTP_REFERER} (ambien) [NC,OR]
  28. RewriteCond %{HTTP_REFERER} (valium) [NC,OR]
  29. RewriteCond %{HTTP_REFERER} (zoloft) [NC,OR]
  30. RewriteCond %{HTTP_REFERER} (finasteride) [NC,OR]
  31. RewriteCond %{HTTP_REFERER} (lamisil) [NC,OR]
  32. RewriteCond %{HTTP_REFERER} (meridia) [NC,OR]
  33. RewriteCond %{HTTP_REFERER} (allegra) [NC,OR]
  34. RewriteCond %{HTTP_REFERER} (diflucan) [NC,OR]
  35. RewriteCond %{HTTP_REFERER} (zovirax) [NC,OR]
  36. RewriteCond %{HTTP_REFERER} (valtrex) [NC,OR]
  37. RewriteCond %{HTTP_REFERER} (lipitor) [NC,OR]
  38. RewriteCond %{HTTP_REFERER} (proscar) [NC,OR]
  39. RewriteCond %{HTTP_REFERER} (acyclovir) [NC,OR]
  40. RewriteCond %{HTTP_REFERER} (sildenafil) [NC,OR]
  41. RewriteCond %{HTTP_REFERER} (tadalafil) [NC,OR]
  42. RewriteCond %{HTTP_REFERER} (xenical) [NC,OR]
  43. RewriteCond %{HTTP_REFERER} (melatonin) [NC,OR]
  44. RewriteCond %{HTTP_REFERER} (xanax) [NC,OR]
  45. RewriteCond %{HTTP_REFERER} (herbal) [NC,OR]
  46. RewriteCond %{HTTP_REFERER} (drugs) [NC,OR]
  47. RewriteCond %{HTTP_REFERER} (lortab) [NC,OR]
  48. RewriteCond %{HTTP_REFERER} (adipex) [NC,OR]
  49. RewriteCond %{HTTP_REFERER} (propecia) [NC,OR]
  50. RewriteCond %{HTTP_REFERER} (carisoprodol) [NC,OR]
  51. RewriteCond %{HTTP_REFERER} (tramadol) [NC]
  52. RewriteRule .* - [F]
  54. # Porn
  56. RewriteCond %{HTTP_REFERER} (porno) [NC,OR]
  57. RewriteCond %{HTTP_REFERER} (shemale) [NC,OR]
  58. RewriteCond %{HTTP_REFERER} (gangbang) [NC,OR]
  59. RewriteCond %{HTTP_REFERER} (-cock) [NC,OR]
  60. RewriteCond %{HTTP_REFERER} (-anal) [NC,OR]
  61. RewriteCond %{HTTP_REFERER} (-orgy) [NC,OR]
  62. RewriteCond %{HTTP_REFERER} (cock-) [NC,OR]
  63. RewriteCond %{HTTP_REFERER} (anal-) [NC,OR]
  64. RewriteCond %{HTTP_REFERER} (orgy-) [NC,OR]
  65. RewriteCond %{HTTP_REFERER} (singles-?christian) [NC,OR]
  66. RewriteCond %{HTTP_REFERER} (dating-?christian) [NC,OR]
  67. RewriteCond %{HTTP_REFERER} (cumeating) [NC,OR]
  68. RewriteCond %{HTTP_REFERER} (cream-?pies) [NC,OR]
  69. RewriteCond %{HTTP_REFERER} (cumsucking) [NC,OR]
  70. RewriteCond %{HTTP_REFERER} (cumswapping) [NC,OR]
  71. RewriteCond %{HTTP_REFERER} (cumfilled) [NC,OR]
  72. RewriteCond %{HTTP_REFERER} (cumdripping) [NC,OR]
  73. RewriteCond %{HTTP_REFERER} (krankenversicherung) [NC,OR]
  74. RewriteCond %{HTTP_REFERER} (cumpussy) [NC,OR]
  75. RewriteCond %{HTTP_REFERER} (suckingcum) [NC,OR]
  76. RewriteCond %{HTTP_REFERER} (drippingcum) [NC,OR]
  77. RewriteCond %{HTTP_REFERER} (pussycum) [NC,OR]
  78. RewriteCond %{HTTP_REFERER} (swappingcum) [NC,OR]
  79. RewriteCond %{HTTP_REFERER} (eatingcum) [NC,OR]
  80. RewriteCond %{HTTP_REFERER} (cum-) [NC,OR]
  81. RewriteCond %{HTTP_REFERER} (-cum) [NC,OR]
  82. RewriteCond %{HTTP_REFERER} (sperm) [NC,OR]
