This file is generated from xml source: DO NOT EDIT
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-->
-<title>mod_rewrite - Apache HTTP Server</title>
+<title>mod_rewrite - Apache HTTP Server Version 2.5</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
-<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
+<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" />
+<script src="../style/scripts/prettify.min.js" type="text/javascript">
+</script>
+
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
-<p class="apache">Apache HTTP Server Version 2.3</p>
+<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
+<p class="apache">Apache HTTP Server Version 2.5</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
<div id="path">
-<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.3</a> > <a href="./">Modules</a></div>
+<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.5</a> > <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_rewrite</h1>
<div class="toplang">
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_rewrite.c</td></tr></table>
<h3>Summary</h3>
- <p>The <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> module uses a rule-based rewriting
- engine, based on a regular-expression parser, to rewrite requested URLs on
- the fly. By default, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> maps a URL to a filesystem
+ <p>The <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> module uses a rule-based rewriting
+ engine, based on a PCRE regular-expression parser, to rewrite requested URLs on
+ the fly. By default, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> maps a URL to a filesystem
path. However, it can also be used to redirect one URL to another URL, or
to invoke an internal proxy fetch.</p>
- <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> provides a flexible and powerful way to
- manipulate URLs using an unlimited number of rules. Each rule can have an
+ <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> provides a flexible and powerful way to
+ manipulate URLs using an unlimited number of rules. Each rule can have an
unlimited number of attached rule conditions, to allow you to rewrite URL
- based on server variables, environment variables, HTTP headers, or time
+ based on server variables, environment variables, HTTP headers, or time
stamps.</p>
<p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> operates on the full URL path, including the
- path-info section. A rewrite rule can be invoked in
- <code>httpd.conf</code> or in <code>.htaccess</code>. The path generated
- by a rewrite rule can include a query string, or can lead to internal
- sub-processing, external request redirection, or internal proxy
+ path-info section. A rewrite rule can be invoked in
+ <code>httpd.conf</code> or in <code>.htaccess</code>. The path generated
+ by a rewrite rule can include a query string, or can lead to internal
+ sub-processing, external request redirection, or internal proxy
throughput.</p>
<p>Further details, discussion, and examples, are provided in the
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
-</ul></div>
+</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="logging" id="logging">Logging</a></h2>
level higher than <code>trace2</code> only for debugging!
</div>
- <div class="example"><h3>Example</h3><p><code>
- LogLevel alert rewrite:trace3
- </code></p></div>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogLevel alert rewrite:trace3</pre>
+</div>
<div class="note"><h3>RewriteLog</h3>
<p>Those familiar with earlier versions of
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_rewrite</td></tr>
</table>
- <p>The <code class="directive">RewriteBase</code> directive explicitly
- sets the base URL-path (not filesystem directory path!) for per-directory rewrites
- that result in the substitution of a relative path.
- When you use a <code class="directive"><a href="#rewriterule">RewriteRule</a></code>
- in a <code>.htaccess</code> file, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> strips off
- the local directory prefix before processing, then rewrites the rest of
- the URL. When the rewrite is completed, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
- automatically adds the local directory prefix (or the
- <code class="directive">RewriteBase</code> when set) back on to the substitution
- before handing it back to the core of the server as if it were the original
- URL.</p>
-
- <p>This directive is <em>required</em> for per-directory rewrites whose context
- is a directory made available via the <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>
- directive, when the substitution uses a relative path.</p>
-
- <p>If your URL path does not exist verbatim on the filesystem,
- or isn't directly under your <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>,
- you must use <code class="directive">RewriteBase</code> in every
- <code>.htaccess</code> file where you want to use <code class="directive"><a href="#rewriterule">RewriteRule</a></code> directives.</p>
-
- <p>The example below demonstrates how to map
- http://example.com/myapp/index.html to
- /home/www/example/newsite.html, in a <code>.htaccess</code> file. This
- assumes that the content available at
- http://example.com/ is on disk at /home/www/example/</p>
-<div class="example"><pre>
-RewriteEngine On
-# The URL-path used to get to this context, not the filesystem path
-RewriteBase /myapp/
-RewriteRule ^index\.html$ newsite.html
-</pre></div>
+ <p>The <code class="directive">RewriteBase</code> directive specifies the
+ URL prefix to be used for per-directory (htaccess)
+ <code class="directive">RewriteRule</code> directives that substitute a relative
+ path.</p>
