Successfully reported this slideshow.
Your SlideShare is downloading. ×

URL Mapping, with and without mod_rewrite

Ad

mod_rewrite and
       friends
     URL Mapping Power Tools

     Rich Bowen - SourceForge

Ad

AKA: Oh, no, not
     yet another
mod_rewrite talk
      URL Mapping Power Tools

      Rich Bowen - SourceForge

Ad

URL Mapping

 What            Directory
                 (listing)
 does that
 URL mean?    Redirect

              Proxy
...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Upcoming SlideShare
Apache mod_rewrite
Apache mod_rewrite
Loading in …3
×

Check these out next

1 of 70 Ad
1 of 70 Ad

URL Mapping, with and without mod_rewrite

Download to read offline

Yeah, we all have to use mod_rewrite. But there are alternatives in many cases. URL mapping is a much bigger picture than just RewriteRule.

Yeah, we all have to use mod_rewrite. But there are alternatives in many cases. URL mapping is a much bigger picture than just RewriteRule.

More Related Content

URL Mapping, with and without mod_rewrite

  1. 1. mod_rewrite and friends URL Mapping Power Tools Rich Bowen - SourceForge
  2. 2. AKA: Oh, no, not yet another mod_rewrite talk URL Mapping Power Tools Rich Bowen - SourceForge
  3. 3. URL Mapping What Directory (listing) does that URL mean? Redirect Proxy File Error Handler
  4. 4. mod_rewrite Gave that talk for the last four PHP|Tek conferences I think half of you attended those talks So, what can we do that's different?
  5. 5. Although ... If you actually *wanted* a mod_rewrite talk, that can probably be arranged.
  6. 6. Let's start with the interesting stuff We can proceed to the boring stuff as we have time.
  7. 7. <If> New in 2.4 This is the reason you've been looking for to upgrade to 2.4
  8. 8. Expressions Function by vestman, on Flickr Mathematical statement which is either true or false Can consider any variable that interests you
  9. 9. <If "%{HTTP_HOST} != 'www.example.com'"> Redirect permanent / http://www.example.com </If> <If> can be used in any context (server, vhost, directory, .htaccess)
  10. 10. Goodbye mod_rewrite Doesn't replace mod_rewrite in *all* contexts But it does for many of the things you're using it for And it's much more readable, usually
  11. 11. So ...
  12. 12. Example: hotlinking RewriteCond %{HTTP_REFERER} !www.example.com [NC] RewriteRule .(gif|jpg|png)$ - [F,NC]
  13. 13. Becomes: Note: Shorter is not always better. I think this is *clearer* <If "%{HTTP_REFERER} !~ www.example.com"> <If "%{REQUEST_URI} =~ .(gif|jpg|png)$"> Require all denied </If> </If>
  14. 14. Also <If "-R '10.1.0.0/16'"> # ... </If> <ElseIf "-R '10.0.0.0/8'"> # ... </ElseIf> <Else> # ... </Else> -R is like "%{REMOTE_ADDR} -ipmatch ..."
  15. 15. More later We could give examples of this all day, but let's move on to something else ... By Roby Ferrari, on Flickr
  16. 16. FallbackResource New as of 2.2.16 You all need it
  17. 17. You've all seen this: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
  18. 18. You've all seen this: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On This bit says "If mod_rewrite RewriteBase / is enabled", and is RewriteRule ^index.php$ - [L] completely unnecessary. RewriteCond %{REQUEST_FILENAME} !-f That's probably a rant for RewriteCond %{REQUEST_FILENAME} !-d another time. RewriteRule . /index.php [L] </IfModule> # END WordPress
  19. 19. You've all seen this: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond Annoying bit to keep %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d mod_rewrite happy RewriteRule . /index.php [L] </IfModule> # END WordPress
  20. 20. You've all seen this: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d If it's already RewriteRule . /index.php [L] index.php, don't bother </IfModule> # END WordPress
  21. 21. You've all seen this: # BEGIN WordPress If it's not a file, and it's <IfModule mod_rewrite.c> not a directory (ie, a RewriteEngine On valid resource) RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
  22. 22. You've all seen this: # BEGIN WordPress Send everything else to <IfModule mod_rewrite.c> index.php as a "front RewriteEngine On controller" RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress
  23. 23. Or FallbackResource /index.php
  24. 24. How it works FallbackResource /index.php Triggers just before the error handlers, once other options have been checked. This ensures that existing resources (css, js, images, etc) continue to work as desired.
  25. 25. How it works FallbackResource /index.php Note that that's a URL path, not just a file name. Otherwise it gets grumpy.
  26. 26. REQUEST_URI FallbackResource /index.php
  27. 27. No need to rewrite RewriteRule ^/(.*) /index.php?$1 # or something like that ... Instead ... FallbackResource /index.php $args = explode('/', $_SERVER['REQUEST_URI'] ); Remember that the first character of a URL path is always "/"
  28. 28. Robert Fornal, on Flickr *Match Directives: AliasMatch, RedirectMatch, ProxyPassMatch Containers: DirectoryMatch, LocationMatch, FilesMatch
  29. 29. AliasMAtch # Keep the images separate AliasMatch ^/image/(.*).jpg$ /files/jpg.images/$1.jpg AliasMatch ^/image/(.*).gif$ /files/gif.images/$1.gif AliasMatch ^/image/(.*).png$ /files/png.images/$1.gif
  30. 30. Case insensitive AliasMatch (?i)^/image(.*) /ftp/pub/image$1
  31. 31. Everything but ... RedirectMatch ^/(?!images/)(.*) http://dynamic.myhost.com/$1