  83. RewriteCond %{HTTP_REFERER} (christian-?dating) [NC,OR]
  84. RewriteCond %{HTTP_REFERER} (jewish-?singles) [NC,OR]
  85. RewriteCond %{HTTP_REFERER} (sex-?meetings) [NC,OR]
  86. RewriteCond %{HTTP_REFERER} (swinging) [NC,OR]
  87. RewriteCond %{HTTP_REFERER} (swingers) [NC,OR]
  88. RewriteCond %{HTTP_REFERER} (personals) [NC,OR]
  89. RewriteCond %{HTTP_REFERER} (sleeping) [NC,OR]
  90. RewriteCond %{HTTP_REFERER} (libido) [NC,OR]
  91. RewriteCond %{HTTP_REFERER} (grannies) [NC,OR]
  92. RewriteCond %{HTTP_REFERER} (mature) [NC,OR]
  93. RewriteCond %{HTTP_REFERER} (enhancement) [NC,OR]
  94. RewriteCond %{HTTP_REFERER} (sexual) [NC,OR]
  95. RewriteCond %{HTTP_REFERER} (gay-?teen) [NC,OR]
  96. RewriteCond %{HTTP_REFERER} (teen-?chat) [NC,OR]
  97. RewriteCond %{HTTP_REFERER} (gay-?chat) [NC,OR]
  98. RewriteCond %{HTTP_REFERER} (adult-?finder) [NC,OR]
  99. RewriteCond %{HTTP_REFERER} (adult-?friend) [NC,OR]
  100. RewriteCond %{HTTP_REFERER} (friend-?finder) [NC,OR]
  101. RewriteCond %{HTTP_REFERER} (friend-?adult) [NC,OR]
  102. RewriteCond %{HTTP_REFERER} (finder-?adult) [NC,OR]
  103. RewriteCond %{HTTP_REFERER} (finder-?friend) [NC,OR]
  104. RewriteCond %{HTTP_REFERER} (discrete-?encounters) [NC,OR]
  105. RewriteCond %{HTTP_REFERER} (cheating-?wives) [NC,OR]
  106. RewriteCond %{HTTP_REFERER} (housewives) [NC,OR]
  107. RewriteCond %{HTTP_REFERER} (\-sex\.) [NC,OR]
  108. RewriteCond %{HTTP_REFERER} (xxx) [NC,OR]
  109. RewriteCond %{HTTP_REFERER} (snowballing) [NC]
  110. RewriteRule .* - [F]
  112. # Weight
  114. RewriteCond %{HTTP_REFERER} (fat-) [NC,OR]
  115. RewriteCond %{HTTP_REFERER} (-fat) [NC,OR]
  116. RewriteCond %{HTTP_REFERER} (diet) [NC,OR]
  117. RewriteCond %{HTTP_REFERER} (pills) [NC,OR]
  118. RewriteCond %{HTTP_REFERER} (weight) [NC,OR]
  119. RewriteCond %{HTTP_REFERER} (supplement) [NC]
  120. RewriteRule .* - [F]
  122. # Gambling
  124. RewriteCond %{HTTP_REFERER} (texas-?hold-?em) [NC,OR]
  125. RewriteCond %{HTTP_REFERER} (poker) [NC,OR]
  126. RewriteCond %{HTTP_REFERER} (casino) [NC,OR]
  127. RewriteCond %{HTTP_REFERER} (blackjack) [NC]
  128. RewriteRule .* - [F]
  130. # Loans / Finance
  132. RewriteCond %{HTTP_REFERER} (mortgage) [NC,OR]
  133. RewriteCond %{HTTP_REFERER} (refinancing) [NC,OR]
  134. RewriteCond %{HTTP_REFERER} (cash-?advance) [NC,OR]
  135. RewriteCond %{HTTP_REFERER} (cash-?money) [NC,OR]
  136. RewriteCond %{HTTP_REFERER} (pay-?day) [NC]
  137. RewriteRule .* - [F]
  139. # User Agents
  141. RewriteCond %{HTTP_USER_AGENT} (Program\ Shareware|Fetch\ API\ Request) [NC,OR]
  142. RewriteCond %{HTTP_USER_AGENT} (Microsoft\ URL\ Control) [NC]
  143. RewriteRule .* - [F]
  145. # Misc / Specific Sites
  147. RewriteCond %{HTTP_REFERER} (netwasgroup\.com) [NC,OR]
  148. RewriteCond %{HTTP_REFERER} (nic4u\.com) [NC,OR]
  149. RewriteCond %{HTTP_REFERER} (wear4u\.com) [NC,OR]
  150. RewriteCond %{HTTP_REFERER} (foxmediasolutions\.com) [NC,OR]
  151. RewriteCond %{HTTP_REFERER} (liveplanets\.com) [NC,OR]
  152. RewriteCond %{HTTP_REFERER} (aeterna-tech\.com) [NC,OR]
  153. RewriteCond %{HTTP_REFERER} (continentaltirebowl\.com) [NC,OR]
  154. RewriteCond %{HTTP_REFERER} (chemsymphony\.com) [NC,OR]
  155. RewriteCond %{HTTP_REFERER} (infolibria\.com) [NC,OR]
  156. RewriteCond %{HTTP_REFERER} (globaleducationeurope\.net) [NC,OR]
  157. RewriteCond %{HTTP_REFERER} (soma\.125mb\.com) [NC,OR]
  158. RewriteCond %{HTTP_REFERER} (mitglied\.lycos\.de) [NC,OR]
  159. RewriteCond %{HTTP_REFERER} (foxmediasolutions\.com) [NC,OR]
  160. RewriteCond %{HTTP_REFERER} (jroundup\.com) [NC,OR]
  161. RewriteCond %{HTTP_REFERER} (feathersandfurvanlines\.com) [NC,OR]
  162. RewriteCond %{HTTP_REFERER} (conecrusher\.org) [NC,OR]
  163. RewriteCond %{HTTP_REFERER} (sbj-broadcasting\.com) [NC,OR]
  164. RewriteCond %{HTTP_REFERER} (edthompson\.com) [NC,OR]
  165. RewriteCond %{HTTP_REFERER} (codychesnutt\.com) [NC,OR]
  166. RewriteCond %{HTTP_REFERER} (artsmallforsenate\.com) [NC,OR]
  167. RewriteCond %{HTTP_REFERER} (axionfootwear\.com) [NC,OR]
  168. RewriteCond %{HTTP_REFERER} (protzonbeer\.com) [NC,OR]
  169. RewriteCond %{HTTP_REFERER} (candiria\.com) [NC,OR]
  170. RewriteCond %{HTTP_REFERER} (bigsitecity\.com) [NC,OR]
  171. RewriteCond %{HTTP_REFERER} (coresat\.com) [NC,OR]
  172. RewriteCond %{HTTP_REFERER} (istarthere\.com) [NC,OR]
  173. RewriteCond %{HTTP_REFERER} (amateurvoetbal\.net) [NC,OR]
  174. RewriteCond %{HTTP_REFERER} (alleghanyeda\.com) [NC,OR]
  175. RewriteCond %{HTTP_REFERER} (xadulthosting\.com) [NC,OR]
  176. RewriteCond %{HTTP_REFERER} (datashaping\.com) [NC,OR]
  177. RewriteCond %{HTTP_REFERER} (zick\.biz) [NC,OR]
  178. RewriteCond %{HTTP_REFERER} (newprinceton\.com) [NC,OR]
  179. RewriteCond %{HTTP_REFERER} (dvdsqueeze\.com) [NC,OR]
  180. RewriteCond %{HTTP_REFERER} (xopy\.com) [NC,OR]
  181. RewriteCond %{HTTP_REFERER} (webdevboard\.com) [NC,OR]
  182. RewriteCond %{HTTP_REFERER} (devaddict\.com) [NC,OR]
  183. RewriteCond %{HTTP_REFERER} (eaton-inc\.com) [NC,OR]
  184. RewriteCond %{HTTP_REFERER} (whiteguysgroup\.com) [NC,OR]
  185. RewriteCond %{HTTP_REFERER} (guestbookz\.com) [NC,OR]
  186. RewriteCond %{HTTP_REFERER} (webdevsquare\.com) [NC,OR]
  187. RewriteCond %{HTTP_REFERER} (indfx\.net) [NC,OR]
  188. RewriteCond %{HTTP_REFERER} (snap\.to) [NC,OR]
  189. RewriteCond %{HTTP_REFERER} (2y\.net) [NC,OR]
  190. RewriteCond %{HTTP_REFERER} (astromagia\.info) [NC,OR]
  191. RewriteCond %{HTTP_REFERER} (free-?sms) [NC]
  192. RewriteRule .* - [F]