+ <p> This directive is <em>required</em> when you use a relative path
+ in a substitution in per-directory (htaccess) context unless either
+ of the following conditions are true:</p>
+ <ul>
+ <li> The original request, and the substitution, are underneath the
+ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>
+ (as opposed to reachable by other means, such as
+ <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>).</li>
+ <li> The <em>filesystem</em> path to the directory containing the
+ <code class="directive">RewriteRule</code>, suffixed by the relative
+ substitution is also valid as a URL path on the server
+ (this is rare).</li>
+ </ul>
+
+<p> In the example below, <code class="directive">RewriteBase</code> is necessary
+ to avoid rewriting to http://example.com/opt/myapp-1.2.3/welcome.html
+ since the resource was not relative to the document root. This
+ misconfiguration would normally cause the server to look for an "opt"
+ directory under the document root.</p>
+<pre class="prettyprint lang-config">DocumentRoot /var/www/example.com
+Alias /myapp /opt/myapp-1.2.3
+<Directory /opt/myapp-1.2.3>
+ RewriteEngine On
+ RewriteBase /myapp/
+ RewriteRule ^index\.html$ welcome.html
+</Directory></pre>
</div>
<tr>
<td>
- HTTP_USER_AGENT<br />
- HTTP_REFERER<br />
+ HTTP_ACCEPT<br />
HTTP_COOKIE<br />
HTTP_FORWARDED<br />
HTTP_HOST<br />
HTTP_PROXY_CONNECTION<br />
- HTTP_ACCEPT<br />
+ HTTP_REFERER<br />
+ HTTP_USER_AGENT<br />
</td>
<td>
+ AUTH_TYPE<br />
+ CONN_REMOTE_ADDR<br />
+ CONTEXT_PREFIX<br />
+ CONTEXT_DOCUMENT_ROOT<br />
+ IPV6<br />
+ PATH_INFO<br />
+ QUERY_STRING<br />
REMOTE_ADDR<br />
REMOTE_HOST<br />
+ REMOTE_IDENT<br />
REMOTE_PORT<br />
REMOTE_USER<br />
- REMOTE_IDENT<br />
REQUEST_METHOD<br />
SCRIPT_FILENAME<br />
- PATH_INFO<br />
- QUERY_STRING<br />
- AUTH_TYPE<br />
</td>
<td />
<tr>
<td>
DOCUMENT_ROOT<br />
+ SCRIPT_GROUP<br />
+ SCRIPT_USER<br />
+ SERVER_ADDR<br />
SERVER_ADMIN<br />
SERVER_NAME<br />
- SERVER_ADDR<br />
SERVER_PORT<br />
SERVER_PROTOCOL<br />
SERVER_SOFTWARE<br />
<td>
API_VERSION<br />
- THE_REQUEST<br />
- REQUEST_URI<br />
- REQUEST_FILENAME<br />
- IS_SUBREQ<br />
+ CONN_REMOTE_ADDR<br />
HTTPS<br />
+ IS_SUBREQ<br />
+ REMOTE_ADDR<br />
+ REQUEST_FILENAME<br />
REQUEST_SCHEME<br />
+ REQUEST_URI<br />
+ THE_REQUEST<br />
</td>
</tr>
</table>
correspond to the similarly named HTTP
MIME-headers, C variables of the Apache HTTP Server or
<code>struct tm</code> fields of the Unix system.
- Most are documented elsewhere in the Manual or in
- the CGI specification.</p>
+ Most are documented <a href="../expr.html#vars">here</a>
+ or elsewhere in the Manual or in the CGI specification.</p>
- <p>SERVER_NAME and SERVER_PORT depend on the values of
+ <p>SERVER_NAME and SERVER_PORT depend on the values of
<code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> and
<code class="directive"><a href="../mod/core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort</a></code>
respectively.</p>
<p>Those that are special to mod_rewrite include those below.</p>
<div class="note">
<dl>
- <dt><code>IS_SUBREQ</code></dt>
-
- <dd>Will contain the text "true" if the request
- currently being processed is a sub-request,
- "false" otherwise. Sub-requests may be generated
- by modules that need to resolve additional files
- or URIs in order to complete their tasks.</dd>
-
<dt><code>API_VERSION</code></dt>
<dd>This is the version of the Apache httpd module API
instance, it is 19990320:10), but is mainly of
interest to module authors.</dd>
- <dt><code>THE_REQUEST</code></dt>
+ <dt><code>CONN_REMOTE_ADDR</code></dt>
- <dd>The full HTTP request line sent by the
- browser to the server (e.g., "<code>GET
- /index.html HTTP/1.1</code>"). This does not
- include any additional headers sent by the
- browser. This value has not been unescaped
- (decoded), unlike most other variables below.</dd>
-
- <dt><code>REQUEST_URI</code></dt>
-
- <dd>The resource requested in the HTTP request
- line. (In the example above, this would be
- "/index.html".)</dd>
-
- <dt><code>REQUEST_FILENAME</code></dt>
-
- <dd>The full local filesystem path to the file or
- script matching the request, if this has already
- been determined by the server at the time
- <code>REQUEST_FILENAME</code> is referenced. Otherwise,
- such as when used in virtual host context, the same
- value as <code>REQUEST_URI</code>.</dd>
+ <dd>Since 2.4.8: The peer IP address of the connection (see the
+ <code class="module"><a href="../mod/mod_remoteip.html">mod_remoteip</a></code> module).</dd>
<dt><code>HTTPS</code></dt>
can be safely used regardless of whether or not
<code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is loaded).</dd>
+ <dt><code>IS_SUBREQ</code></dt>
+
+ <dd>Will contain the text "true" if the request
+ currently being processed is a sub-request,
+ "false" otherwise. Sub-requests may be generated
+ by modules that need to resolve additional files
+ or URIs in order to complete their tasks.</dd>
+
+ <dt><code>REMOTE_ADDR</code></dt>
+
+ <dd>The IP address of the remote host (see the
+ <code class="module"><a href="../mod/mod_remoteip.html">mod_remoteip</a></code> module).</dd>
+
+ <dt><code>REQUEST_FILENAME</code></dt>
+
+ <dd>The full local filesystem path to the file or
+ script matching the request, if this has already
+ been determined by the server at the time
+ <code>REQUEST_FILENAME</code> is referenced. Otherwise,
+ such as when used in virtual host context, the same
+ value as <code>REQUEST_URI</code>. Depending on the value of
+ <code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code>, the
+ server may have only used some leading components of the
+ <code>REQUEST_URI</code> to map the request to a file.
+ </dd>
+
<dt><code>REQUEST_SCHEME</code></dt>
- <dd>Will contain the scheme of the request (ususally
+ <dd>Will contain the scheme of the request (usually
"http" or "https"). This value can be influenced with
<code class="directive"><a href="../mod/core.html#servername">ServerName</a></code>.</dd>
+ <dt><code>REQUEST_URI</code></dt>
+
+ <dd>The path component of the requested URI,
+ such as "/index.html". This notably excludes the
+ query string which is available as as its own variable
+ named <code>QUERY_STRING</code>.</dd>
+
+ <dt><code>THE_REQUEST</code></dt>
+
+ <dd>The full HTTP request line sent by the
+ browser to the server (e.g., "<code>GET
+ /index.html HTTP/1.1</code>"). This does not
+ include any additional headers sent by the
+ browser. This value has not been unescaped
+ (decoded), unlike most other variables below.</dd>
+
</dl>
</div>
</li>
</ul>
- <p>If the <em>TestString</em> has the special value <code>expr</code>, the
- <em>CondPattern</em> will be treated as a
- <a href="../expr.html">ap_expr</a>.</p>
+ <p>If the <em>TestString</em> has the special value <code>expr</code>,
+ the <em>CondPattern</em> will be treated as an
+ <a href="../expr.html">ap_expr</a>. HTTP headers referenced in the
+ expression will be added to the Vary header if the <code>novary</code>
+ flag is not given.</p>
<p>Other things you should be aware of:</p>
the value of the HTTP header
``<code>Proxy-Connection:</code>''.
<p>If a HTTP header is used in a condition this header is added to
- the Vary header of the response in case the condition evaluates to
+ the Vary header of the response in case the condition evaluates
to true for the request. It is <strong>not</strong> added if the
condition evaluates to false for the request. Adding the HTTP header
to the Vary header of the response is needed for proper caching.</p>
so that certain conditions might not be evaluated at all.</p></li>
<li>
- <code>%{LA-U:variable}</code> can be used for look-aheads which perform
+ <a id="LA-U" name="LA-U"><code>%{LA-U:variable}</code></a>
+ can be used for look-aheads which perform
an internal (URL-based) sub-request to determine the final
value of <em>variable</em>. This can be used to access
variable for rewriting which is not available at the current
numerically compared to the <em>CondPattern</em>. True if
the <em>TestString</em> is numerically greater than or equal
to the <em>CondPattern</em>.</li>
-
+
<li>'<strong>-gt</strong>' (is numerically
<strong>g</strong>reater <strong>t</strong>han)<br />
The <em>TestString</em> is treated as an integer, and is
to the <em>CondPattern</em>. Avoid confusion with the
<strong>-l</strong> by using the <strong>-L</strong> or
<strong>-h</strong> variant.</li>
-
+
<li>'<strong>-lt</strong>' (is numerically
<strong>l</strong>ess <strong>t</strong>han)<br />
The <em>TestString</em> is treated as an integer, and is
whether or not it exists, and is a regular file with size greater
than zero.</li>
- <li>'<strong>-U</strong>' (is existing URL, via
+ <li><p>'<strong>-U</strong>' (is existing URL, via
subrequest)<br />
Checks whether or not <em>TestString</em> is a valid URL,
accessible via all the server's currently-configured
access controls for that path. This uses an internal
subrequest to do the check, so use it with care -
- it can impact your server's performance!</li>
+ it can impact your server's performance!</p>
+ <p> This flag <em>only</em> returns information about things
+ like access control, authentication, and authorization. This flag
+ <em>does not</em> return information about the status code the
+ configured handler (static file, CGI, proxy, etc.) would have
+ returned.</p> </li>
<li>'<strong>-x</strong>' (has e<strong>x</strong>ecutable
permissions)<br />
<li>
<p>If the <em>TestString</em> has the special value <code>expr</code>, the
- <em>CondPattern</em> will be treated as a
+ <em>CondPattern</em> will be treated as an
<a href="../expr.html">ap_expr</a>.</p>
<p>
to block unwanted hotlinking.
</p>
- <div class="example"><p><code>
- RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
- RewriteRule ^/images - [F]
- </code></p></div>
+ <pre class="prettyprint lang-config"> RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
+ RewriteRule ^/images - [F]</pre>
+
</li>
<li>You can also set special flags for
Use this to combine rule conditions with a local OR
instead of the implicit AND. Typical example:
-<div class="example"><pre>
-RewriteCond %{REMOTE_HOST} ^host1 [OR]
+<pre class="prettyprint lang-config">RewriteCond %{REMOTE_HOST} ^host1 [OR]
RewriteCond %{REMOTE_HOST} ^host2 [OR]
RewriteCond %{REMOTE_HOST} ^host3
-RewriteRule ...some special stuff for any of these hosts...
-</pre></div>
+RewriteRule ...some special stuff for any of these hosts...</pre>
+
Without this flag you would have to write the condition/rule
pair three times.
``<code>User-Agent:</code>'' header of the request, you can
use the following: </p>
-<div class="example"><pre>
-RewriteCond %{HTTP_USER_AGENT} ^Mozilla
-RewriteRule ^/$ /homepage.max.html [L]
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|Android)
+RewriteRule ^/$ /homepage.mobile.html [L]
-RewriteCond %{HTTP_USER_AGENT} ^Lynx
-RewriteRule ^/$ /homepage.min.html [L]
+RewriteRule ^/$ /homepage.std.html [L]</pre>
-RewriteRule ^/$ /homepage.std.html [L]
-</pre></div>
<p>Explanation: If you use a browser which identifies itself
- as 'Mozilla' (including Netscape Navigator, Mozilla etc), then you
- get the max homepage (which could include frames, or other special
- features).
- If you use the Lynx browser (which is terminal-based), then
- you get the min homepage (which could be a version designed for
- easy, text-only browsing).
- If neither of these conditions apply (you use any other browser,
- or your browser identifies itself as something non-standard), you get
- the std (standard) homepage.</p>
+ as a mobile browser (note that the example is incomplete, as
+ there are many other mobile platforms), the mobile version of
+ the homepage is served. Otherwise, the standard page is served.
+ </p>
</div>
all. It does not even update the <code>SCRIPT_URx</code>
environment variables.</p>
- <p>Use this directive to disable the module instead of
- commenting out all the <code class="directive"><a href="#rewriterule">RewriteRule</a></code> directives!</p>
+ <p>Use this directive to disable rules in a particular context,
+ rather than commenting out all the <code class="directive"><a href="#rewriterule">RewriteRule</a></code> directives.</p>
<p>Note that rewrite configurations are not
inherited by virtual hosts. This means that you need to have a
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_rewrite</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The choice of different dbm types is available in
-Apache HTTP Server 2.0.41 and later</td></tr>
</table>
<p>The <code class="directive">RewriteMap</code> directive defines a
<em>Rewriting Map</em> which can be used inside rule
<p>For example, you might define a
<code class="directive">RewriteMap</code> as:</p>
- <div class="example"><p><code>
- RewriteMap examplemap txt:/path/to/file/map.txt
- </code></p></div>
+ <pre class="prettyprint lang-config">RewriteMap examplemap txt:/path/to/file/map.txt</pre>
+
<p>You would then be able to use this map in a
<code class="directive">RewriteRule</code> as follows:</p>
- <div class="example"><p><code>
- RewriteRule ^/ex/(.*) ${examplemap:$1}
- </code></p></div>
+ <pre class="prettyprint lang-config">RewriteRule ^/ex/(.*) ${examplemap:$1}</pre>
+
<p>The following combinations for <em>MapType</em> and
<em>MapSource</em> can be used:</p>
<dt>dbm</dt>
<dd>Looks up an entry in a dbm file containing name, value
pairs. Hash is constructed from a plain text file format using
- the <code><a href="../programs/httxt2dbm.html">httxt2dbm</a></code>
+ the <code><a href="../programs/httxt2dbm.html">httxt2dbm</a></code>
utility. (<a href="../rewrite/rewritemap.html#dbm">Details ...</a>)</dd>
<dt>int</dt>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_rewrite</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td><code>MaxRedirects</code> is no longer available in version 2.1 and
-later</td></tr>
</table>
<p>The <code class="directive">RewriteOptions</code> directive sets some
<dl>
<dt><code>Inherit</code></dt>
<dd>
-
+
<p>This forces the current configuration to inherit the
configuration of the parent. In per-virtual-server context,
this means that the maps, conditions and rules of the main
of local rules - has no influence on this behavior. If local
rules forced the rewriting to stop, the inherited rules won't
be processed.</p>
-
+
<div class="warning">
Rules inherited from the parent scope are applied
<strong>after</strong> rules specified in the child scope.
<dt><code>InheritBefore</code></dt>
<dd>
<p> Like <code>Inherit</code> above, but the rules from the parent scope
- are applied <strong>before</strong> rules specified in the child scope.
