Apache Redirect and Rewrite

A quick overview with examples of some common ways how you could redirect or rewrite addresses …

mod_rewrite Module

Redirect everything to a “maintenance” message

RewriteEngine on
RewriteRule !maintenance.htm$ http://www.foo.tld/maintenance.htm [R,L]

redirects everything but maintenanace.htm

RewriteCond /maintenance.html -f
RewriteCond !maintenance.html
RewriteRule ^.*$ /maintenance.html [L]

if maintenance.html exists, everything is redirected to this page.

the following example shows a 503 service unavailable page with some exceptions.

# define a 503 error page
ErrorDocument 503 /503.html
 
RewriteEngine on
RewriteBase /
# don't rewrite the folliwng 2 directories:
RewriteCond %{REQUEST_URI}      !^/webservice
RewriteCond %{REQUEST_URI}      !^/example
# prevent a loop, don't rewrite the 503 error page
RewriteCond %{SCRIPT_FILENAME}  !503.html
# last rule, do rewrite what wasn't excluded above, issue the 503 response
RewriteRule ^.*$ /503.html [R=503,L]

Redirect everything but a verification URL

<VirtualHost *:443>
ServerName example.com

<Location />
RewriteEngine On
RewriteBase /
RewriteCond  %{SCRIPT_FILENAME}  !12f58980bf756d998fddaefddc7d364ae3.txt
RewriteRule ^.*$ https://www.example.com [R=302,L]

</Location>

...

</VirtualHost>

Redirect everything on the same host to Port 443 (SSL)

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Because this RewriteRule triggers a 302 redirect, it might be more useful to issue a 301 (permanent) one:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Redirect everything based on subdirectory to other domain (without that subdirectory):

RewriteEngine on
RewriteBase /subdir/
RewriteRule (.*) http://www.example.com/$1

Redirect everything temporarily (302) to a new host:

RewriteEngine on
RewriteRule   (.*)  http://www2.example/$1  [R=302,L]

Redirect several URLs with query strings attached (e.g. page.php?id=8)

RewriteCond %{REQUEST_URI} page1.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} page2.php(.*)$ [OR]
RewriteRule (.*) /index.php [R=301,L,QSD]
R=301 - permanent redirect
L     - last rule
QSD   - delete any attached query string

Redirect Directive

Simple redirect in .htaccess

Redirect / http://www.foo.tld/

or

Redirect 301  / http://www.foo.tld/

Redirect everything to a single URL (.htaccess)

RedirectMatch 301 ^.*$ http://destination.domain.tld/something.htm

Redirect a domain in the VirtualHost section:

httpd-vhost.conf
<VirtualHost *:80>
 ServerName www.example.com
 ServerAlias example.com
 Redirect 301  / http://www.example.de/
</VirtualHost>

PHP header()

If PHP ist installed you can use as well:

<?php
  header("Location: http://www.example.com");
  exit;
?>

or to give a specific http_response_code other than 302:

<?php
  header("Location: http://www.example.com", true, 301);
  exit;
?>

Put this in your index.php and your visitor will be redirected.

Force SSL with Basic Auth

To force a https (ssl) connection for a directory with basic auth the following hack works if you have to workaround a loadbalancer doing the ssl connection:

Assumption:

  • SOME_HEADER_SSL = 0 if http
  • SOME_HEADER_SSL = 1 if https
.htaccess
RewriteEngine On
SetEnvIf SOME_HEADER_SSL ^1$ let_me_in
 
# redirect to https:
ErrorDocument 403 /403.php
 
RewriteCond %{HTTP:SOME_HEADER_SSL} ^0$
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI}  [R=301,L]
 
order Deny,Allow
Deny from all
allow from env=let_me_in
 
AuthName "Secure dir"
AuthType Basic
AuthUserFile /htpasswd
AuthGroupFile /htgroup
 
<Limit GET>
require group allin
</Limit>
403.php
<?php
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
?>
apache/redirect.txt · Last modified: 2017-08 by tb
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready