With mod_rewrite is a nifty rule-based rewriting engine that allows your website to rewrite URLs on the fly. For example, when browsing around an ecommerce website, you might end up at a URL like this:

  • gizmo.com/latest_and_greatest/specific_gadgets/exactly_what_youre_browsing_for

However, on the backend, the actual URL probably looks more like this:

Mod_rewrite allows the website to create custom URLs that match the site visitor’s search. You, as the user, are totally oblivious to this sneaky bit of trickery and thank the website for having such a thorough directory.

How to Set up Mod_Rewrites

Setup for mod_rewrites is surprisingly simple. To get going, all you need to do is install the mod_rewrite module on your Apache server. If it is already installed, you should find it in the “Apache loaded modules” section of your website. If you have trouble installing the module, you may need to contact your hosting company and ask them to install it for you.

A Simple Mod_Rewrite Example

Now that your mod_rewrite module is all set up, you can start generating URL rewrites. Let’s start with a straightforward mod_rewrite, and you don’t get anything easier than a basic redirect. We will redirect users who ask for the page kelly.html to john.html instead. Firstly, we need to create similar pages for both Kelly and John: <html>


<title>Kelly's webpage</title>




This is Kelly's webpage


</body> </html> Now for the fun part: configuring your mod_rewrite. Add two lines of code to your .htaccess file, which is a text file that provides a way to configure the details of your website without altering the server config files. Your .htaccess file will apply to any directory which you place it in, and any below it. To your .htaccess file, we’re going to add:

  • RewriteEngine on
  • RewriteRule ^kelly.html$ john.html

Once you’ve uploaded this .htaccess file to both Kelly and John’s directories, you should see John’s page when you try to load Kelly’s, even though Kelly’s URL is displayed. Easy as pie.

The Five RewriteRules

  1. RewriteRule: The name of the command.
  2. Pattern: This is the regular expression to be applied to the “current” URL. Remember that if you apply a RewriteRule to an already-ruled URL, then that changed URL will be the current URL.
  3. Substitution: Rewrite substitutions are exactly the same as in Perl, PHP, etc. In the substitution, you can include backreferences and server variable names (%{VARNAME}). Please note that the backreferences to this RewriteRule should be written as $N.
  4. Special Substitution: This substitution tells Apache to not perform any substitution.
  5. OptionalFlags: This is the only non-compulsory part of the RewriteRule. Each flag should be in square brackets and separated by a comma. All the flags available are listed in the mod_rewrite manual.

A More Complex Mod_Rewrite Example

Ok, it’s time to step it up a notch. Let’s say you have set up a main index page with a certain parameter. This parameter directs your page on how to be displayed and what content to pull through. So, a link like index.php?page=software would take you to a software page, while a link to index.php?page=interests would take you to an interests page. But web pages don’t like having long, complicated and cumbersome URLs. In order to avoid this, we’ll create a mod_rewrite to silently redirect users from page/software/ to index.php?page=software. To achieve this redirect, you need to add the following to your .htaccess file:

  • RewriteEngine on
  • RewriteRule ^page/([^/\.]+)/?$ index.php?page=$1 [L]

Here are the details of each section of the RewriteRule above:

^page/ This shows us whether the requested page starts with page/.
([^/.]+) The enclosing brackets indicate that anything that is matched will be remembered by the RewriteRule. Inside the brackets, the rule says “I’d like one or more characters that aren’t a forward slash or a period”. Whatever is found here will be captured and remembered.
/?$ This makes sure that the only thing that is found after what was just matched is a possible forward slash, and nothing else. If anything else is found, then this RewriteRule will be ignored.
index.php?page=$ The actual page which will be loaded by Apache. $1 is replaced with the text which was captured previously.
[L] This tells Apache that if the RewriteRule was successful, no further rules need to be run.

Hot Linking and Conditional Statements

Hot linking is the act of displaying an image/file on a web page by linking to the original image/file on another web page, rather than saving a copy of the image yourself. This is not good practice. Think about it… If you've linked to an image on someone else’s page, what's going to stop them from changing the image you linked to something inappropriate? So, how do you prevent people from hot linking to your website? All you need is to add a few RewriteCond statements to your .htaccess file. These are conditional statements for RewriteRules and follow this basic format:

  • RewriteCond test_string cond_pattern

Set the test_string to be the HTTP_REFERER. If the test string is not empty or your own server, then your website will deliver an alternative, low bandwidth image. This reprimands the hot linking scoundrel for stealing your bandwidth. Here’s how to do this:

  • RewriteEngine on
  • RewriteCond %{HTTP_REFERER} !^$
  • RewriteCond %{HTTP_REFERER} !^http://(www\.)?somesite.com/.*$ [NC]
  • RewriteRule \.(gif|jpg|png)$ http://www.somesite.com/nasty.gif [R,L]

This shows that the RewriteRule will only be processed if all the preceding RewriteConds are met. The [NC], which stands for No Case, in the second RewriteCond indicates that it makes no difference whether the domain name was typed in upper or lower case. The forth line says that any request for gif, jpg or png file that does not come directly from your website’s referers, will cause your inappropriate image being displayed instead. You can also set it that the hot linker rather receives no image and a 403 Forbidden message by changing the final line to:

  • RewriteRule \.(gif|jpg|png)$ - [F]

Mod_rewrite is an extremely handy tool for keeping your website in tiptop condition. We hope this article has helped. Stay safe out there.