+ are applied <strong>before</strong> rules specified in the child scope.<br />
Available in Apache HTTP Server 2.3.10 and later.</p>
</dd>
+
+ <dt><code>InheritDown</code></dt>
+ <dd>
+
+ <p>If this option is enabled, all child configurations will inherit
+ the configuration of the current configuration. It is equivalent to
+ specifying <code>RewriteOptions Inherit</code> in all child
+ configurations. See the <code>Inherit</code> option for more details
+ on how the parent-child relationships are handled.<br />
+ Available in Apache HTTP Server 2.4.8 and later.</p>
+ </dd>
+
+ <dt><code>InheritDownBefore</code></dt>
+ <dd>
+
+ <p>Like <code>InheritDown</code> above, but the rules from the current
+ scope are applied <strong>before</strong> rules specified in any child's
+ scope.<br />
+ Available in Apache HTTP Server 2.4.8 and later.</p>
+ </dd>
+
+ <dt><code>IgnoreInherit</code></dt>
+ <dd>
+
+ <p>This option forces the current and child configurations to ignore
+ all rules that would be inherited from a parent specifying
+ <code>InheritDown</code> or <code>InheritDownBefore</code>.<br />
+ Available in Apache HTTP Server 2.4.8 and later.</p>
+ </dd>
+
+ <dt><code>AllowNoSlash</code></dt>
+ <dd>
+ <p>By default, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> will ignore URLs that map to a
+ directory on disk but lack a trailing slash, in the expectation that
+ the <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code> module will issue the client with a redirect to
+ the canonical URL with a trailing slash.</p>
+ <p>When the <code class="directive"><a href="../mod/mod_dir.html#directoryslash">DirectorySlash</a></code> directive
+ is set to off, the <code>AllowNoSlash</code> option can be enabled to ensure
+ that rewrite rules are no longer ignored. This option makes it possible to
+ apply rewrite rules within .htaccess files that match the directory without
+ a trailing slash, if so desired.<br />
+ Available in Apache HTTP Server 2.4.0 and later.</p>
+ </dd>
+
+ <dt><code>AllowAnyURI</code></dt>
+ <dd>
+
+ <p>When <code class="directive"><a href="#rewriterule">RewriteRule</a></code>
+ is used in <code>VirtualHost</code> or server context with
+ version 2.2.22 or later of httpd, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
+ will only process the rewrite rules if the request URI is a <a href="directive-dict.html#Syntax">URL-path</a>. This avoids
+ some security issues where particular rules could allow
+ "surprising" pattern expansions (see <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368">CVE-2011-3368</a>
+ and <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317">CVE-2011-4317</a>).
+ To lift the restriction on matching a URL-path, the
+ <code>AllowAnyURI</code> option can be enabled, and
+ <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> will apply the rule set to any
+ request URI string, regardless of whether that string matches
+ the URL-path grammar required by the HTTP specification.<br />
+ Available in Apache HTTP Server 2.4.3 and later.</p>
+
+ <div class="warning">
+ <h3>Security Warning</h3>
+
+ <p>Enabling this option will make the server vulnerable to
+ security issues if used with rewrite rules which are not
+ carefully authored. It is <strong>strongly recommended</strong>
+ that this option is not used. In particular, beware of input
+ strings containing the '<code>@</code>' character which could
+ change the interpretation of the transformed URI, as per the
+ above CVE names.</p>
+ </div>
+ </dd>
+
+ <dt><code>MergeBase</code></dt>
+ <dd>
+
+ <p>With this option, the value of <code class="directive"><a href="#rewritebase">RewriteBase</a></code> is copied from where it's explicitly defined
+ into any sub-directory or sub-location that doesn't define its own
+ <code class="directive"><a href="#rewritebase">RewriteBase</a></code>. This was the
+ default behavior in 2.4.0 through 2.4.3, and the flag to restore it is
+ available Apache HTTP Server 2.4.4 and later.</p>
+ </dd>
</dl>
<p><a id="patterns" name="patterns"><em>Pattern</em></a> is
a perl compatible <a id="regexp" name="regexp">regular
- expression</a>. On the first RewriteRule it is applied to the (%-decoded)
- <a href="./directive-dict.html#Syntax">URL-path</a> of the request;
- subsequent patterns are applied to the output of the last matched
- RewriteRule.</p>
-
-<div class="note"><h3>What is matched?</h3>
- <p>In <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code> context,
+ expression</a>. On the first RewriteRule, it is matched against
+ the (%-decoded) <a href="directive-dict.html#Syntax">URL-path</a> (or
+ <a href="directive-dict.html#Syntax">file-path</a>, depending
+ on the context) of the request. Subsequent patterns are matched against the
+ output of the last matching RewriteRule.</p>
+
+<div class="note"><h3><a id="what_is_matched" name="what_is_matched">What is matched?</a></h3>
+ <p>In <code class="directive"><a href="../mod/core.html#virtualhost">VirtualHost</a></code> context,
The <em>Pattern</em> will initially be matched against the part of the
URL after the hostname and port, and before the query string (e.g. "/app1/index.html").</p>
<p>In <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> and htaccess context,
- the <em>Pattern</em> will initially be matched against the
- <em>filesystem</em> path, after removing the prefix that lead the server
- to the current <code class="directive">RewriteRule</code> (e.g. "app1/index.html"
+ the <em>Pattern</em> will initially be matched against the
+ <em>filesystem</em> path, after removing the prefix that led the server
+ to the current <code class="directive">RewriteRule</code> (e.g. "app1/index.html"
or "index.html" depending on where the directives are defined).</p>
-
+
<p>If you wish to match against the hostname, port, or query string, use a
<code class="directive"><a href="#rewritecond">RewriteCond</a></code> with the
<code>%{HTTP_HOST}</code>, <code>%{SERVER_PORT}</code>, or
per-directory prefix (which always is the same for a specific
directory) is automatically <em>removed</em> for the RewriteRule pattern matching
and automatically <em>added</em> after any relative (not starting with a
-slash or protocol name) substitution encounters the end of a rule set.
-See the <code class="directive"><a href="#rewritebase">RewriteBase</a></code>
-directive for more information regarding what prefix will be added back to
-relative substutions.</li>
+slash or protocol name) substitution encounters the end of a rule set.
+See the <code class="directive"><a href="#rewritebase">RewriteBase</a></code>
+directive for more information regarding what prefix will be added back to
+relative substitutions.</li>
-<li> If you wish to match against the full URL-path in a per-directory
+<li> If you wish to match against the full URL-path in a per-directory
(htaccess) RewriteRule, use the <code>%{REQUEST_URI}</code> variable in
a <code class="directive">RewriteCond</code>.</li>
<dt>file-system path</dt>
<dd>Designates the location on the file-system of the resource
- to be delivered to the client.</dd>
+ to be delivered to the client. Substitutions are only
+ treated as a file-system path when the rule is configured in
+ server (virtualhost) context and the first component of the
+ path in the substitution exists in the file-system</dd>
<dt>URL-path</dt>
you specify a <em>Substitution</em> string of
<code>/www/file.html</code>, then this will be treated as a
URL-path <em>unless</em> a directory named <code>www</code>
- exists at the root or your file-system, in which case it will
+ exists at the root or your file-system (or, in the case of
+ using rewrites in a <code>.htaccess</code> file, relative to
+ your document root), in which case it will
be treated as a file-system path. If you wish other
URL-mapping directives (such as <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>) to be applied to the
resulting URL-path, use the <code>[PT]</code> flag as
</dl>
- <p>In addition to plain text, the <em>Substition</em> string can include</p>
+ <p>In addition to plain text, the <em>Substitution</em> string can include</p>
<ol>
<li>back-references (<code>$N</code>) to the RewriteRule
<code>RewriteMap</code> directive and are explained there.
These three types of variables are expanded in the order above.</p>
- <p>As already mentioned, all rewrite rules are
- applied to the <em>Substitution</em> (in the order in which
- they are defined
- in the config file). The URL is <strong>completely
+ <p>Rewrite rules are applied to the results of previous rewrite
+ rules, in the order in which they are defined
+ in the config file. The URL-path or file-system path (see <a href="#what_is_matched">"What is matched?"</a>, above) is <strong>completely
replaced</strong> by the <em>Substitution</em> and the
rewriting process continues until all rules have been applied,
- or it is explicitly terminated by a
- <code><strong>L</strong></code> flag.</p>
+ or it is explicitly terminated by an
+ <a href="../rewrite/flags.html#flag_l"><code><strong>L</strong></code> flag</a>,
+ or other flag which implies immediate termination, such as
+ <code><strong>END</strong></code> or
+ <code><strong>F</strong></code>.</p>
<div class="note"><h3>Modifying the Query String</h3>
<p>By default, the query string is passed through unchanged. You
brackets, of any of the flags in the following table. More
details, and examples, for each flag, are available in the <a href="../rewrite/flags.html">Rewrite Flags document</a>.</p>
- <table class="bordered">
- <tr><th>Flag and syntax</th>
+ <table class="bordered"><tr class="header"><th>Flag and syntax</th>
<th>Function</th>
</tr>
- <tr>
+<tr>
<td>B</td>
- <td>Escape non-alphanumeric characters <em>before</em> applying
- the transformation. <em><a href="../rewrite/flags.html#flag_b">details ...</a></em></td>
+ <td>Escape non-alphanumeric characters in backreferences <em>before</em>
+ applying the transformation. <em><a href="../rewrite/flags.html#flag_b">details ...</a></em></td>
+ </tr>
+<tr class="odd">
+ <td>backrefnoplus|BNP</td>
+ <td>If backreferences are being escaped, spaces should be escaped to
+ %20 instead of +. Useful when the backreference will be used in the
+ path component rather than the query string.<em><a href="../rewrite/flags.html#flag_bnp">details ...</a></em></td>
</tr>
- <tr>
+<tr>
<td>chain|C</td>
<td>Rule is chained to the following rule. If the rule fails,
the rule(s) chained to it will be skipped. <em><a href="../rewrite/flags.html#flag_c">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>cookie|CO=<em>NAME</em>:<em>VAL</em></td>
- <td>Sets a cookie in the client browser. Full syntax is:
- CO=<em>NAME</em>:<em>VAL</em>[:<em>domain</em>[:<em>lifetime</em>[:<em>path</em>[:<em>secure</em>[:<em>httponly</em>]]]]] <em><a href="../rewrite/flags.html#flag_co">details ...</a></em>
+ <td>Sets a cookie in the client browser. Full syntax is:
+ CO=<em>NAME</em>:<em>VAL</em>:<em>domain</em>[:<em>lifetime</em>[:<em>path</em>[:<em>secure</em>[:<em>httponly</em>]]]] <em><a href="../rewrite/flags.html#flag_co">details ...</a></em>
</td>
</tr>
- <tr>
+<tr>
<td>discardpath|DPI</td>
<td>Causes the PATH_INFO portion of the rewritten URI to be
- discarded. <em><a href="../rewrite/flags.html#flag_dpi">details
+ discarded. <em><a href="../rewrite/flags.html#flag_dpi">details
...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
+ <td>END</td>
+ <td>Stop the rewriting process immediately and don't apply any
+ more rules. Also prevents further execution of rewrite rules
+ in per-directory and .htaccess context. (Available in 2.3.9 and later)
+ <em><a href="../rewrite/flags.html#flag_end">details ...</a></em></td>
+ </tr>
+<tr>
<td>env|E=[!]<em>VAR</em>[:<em>VAL</em>]</td>
<td>Causes an environment variable <em>VAR</em> to be set (to the
value <em>VAL</em> if provided). The form !<em>VAR</em> causes
- the environment variable <em>VAR</em> to be unset.<em><a href="../rewrite/flags.html#flag_e">details ...</a></em></td>
+ the environment variable <em>VAR</em> to be unset.