The above will block just about all of the most common referral spam that I've seen so far. I'm adding to the list constantly (last addition: 14th September 2005) so do check back and see if there are updates if you're using it.

One potential problem with this technique, other than that it will, in time, become useless as too many URLs are added, is that there is always a possibility authentic visitors will be blocked. So, on this site, instead of the last line above, I've actually used something a little more user-friendly:

  1. RewriteRule .* bad_referrer.php [L]

And there we have it. With minimum effort (for now), referral log spamming in my site has been almost entirely removed. Before adding this set of rules and scripts, I was seeing around 200 fake referrals per day in my log files. Now, I see about 3 or 4 a week. Hopefully, this will continue until I can devise a better way of protecting against this kind of problem - before blacklists become an impossibility to manage.

Filed under: Tutorials No Comments
22Apr/091

URL Rewriting for Beginners

Introduction

URL rewriting can be one of the best and quickest ways to improve the usability and search friendliness of your site. It can also be the source of near-unending misery and suffering. Definitely worth playing carefully with it - lots of testing is recommended. With great power comes great responsibility, and all that.

There are several other guides on the web already, that may suit your needs better than this one.

Before reading on, you may find it helpful to have the mod_rewrite cheat sheet and/or the regular expressions cheat sheet handy. A basic grasp of the concept of regular expressions would also be very helpful.

What is "URL Rewriting"?

Most dynamic sites include variables in their URLs that tell the site what information to show the user. Typically, this gives URLs like the following, telling the relevant script on a site to load product number 7.

  1. http://www.pets.com/show_a_product.php?product_id=7

The problems with this kind of URL structure are that the URL is not at all memorable. It's difficult to read out over the phone (you'd be surprised how many people pass URLs this way). Search engines and users alike get no useful information about the content of a page from that URL. You can't tell from that URL that that page allows you to buy a Norwegian Blue Parrot (lovely plumage). It's a fairly standard URL - the sort you'd get by default from most CMSes. Compare that to this URL:

  1. http://www.pets.com/products/7/

Clearly a much cleaner and shorter URL. It's much easier to remember, and vastly easier to read out. That said, it doesn't exactly tell anyone what it refers to. But we can do more:

  1. http://www.pets.com/parrots/norwegian-blue/

Now we're getting somewhere. You can tell from the URL, even when it's taken out of context, what you're likely to find on that page. Search engines can split that URL into words (hyphens in URLs are treated as spaces by search engines, whereas underscores are not), and they can use that information to better determine the content of the page. It's an easy URL to remember and to pass to another person.

Unfortunately, the last URL cannot be easily understood by a server without some work on our part. When a request is made for that URL, the server needs to work out how to process that URL so that it knows what to send back to the user. URL rewriting is the technique used to "translate" a URL like the last one into something the server can understand.

Platforms and Tools

Depending on the software your server is running, you may already have access to URL rewriting modules. If not, most hosts will enable or install the relevant modules for you if you ask them very nicely.

Apache is the easiest system to get URL rewriting running on. It usually comes with its own built-in URL rewriting module, mod_rewrite, enabled, and working with mod_rewrite is as simple as uploading correctly formatted and named text files.

IIS, Microsoft's server software, doesn't include URL rewriting capability as standard, but there are add-ons out there that can provide this functionality. ISAPI_Rewrite is the one I recommend working with, as I've so far found it to be the closest to mod_rewrite's functionality. Instructions for installing and configuring ISAPI_Rewrite can be found at the end of this article.

The code that follows is based on URL rewriting using mod_rewrite.

Basic URL Rewriting

To begin with, let's consider a simple example. We have a website, and we have a single PHP script that serves a single page. Its URL is:

  1. http://www.pets.com/pet_care_info_07_07_2008.php

We want to clean up the URL, and our ideal URL would be:

  1. http://www.pets.com/pet-care/

In order for this to work, we need to tell the server to internally redirect all requests for the URL "pet-care" to "pet_care_info_07_07_2008.php". We want this to happen internally, because we don't want the URL in the browser's address bar to change.

To accomplish this, we need to first create a text document called ".htaccess" to contain our rules. It must be named exactly that (not ".htaccess.txt" or "rules.htaccess"). This would be placed in the root directory of the server (the same folder as "pet_care_info_07_07_2008.php" in our example). There may already be an .htaccess file there, in which case we should edit that rather than overwrite it.

The .htaccess file is a configuration file for the server. If there are errors in the file, the server will display an error message (usually with an error code of "500"). If you are transferring the file to the server using FTP, you must make sure it is transferred using the ASCII mode, rather than BINARY. We use this file to perform 2 simple tasks in this instance - first, to tell Apache to turn on the rewrite engine, and second, to tell apache what rewriting rule we want it to use. We need to add the following to the file:

  1. RewriteEngine On # Turn on the rewriting engine
  2. RewriteRule ^pet-care/?$ pet_care_info_01_02_2003.php [NC,L] # Handle requests for "pet-care"

A couple of quick items to note - everything following a hash symbol in an .htaccess file is ignored as a comment, and I'd recommend you use comments liberally; and the "RewriteEngine" line should only be used once per .htaccess file (please note that I've not included this line from here onwards in code example).

The "RewriteRule" line is where the magic happens. The line can be broken down into 5 parts:

  • RewriteRule - Tells Apache that this like refers to a single RewriteRule.
  • ^/pet-care/?$ - The "pattern". The server will check the URL of every request to the site to see if this pattern matches. If it does, then Apache will swap the URL of the request for the "substitution" section that follows.
  • pet_care_info_01_02_2003.php - The "substitution". If the pattern above matches the request, Apache uses this URL instead of the requested URL.
  • [NC,L] - "Flags", that tell Apache how to apply the rule. In this case, we're using two flags. "NC", tells Apache that this rule should be case-insensitive, and "L" tells Apache not to process any more rules if this one is used.
  • # Handle requests for "pet-care" - Comment explaining what the rule does (optional but recommended)

The rule above is a simple method for rewriting a single URL, and is the basis for almost all URL rewriting rules.

Patterns and Replacements

The rule above allows you to redirect requests for a single URL, but the real power of mod_rewrite comes when you start to identify and rewrite groups of URLs based on patterns they contain.

Let's say you want to change all of your site URLs as described in the first pair of examples above. Your existing URLs look like this:

  1. http://www.pets.com/show_a_product.php?product_id=7

And you want to change them to look like this:

  1. http://www.pets.com/products/7/

Rather than write a rule for every single product ID, you of course would rather write one rule to manage all product IDs. Effectively you want to change URLs of this format:

  1. http://www.pets.com/show_a_product.php?product_id={a number}

And you want to change them to look like this:

  1. http://www.pets.com/products/{a number}/

In order to do so, you will need to use "regular expressions". These are patterns, defined in a specific format that the server can understand and handle appropriately. A typical pattern to identify a number would look like this:

  1. [0-9]+

The square brackets contain a range of characters, and "0-9" indicates all the digits. The plus symbol indicates that the pattern will idenfiy one or more of whatever precedes the plus - so this pattern effectively means "one or more digits" - exactly what we're looking to find in our URL.

The entire "pattern" part of the rule is treated as a regular expression by default - you don't need to turn this on or activate it at all.

  1. RewriteRule ^products/([0-9]+)/?$ show_a_product.php?product_id=$1 [NC,L] # Handle product requests

The first thing I hope you'll notice is that we've wrapped our pattern in brackets. This allows us to "back-reference" (refer back to) that section of the URL in the following "substitution" section. The "$1" in the substitution tells Apache to put whatever matched the earlier bracketed pattern into the URL at this point. You can have lots of backreferences, and they are numbered in the order they appear.

And so, this RewriteRule will now mean that Apache redirects all requests for domain.com/products/{number}/ to show_a_product.php?product_id={same number}.

Regular Expressions

A complete guide to regular expressions is rather beyond the scope of this article. However, important points to remember are that the entire pattern is treated as a regular expression, so always be careful of characters that are "special" characters in regular expressions.

The most instance of this is when people use a period in their pattern. In a pattern, this actually means "any character" rather than a literal period, and so if you want to match a period (and only a period) you will need to "escape" the character - precede it with another special character, a backslash, that tells Apache to take the next character to be literal.

For example, this RewriteRule will not just match the URL "rss.xml" as intended - it will also match "rss1xml", "rss-xml" and so on.

  1. RewriteRule ^rss.xml$ rss.php [NC,L] # Change feed URL

This does not usually present a serious problem, but escaping characters properly is a very good habit to get into early. Here's how it should look:

  1. RewriteRule ^rss\.xml$ rss.php [NC,L] # Change feed URL

This only applies to the pattern, not to the substitution. Other characters that require escaping (referred to as "metacharacters") follow, with their meaning in brackets afterwards:

  • . (any character)
  • * (zero of more of the preceding)
  • + (one or more of the preceding)
  • {} (minimum to maximum quantifier)
  • ? (ungreedy modifier)
  • ! (at start of string means "negative pattern")
  • ^ (start of string, or "negative" if at the start of a range)
  • $ (end of string)
  • [] (match any of contents)
  • - (range if used between square brackets)
  • () (group, backreferenced group)
  • | (alternative, or)
  • \ (the escape character itself)

Using regular expressions, it is possible to search for all sorts of patterns in URLs and rewrite them when they match. Time for another example - we wanted earlier to be able to indentify this URL and rewrite it:

 

  1. http://www.pets.com/parrots/norwegian-blue/

And we want to be able to tell the server to interpret this as the following, but for all products:

  1. http://www.pets.com/get_product_by_name.php?product_name=norwegian-blue

And we can do that relatively simply, with the following rule:

  1. RewriteRule ^parrots/([A-Za-z0-9-]+)/?$ get_product_by_name.php?product_name=$1 [NC,L] # Process parrots

With this rule, any URL that starts with "parrots" followed by a slash (parrots/), then one or more (+) of any combination of letters, numbers and hyphens ([A-Za-z0-9-]) (note the hyphen at the end of the selection of characters within square brackets - it must be added there to be treated literally rather than as a range separator). We reference the product name in brackets with $1 in the substitution.

We can make it even more generic, if we want, so that it doesn't matter what directory a product appears to be in, it is still sent to the same script, like so:

  1. RewriteRule ^[A-Za-z-]+/([A-Za-z0-9-]+)/?$ get_product_by_name.php?product_name=$1 [NC,L] # Process all products

As you can see, we've replaced "parrots" with a pattern that matches letter and hyphens. That rule will now match anything in the parrots directory or any other directory whose name is comprised of at least one or more letters and hyphens.

Flags

Flags are added to the end of a rewrite rule to tell Apache how to interpret and handle the rule. They can be used to tell apache to treat the rule as case-insensitive, to stop processing rules if the current one matches, or a variety of other options. They are comma-separated, and contained in square brackets. Here's a list of the flags, with their meanings (this information is included on the cheat sheet, so no need to try to learn them all).

  • C (chained with next rule)
  • CO=cookie (set specified cookie)
  • E=var:value (set environment variable var to value)
  • F (forbidden - sends a 403 header to the user)
  • G (gone - no longer exists)
  • H=handler (set handler)
  • L (last - stop processing rules)
  • N (next - continue processing rules)
  • NC (case insensitive)
  • NE (do not escape special URL characters in output)
  • NS (ignore this rule if the request is a subrequest)
  • P (proxy - i.e., apache should grab the remote content specified in the substitution section and return it)
  • PT (pass through - use when processing URLs with additional handlers, e.g., mod_alias)
  • R (temporary redirect to new URL)
  • R=301 (permanent redirect to new URL)
  • QSA (append query string from request to substituted URL)
  • S=x (skip next x rules)
  • T=mime-type (force specified mime type)

Moving Content

  1. RewriteRule ^article/?$ http://www.new-domain.com/article/ [R,NC,L] # Temporary Move

Adding an "R" flag to the flags section changes how a RewriteRule works. Instead of rewriting the URL internally, Apache will send a message back to the browser (an HTTP header) to tell it that the document has moved temporarily to the URL given in the "substitution" section. Either an absolute or a relative URL can be given in the substitution section. The header sent back includea a code - 302 - that indicates the move is temporary.

  1. RewriteRule ^article/?$ http://www.new-domain.com/article/ [R=301,NC,L] # Permanent Move

If the move is permanent, append "=301" to the "R" flag to have Apache tell the browser the move is considered permanent. Unlike the default "R", "R=301" will also tell the browser to display the new address in the address bar.

This is one of the most common methods of rewriting URLs of items that have moved to a new URL (for example, it is in use extensively on this site to forward users to new post URLs whenever they are changed).

Conditions

Rewrite rules can be preceded by one or more rewrite conditions, and these can be strung together. This can allow you to only apply certain rules to a subset of requests. Personally, I use this most often when applying rules to a subdomain or alternative domain as rewrite conditions can be run against a variety of criteria, not just the URL. Here's an example:

  1. RewriteCond %{HTTP_HOST} ^addedbytes\.com [NC]
  2. RewriteRule ^(.*)$ http://www.addedbytes.com/$1 [L,R=301]

The rewrite rule above redirects all requests, no matter what for, to the same URL at "www.addedbytes.com". Without the condition, this rule would create a loop, with every request matching that rule and being sent back to itself. The rule is intended to only redirect requests missing the "www" URL portion, though, and the condition preceding the rule ensures that this happens.

