Redirecting and Remapping with mod_rewrite

Assume we have recently renamed the page foo.html to bar.html and now want to provide the old URL for backward compatibility. However, we want that users of the old URL even not recognize that the pages was renamed - that is, we don't want the address to change in their browser.

We rewrite the old URL to the new one internally via the following rule:

RewriteEngine  on
RewriteRule    "^/foo\.html$"  "/bar.html" [PT]

You want all HTTP requests to be redirected to HTTPS. This is one of the most common uses of mod_rewrite, but in most cases it is better accomplished without it.

The preferred approach uses a Redirect directive in a dedicated HTTP virtual host:

<VirtualHost *:80>
    ServerName www.example.com
    Redirect permanent "/" "https://www.example.com/"
</VirtualHost>

<VirtualHost *:443>
    ServerName www.example.com
    # ... SSL configuration goes here
</VirtualHost>

If you do not have access to the main server configuration and must use a .htaccess file, mod_rewrite is the appropriate tool:

RewriteEngine On
RewriteCond "%{HTTPS}" !=on
RewriteRule "^(.*)" "https://%{SERVER_NAME}$1" [R=301,L]

The %{HTTPS} variable is set to on when the connection is using SSL/TLS, and is empty or off otherwise. Using R=301 issues a permanent redirect, which tells search engines to update their index.

See also the When not to use mod_rewrite document for more discussion of the Redirect approach.

You want to ensure that URLs for directories always end with a trailing slash, or conversely, that they never do. This is a common requirement for SEO and for consistent URL handling by web applications.

To add a trailing slash to URLs that map to directories:

RewriteCond "%{REQUEST_FILENAME}" -d
RewriteCond "%{REQUEST_URI}" "!/$"
RewriteRule "^(.*)$" "$1/" [R=301,L]

To remove a trailing slash (except for actual directories):

RewriteCond "%{REQUEST_FILENAME}" !-d
RewriteCond "%{REQUEST_URI}" "(.+)/$"
RewriteRule "^" "%1" [R=301,L]

Apache's mod_dir already handles trailing slash redirects for real directories when DirectorySlash is enabled (the default). You only need a mod_rewrite rule if you want to enforce trailing slash behavior for URLs that do not correspond to actual directories on disk, or if you want to remove trailing slashes.

You want to force all requests to use either www.example.com or example.com, not both. This ensures search engines treat them as one site and prevents cookie scope issues.

The best approach does not use mod_rewrite at all. Place a Redirect in the virtual host for the non-canonical hostname:

# Redirect example.com -> www.example.com
<VirtualHost *:80 *:443>
    ServerName example.com
    Redirect permanent "/" "https://www.example.com/"
</VirtualHost>

If you only have .htaccess access:

# Add www
RewriteEngine On
RewriteCond "%{HTTP_HOST}" "!^www\." [NC]
RewriteRule "^(.*)" "https://www.%{HTTP_HOST}$1" [R=301,L]

# Remove www
RewriteEngine On
RewriteCond "%{HTTP_HOST}" "^www\.(.+)$" [NC]
RewriteRule "^(.*)" "https://%1$1" [R=301,L]

See also the Canonical Hostnames recipe above, which covers the general case. This recipe focuses specifically on the www/non-www choice, which is the most common hostname canonicalization need.

Most modern web frameworks (PHP, Python, Ruby, etc.) use a single entry point - often called a "front controller" - that handles all requests. URLs like /products/widget are routed to index.php (or equivalent), which parses the URL internally.

If you need mod_rewrite (for example, to add additional conditions), the standard pattern is:

RewriteEngine On
RewriteCond "%{REQUEST_FILENAME}" !-f
RewriteCond "%{REQUEST_FILENAME}" !-d
RewriteRule "^(.*)$" "/index.php" [L]

The !-f and !-d conditions skip the rule for requests that map to an existing file or directory, so static assets (images, CSS, JavaScript) are still served directly.

In .htaccess context, consider using [END] instead of [L] to avoid reprocessing loops. See the .htaccess looping discussion for details.

Assume again that we have recently renamed the page foo.html to bar.html and now want to provide the old URL for backward compatibility. But this time we want that the users of the old URL get hinted to the new one, i.e. their browsers Location field should change, too.

We force a HTTP redirect to the new URL which leads to a change of the browsers and thus the users view:

RewriteEngine  on
RewriteRule    "^/foo\.html$"  "bar.html"  [R]

In this example, as contrasted to the internal example above, we can simply use the Redirect directive. mod_rewrite was used in that earlier example in order to hide the redirect from the client:

Redirect "/foo.html" "/bar.html"

If a resource has moved to another server, you may wish to have URLs continue to work for a time on the old server while people update their bookmarks.