+ <em><a href="../rewrite/flags.html#flag_e">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>forbidden|F</td>
<td>Returns a 403 FORBIDDEN response to the client browser.
<em><a href="../rewrite/flags.html#flag_f">details ...</a></em></td>
</tr>
- <tr>
+<tr>
<td>gone|G</td>
<td>Returns a 410 GONE response to the client browser. <em><a href="../rewrite/flags.html#flag_g">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>Handler|H=<em>Content-handler</em></td>
<td>Causes the resulting URI to be sent to the specified
<em>Content-handler</em> for processing. <em><a href="../rewrite/flags.html#flag_h">details ...</a></em></td>
</tr>
- <tr>
+<tr>
<td>last|L</td>
<td>Stop the rewriting process immediately and don't apply any
more rules. Especially note caveats for per-directory and
.htaccess context (see also the END flag). <em><a href="../rewrite/flags.html#flag_l">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>next|N</td>
<td>Re-run the rewriting process, starting again with the first
rule, using the result of the ruleset so far as a starting
point. <em><a href="../rewrite/flags.html#flag_n">details
...</a></em></td>
</tr>
- <tr>
+<tr>
<td>nocase|NC</td>
- <td>Makes the pattern pattern comparison case-insensitive.
+ <td>Makes the pattern comparison case-insensitive.
<em><a href="../rewrite/flags.html#flag_nc">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>noescape|NE</td>
<td>Prevent mod_rewrite from applying hexcode escaping of
special characters in the result of the rewrite. <em><a href="../rewrite/flags.html#flag_ne">details ...</a></em></td>
</tr>
- <tr>
+<tr>
<td>nosubreq|NS</td>
<td>Causes a rule to be skipped if the current request is an
internal sub-request. <em><a href="../rewrite/flags.html#flag_ns">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>proxy|P</td>
<td>Force the substitution URL to be internally sent as a proxy
request. <em><a href="../rewrite/flags.html#flag_p">details
...</a></em></td>
</tr>
- <tr>
+<tr>
<td>passthrough|PT</td>
<td>Forces the resulting URI to be passed back to the URL
mapping engine for processing of other URI-to-filename
translators, such as <code>Alias</code> or
<code>Redirect</code>. <em><a href="../rewrite/flags.html#flag_pt">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>qsappend|QSA</td>
- <td>Appends any query string created in the rewrite target to
- any query string that was in the original request URL. <em><a href="../rewrite/flags.html#flag_qsa">details ...</a></em></td>
+ <td>Appends any query string from the original request URL to
+ any query string created in the rewrite target.<em><a href="../rewrite/flags.html#flag_qsa">details ...</a></em></td>
</tr>
- <tr>
+<tr>
<td>qsdiscard|QSD</td>
<td>Discard any query string attached to the incoming URI.