The condition operates in a similar way to the rule. It starts with "RewriteCond" to tell mod_rewrite this line refers to a condition. Following that is what should actually be tested, and then the pattern to test. Finally, the flags in square brackets, the same as with a RewriteRule.

The string to test (the second part of the condition) can be a variety of different things. You can test the domain being requested, as with the above example, or you could test the browser being used, the referring URL (commonly used to prevent hotlinking), the user's IP address, or a variety of other things (see the "server variables" section for an outline of how these work).

The pattern is almost exactly the same as that used in a RewriteRule, with a couple of small exceptions. The pattern may not be interpreted as a pattern if it starts with specific characters as described in the following "exceptions" section. This means that if you wish to use a regular expression pattern starting with <, >, or a hyphen, you should escape them with the backslash.

Rewrite conditions can, like rewrite rules, be followed by flags, and there are only two. "NC", as with rules, tells Apache to treat the condition as case-insensitive. The other available flag is "OR". If you only want to apply a rule if one of two conditions match, rather than repeat the rule, add the "OR" flag to the first condition, and if either match then the following rule will be applied. The default behaviour, if a rule is preceded by multiple conditions, is that it is only applied if all rules match.

Exceptions and Special Cases

Rewrite conditions can be tested in a few different ways - they do not need to be treated as regular expression patterns, although this is the most common way they are used. Here are the various ways rewrite conditons can be processed:

  • <Pattern (is test string lower than pattern)
  • >Pattern (is test string greater than pattern)
  • =Pattern (is test string equal to pattern)
  • -d (is test string a valid directory)
  • -f (is test string a valid file)
  • -s (is test string a valid file with size greater than zero)
  • -l (is test string a symbolic link)
  • -F (is test string a valid file, and accessible (via subrequest))
  • -U (is test string a valid URL, and accessible (via subrequest))

Server Variables

Server variables are a selection of items you can test when writing rewrite conditions. This allows you to apply rules based on all sorts of request parameters, including browser identifiers, referring URL or a multitude of other strings. Variables are of the following format:

  1. %{VARIABLE_NAME}

And "VARIABLE_NAME" can be replaced with any one of the following items:

  • HTTP Headers
    • HTTP_USER_AGENT
    • HTTP_REFERER
    • HTTP_COOKIE
    • HTTP_FORWARDED
    • HTTP_HOST
    • HTTP_PROXY_CONNECTION
    • HTTP_ACCEPT
  • Connection Variables
    • REMOTE_ADDR
    • REMOTE_HOST
    • REMOTE_USER
    • REMOTE_IDENT
    • REQUEST_METHOD
    • SCRIPT_FILENAME
    • PATH_INFO
    • QUERY_STRING
    • AUTH_TYPE
  • Server Variables
    • DOCUMENT_ROOT
    • SERVER_ADMIN
    • SERVER_NAME
    • SERVER_ADDR
    • SERVER_PORT
    • SERVER_PROTOCOL
    • SERVER_SOFTWARE
  • Dates and Times
    • TIME_YEAR
    • TIME_MON
    • TIME_DAY
    • TIME_HOUR
    • TIME_MIN
    • TIME_SEC
    • TIME_WDAY
    • TIME
  • Special Items
    • API_VERSION
    • THE_REQUEST
    • REQUEST_URI
    • REQUEST_FILENAME
    • IS_SUBREQ

Working With Multiple Rules

The more complicated a site, the more complicated the set of rules governing it can be. This can be problematic when it comes to resolving conflicts between rules. You will find this issue rears its ugly head most often when you add a new rule to a file, and it doesn't work. What you may find, if the rule itself is not at fault, is that an earlier rule in the file is matching the URL and so the URL is not being tested against the new rule you've just added.

  1. RewriteRule ^([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/?$ get_product_by_name.php?category_name=$1&product_name=$2 [NC,L] # Process product requests
  2. RewriteRule ^([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/?$ get_blog_post_by_title.php?category_name=$1&post_title=$2 [NC,L] # Process blog posts

In the example above, the product pages of a site and the blog post pages have identical patterns. The second rule will never match a URL, because anything that would match that pattern will have already been matched by the first rule.