  32. 32. Everything but ... RedirectMatch ^/(?!images/)(.*) http://dynamic.myhost.com/$1 This is called a zero-width assertion. Zero-width because it doesn't capture a backreference
  33. 33. Everything but ... RedirectMatch ^/(?!images/)(.*) http://dynamic.myhost.com/$1 Matches anything that DOESN'T start with 'images/'
  34. 34. Everything but ... RedirectMatch ^/(?!images/)(.*) http://dynamic.myhost.com/$1 Result: Everything that's not an image goes over *there*
  35. 35. FilesMatch Recommended way to configure .php files with mod_php <FilesMatch .php$> SetHandler application/x-httpd-php </FilesMatch>
  36. 36. FilesMatch Recommended way to configure .php files with mod_php <FilesMatch .php$> SetHandler application/x-httpd-php </FilesMatch> Avoids .php.txt files being processed, for example
  37. 37. ProxyPassMatch ProxyPassMatch ^/(.*.gif)$ http://backend.example.com:8000/$1
  38. 38. ProxyPassMatch ProxyPassMatch ^/(.*.gif)$ http://backend.example.com:8000/$1 Security note: The target URL shouldn't be modifiable by the URL. That is, there must not be any way that a cleverly crafted URL could result in the target URL being something nefarious.
  39. 39. Consider: ProxyPassMatch ^/(.*)$ http://backend.example.com$1 What if my URL was http://yourserver.com/.myserver.com/
  40. 40. Consider: ProxyPassMatch ^/(.*)$ http://backend.example.com$1 What if my URL was http://yourserver.com/.myserver.com/
  41. 41. Consider: ProxyPassMatch ^/(.*)$ http://backend.example.com$1 Gotcha What if my URL was http://backend.example.com.myserver.com/ http://yourserver.com/.myserver.com/index.php
  42. 42. Consider: ProxyPassMatch ^/(.*)$ http://backend.example.com$1 Fortunately, this actually shouldn't work, since ProxyPassMatch will return a 500 if the target URL isn't valid before the substitution. (ie, no trailing slash)
  43. 43. Oh, all right We'll do some mod_rewrite stuff, because you'd go home sad if I didn't.
  44. 44. Did you know ... You can now use expr in RewriteCond, which is practically magic
  45. 45. RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'" RewriteRule ^/images - [F]
  46. 46. New keyword 'expr' RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'" RewriteRule ^/images - [F]
  47. 47. -strmatch is a glob, not a regex RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'" RewriteRule ^/images - [F]
  48. 48. RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'" RewriteRule ^/images - [F] If the referer doesn't look like the source ...
  49. 49. RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'" RewriteRule ^/images - [F] Yes, this is yet another way to prevent "hot linking" of images.
  50. 50. RewriteMap Table-based lookup More programmatic lookups Database queries
  51. 51. Database rewrites RewriteMap supports database queries in 2.4 RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  52. 52. Map Name RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  53. 53. Argument RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  54. 54. Default RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  55. 55. Query is prepared and executed, so sql injection is mitigated, but you still need to be careful. RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  56. 56. Use "fastdbd" to enable query caching, "dbd" to do without caching RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  57. 57. Default value if there's no returned value. If multiple values, one is selected randomly RewriteMap myquery "fastdbd:SELECT ID FROM breeds WHERE name = %s" RewriteRule ^/dogs/(.*) /breeds.php?id=${myquery:$1|0} [PT]
  58. 58. mod_proxy_html New module in 2.4 Was available as third-party module in earlier versions Simplifies proxying to a back-end app
  59. 59. mod_proxy_html Proxying to internal server which is closed-source, or that you don't have time to monkey with Generated HTML has fully-qualified URLs:
  60. 60. Client http://app.local/ http://example.com/ <html> <a href="http:// app.local"> Link</a> ...
  61. 61. mod_proxy_html Fixes up the HTML Also inspects cookies, and other headers, and fixes those
  62. 62. mod_proxy_express Another new module in 2.4 Simplifies the creation of proxying a bunch of vhosts to back-end servers
  63. 63. ## ##express-map.txt: ## www1.example.com http://192.168.211.2:8080 www2.example.com http://192.168.211.12:8088 www3.example.com http://192.168.212.10
  64. 64. ## ##express-map.txt: ## www1.example.com http://192.168.211.2:8080 www2.example.com http://192.168.211.12:8088 www3.example.com http://192.168.212.10 httxt2dbm -i express-map.txt -o emap ProxyExpressDBMFile emap
  65. 65. mod_proxy_express Especially awesome for a bunch of VMs, with a front-end proxy/cache server Avoids having a jillion ProxyPass directives or rewrite rules
  66. 66. And while we're on the subject mod_proxy_balancer is twice as caffeinated as it used to be
  67. 67. mod_proxy_balancer <Proxy balancer://mycluster> BalancerMember http://192.168.1.50:80 BalancerMember http://192.168.1.51:80 </Proxy> ProxyPass /test balancer://mycluster ProxyPassReverse /test balancer://mycluster
  68. 68. Balance By ... Busyness SuperFantastic, on Flickr Byrequests Bytraffic heartbeats
  69. 69. Heartbeats Mark McLaughlin, on Flickr This is new mod_heartmonitor and mod_heartbeat verify that a server is alive, and now you balance by what server is more idle
  70. 70. Fin rbowen@geek.net @rbowen https://joind.in/6509

Editor's Notes

  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n

×