<em><a href="../rewrite/flags.html#flag_qsd">details
...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>redirect|R[=<em>code</em>]</td>
<td>Forces an external redirect, optionally with the specified
HTTP status code. <em><a href="../rewrite/flags.html#flag_r">details ...</a></em>
</td>
</tr>
- <tr>
- <td>END</td>
- <td>Stop the rewriting process immediately and don't apply any
- more rules. Also prevents further execution of rewrite rules
- in per-directory and .htaccess context. (Available in 2.3.9 and later)
- <em><a href="../rewrite/flags.html#flag_l">details ...</a></em></td>
- </tr>
- <tr>
+<tr>
<td>skip|S=<em>num</em></td>
<td>Tells the rewriting engine to skip the next <em>num</em>
rules if the current rule matches. <em><a href="../rewrite/flags.html#flag_s">details ...</a></em></td>
</tr>
- <tr>
+<tr class="odd">
<td>type|T=<em>MIME-type</em></td>
<td>Force the <a class="glossarylink" href="../glossary.html#mime-type" title="see glossary">MIME-type</a> of the target file
to be the specified type. <em><a href="../rewrite/flags.html#flag_t">details ...</a></em></td>
</tr>
- </table>
+</table>
<div class="note"><h3>Home directory expansion</h3>
<p> When the substitution string begins with a string
/somepath/pathinfo</code>'':</strong><br />
</p>
-<table class="bordered">
-<tr>
+<table class="bordered"><tr class="header">
<th>Given Rule</th>
<th>Resulting Substitution</th>
</tr>
-
<tr>
<td>^/somepath(.*) otherpath$1</td>
<td>invalid, not supported</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) otherpath$1 [R]</td>
<td>invalid, not supported</td>
</tr>
-
<tr>
<td>^/somepath(.*) otherpath$1 [P]</td>
<td>invalid, not supported</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) /otherpath$1</td>
<td>/otherpath/pathinfo</td>
</tr>
-
<tr>
<td>^/somepath(.*) /otherpath$1 [R]</td>
<td>http://thishost/otherpath/pathinfo via external redirection</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) /otherpath$1 [P]</td>
<td>doesn't make sense, not supported</td>
</tr>
-
<tr>
<td>^/somepath(.*) http://thishost/otherpath$1</td>
<td>/otherpath/pathinfo</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) http://thishost/otherpath$1 [R]</td>
<td>http://thishost/otherpath/pathinfo via external redirection</td>
</tr>
-
<tr>
<td>^/somepath(.*) http://thishost/otherpath$1 [P]</td>
<td>doesn't make sense, not supported</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) http://otherhost/otherpath$1</td>
<td>http://otherhost/otherpath/pathinfo via external redirection</td>
</tr>
-
<tr>
<td>^/somepath(.*) http://otherhost/otherpath$1 [R]</td>
<td>http://otherhost/otherpath/pathinfo via external redirection (the [R] flag is redundant)</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^/somepath(.*) http://otherhost/otherpath$1 [P]</td>
<td>http://otherhost/otherpath/pathinfo via internal proxy</td>
</tr>
<p><strong>Inside per-directory configuration for
<code>/somepath</code><br />
- (<code>/physical/path/to/somepath/.htacccess</code>, with
+ (<code>/physical/path/to/somepath/.htaccess</code>, with
<code>RewriteBase /somepath</code>)<br />
for request ``<code>GET
/somepath/localpath/pathinfo</code>'':</strong><br />
</p>
-<table class="bordered">
-
-<tr>
+<table class="bordered"><tr class="header">
<th>Given Rule</th>
<th>Resulting Substitution</th>
</tr>
-
<tr>
<td>^localpath(.*) otherpath$1</td>
<td>/somepath/otherpath/pathinfo</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) otherpath$1 [R]</td>
<td>http://thishost/somepath/otherpath/pathinfo via external
redirection</td>
</tr>
-
<tr>
<td>^localpath(.*) otherpath$1 [P]</td>
<td>doesn't make sense, not supported</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) /otherpath$1</td>
<td>/otherpath/pathinfo</td>
</tr>
-
<tr>
<td>^localpath(.*) /otherpath$1 [R]</td>
<td>http://thishost/otherpath/pathinfo via external redirection</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) /otherpath$1 [P]</td>
<td>doesn't make sense, not supported</td>
</tr>
-
<tr>
<td>^localpath(.*) http://thishost/otherpath$1</td>
<td>/otherpath/pathinfo</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) http://thishost/otherpath$1 [R]</td>
<td>http://thishost/otherpath/pathinfo via external redirection</td>
</tr>
-
<tr>
<td>^localpath(.*) http://thishost/otherpath$1 [P]</td>
<td>doesn't make sense, not supported</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) http://otherhost/otherpath$1</td>
<td>http://otherhost/otherpath/pathinfo via external redirection</td>
</tr>
-
<tr>
<td>^localpath(.*) http://otherhost/otherpath$1 [R]</td>
<td>http://otherhost/otherpath/pathinfo via external redirection (the [R] flag is redundant)</td>
</tr>
-
-<tr>
+<tr class="odd">
<td>^localpath(.*) http://otherhost/otherpath$1 [P]</td>
<td>http://otherhost/otherpath/pathinfo via internal proxy</td>
</tr>
-
</table>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/mod/mod_rewrite.html" title="English"> en </a> |
<a href="../fr/mod/mod_rewrite.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
-</div><div id="footer">
-<p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
-<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
+</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
+<script type="text/javascript"><!--//--><![CDATA[//><!--
+var comments_shortname = 'httpd';
+var comments_identifier = 'http://httpd.apache.org/docs/trunk/mod/mod_rewrite.html';
+(function(w, d) {
+ if (w.location.hostname.toLowerCase() == "httpd.apache.org") {
+ d.write('<div id="comments_thread"><\/div>');
+ var s = d.createElement('script');
+ s.type = 'text/javascript';
+ s.async = true;
+ s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier;
+ (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s);
+ }
+ else {
+ d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>');
+ }
+})(window, document);
+//--><!]]></script></div><div id="footer">
+<p class="apache">Copyright 2014 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/quickreference.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!--
+if (typeof(prettyPrint) !== 'undefined') {
+ prettyPrint();
+}
+//--><!]]></script>
</body></html>
\ No newline at end of file