There are a few ways to work around this. Several CMSes (including wordpress) handle this by adding an extra portion to the URL to denote the type of request, like so:

  1. RewriteRule ^products/([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/?$ get_product_by_name.php?category_name=$1&product_name=$2 [NC,L] # Process product requests
  2. RewriteRule ^blog/([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/?$ get_blog_post_by_title.php?category_name=$1&post_title=$2 [NC,L] # Process blog posts

You could also write a single PHP script to process all requests, which checked to see if the second part of the URL matched a blog post or a product. I usually go for this option, as while it may increase the load on the server slightly, it gives much cleaner URLs.

  1. RewriteRule ^([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/?$ get_product_or_blog_post.php?category_name=$1&item_name=$2 [NC,L] # Process product and blog requests

There are certain situations where you can work around this issue by writing more precise rules and ordering your rules intelligently. Imagine a blog where there were two archives - one by topic and one by year.

  1. RewriteRule ^([A-Za-z0-9-]+)/?$ get_archives_by_topic.php?topic_name=$1 [NC,L] # Get archive by topic
  2. RewriteRule ^([A-Za-z0-9-]+)/?$ get_archives_by_year.php?year=$1 [NC,L] # Get archive by year

The above rules will conflict. Of course, years are numeric and only 4 digits, so you can make that rule more precise, and by running it first the only type of conflict you cound encounter would be if you had a topic with a 4-digit number for a name.

  1. RewriteRule ^([0-9]{4})/?$ get_archives_by_year.php?year=$1 [NC,L] # Get archive by year
  2. RewriteRule ^([A-Za-z0-9-]+)/?$ get_archives_by_topic.php?topic_name=$1 [NC,L] # Get archive by topic

mod_rewrite

Apache's mod_rewrite comes as standard with most Apache hosting accounts, so if you're on shared hosting, you are unlikely to have to do anything. If you're managing your own box, then you most likely just have to turn on mod_rewrite. If you are using Apache1, you will need to edit your httpd.conf file and remove the leading '#' from the following lines:

  1. #LoadModule rewrite_module modules/mod_rewrite.so
  2. #AddModule mod_rewrite.c

If you are using Apache2 on a Debian-based distribution, you need to run the following command and then restart Apache:

  1. sudo a2enmod rewrite

Other distubutions and platforms differ. If the above instructions are not suitable for your system, then Google is your friend. You may need to edit your apache2 configuration file and add "rewrite" to the "APACHE_MODULES" list, or edit httpd.conf, or even download and compile mod_rewrite yourself. For the majority, however, installation should be simple.

ISAPI_Rewrite

ISAPI_Rewrite is a URL rewriting plugin for IIS based on mod_rewrite and is not free. It performs most of the same functionality as mod_rewrite, and there is a good quality ISAPI_Rewrite forum where most common questions are answered. As ISAPI_Rewrite works with IIS, installation is relatively simple - there are installation instructions available.

ISAPI_Rewrite rules go into a file named httpd.ini. Errors will go into a file named httpd.parse.errors by default.

Leading Slashes

I have found myself tripped up numerous times by leading slashes in URL rewriting systems. Whether they should be used in the pattern or in the substitution section of a RewriteRule or used in a RewriteCond statement is a constant source of frustration to me. This may be in part because I work with different URL rewriting engines, but I would advise being careful of leading slashes - if a rule is not working, that's often a good place to start looking. I never include leading slashes in mod_rewrite rules and always include them in ISAPI_Rewrite.

Sample Rules

To redirect an old domain to a new domain:

  1. RewriteCond %{HTTP_HOST} old_domain\.com [NC]
  2. RewriteRule ^(.*)$ http://www.new_domain.com/$1 [L,R=301]

To redirect all requests missing "www" (yes www):

  1. RewriteCond %{HTTP_HOST} ^domain\.com [NC]
  2. RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]

To redirect all requests with "www" (no www):

  1. RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
  2. RewriteRule ^(.*)$ http://domain.com/$1 [L,R=301]

Redirect old page to new page:

  1. RewriteRule ^old-url\.htm$ http://www.domain.com/new-url.htm [NC,R=301,L]

Useful Links

Summary

Hopefully if you've made it this far you now have a clear understanding of what URL rewriting is and how to add it to your site. It is worth taking the time to become familiar with - it can benefit your SEO efforts immediately, and increase the usability of your site.

Thanks To www.addedbytes.com

Tagged as: , , , 1 Comment
   Older Entries »

Recent Posts

Recent comments

Archives

Tag cloud

Blogroll