You can use mod_rewrite to redirect these URLs to the new server, but you might also consider using the Redirect or RedirectMatch directive.

#With mod_rewrite
RewriteEngine on
RewriteRule   "^/docs/(.+)"  "http://new.example.com/docs/$1"  [R,L]

#With RedirectMatch
RedirectMatch "^/docs/(.*)" "http://new.example.com/docs/$1"

#With Redirect
Redirect "/docs/" "http://new.example.com/docs/"

For simple redirections to another server, the Redirect or RedirectMatch directives are preferred, as they are simpler and more efficient.

How can we make URLs backward compatible (still existing virtually) after migrating document.YYYY to document.XXXX, e.g. after translating a bunch of .html files to .php?

The URL is rewritten from the old extension to the new one only if the target file with the new extension exists and the original file with the old extension does not. Otherwise, the URL is left unchanged.

#   backward compatibility ruleset for
#   rewriting document.html to document.php
#   when and only when document.php exists
<Directory "/var/www/htdocs">
    RewriteEngine on
    RewriteBase   "/var/www/htdocs"

    RewriteCond   "$1.php"           -f
    RewriteCond   "$1.html"          !-f
    RewriteRule   "^(.*).html$"      "$1.php"
</Directory>

This example uses an often-overlooked feature of mod_rewrite, by taking advantage of the order of execution of the ruleset. In particular, mod_rewrite evaluates the left-hand-side of the RewriteRule before it evaluates the RewriteCond directives. Consequently, $1 is already defined by the time the RewriteCond directives are evaluated. This allows us to test for the existence of the original (document.html) and target (document.php) files using the same base filename.

This ruleset is designed to use in a per-directory context (In a <Directory> block or in a .htaccess file), so that the -f checks are looking at the correct directory path. You may need to set a RewriteBase directive to specify the directory base that you're working in.

The very best way to solve this doesn't involve mod_rewrite at all, but rather uses the Redirect directive placed in a virtual host for the non-canonical hostname(s).

<VirtualHost *:80>
  ServerName undesired.example.com
  ServerAlias example.com notthis.example.com

  Redirect "/" "http://www.example.com/"
</VirtualHost>

<VirtualHost *:80>
  ServerName www.example.com
</VirtualHost>

You can alternatively accomplish this using the <If> directive: (2.4 and later)

<If "%{HTTP_HOST} != 'www.example.com'">
    Redirect "/" "http://www.example.com/"
</If>

Or, for example, to redirect a portion of your site to HTTPS, you might do the following:

<If "%{SERVER_PROTOCOL} != 'HTTPS'">
    Redirect "/admin/" "https://www.example.com/admin/"
</If>

If, for whatever reason, you still want to use mod_rewrite - if, for example, you need this to work with a larger set of RewriteRules - you might use one of the recipes below.

For sites running on a port other than 80:

RewriteCond "%{HTTP_HOST}"   "!^www\.example\.com" [NC]
RewriteCond "%{HTTP_HOST}"   "!^$"
RewriteCond "%{SERVER_PORT}" "!^80$"
RewriteRule "^/?(.*)"        "http://www.example.com:%{SERVER_PORT}/$1" [L,R,NE]

And for a site running on port 80

RewriteCond "%{HTTP_HOST}"   "!^www\.example\.com"       [NC]
RewriteCond "%{HTTP_HOST}"   "!^$"
RewriteRule "^/?(.*)"        "http://www.example.com/$1" [L,R,NE]

If you wanted to do this generically for all domain names - that is, if you want to redirect example.com to www.example.com for all possible values of example.com, you could use the following recipe:

RewriteCond "%{HTTP_HOST}" "!^www\."                    [NC]
RewriteCond "%{HTTP_HOST}" "!^$"
RewriteRule "^/?(.*)"      "http://www.%{HTTP_HOST}/$1" [L,R,NE]

These rulesets will work either in your main server configuration file, or in a .htaccess file placed in the DocumentRoot of the server.

If you have access to the server configuration, a Redirect in a dedicated <VirtualHost> is the cleanest approach. Use the <If> directive as a middle ground, and mod_rewrite only if you are limited to .htaccess.

A particular resource might exist in one of several places, and we want to look in those places for the resource when it is requested. Perhaps we've recently rearranged our directory structure, dividing content into several locations.

The following ruleset searches in two directories to find the resource, and, if not finding it in either place, will attempt to just serve it out of the location requested.

RewriteEngine on

#   first try to find it in dir1/...
#   ...and if found stop and be happy:
RewriteCond         "%{DOCUMENT_ROOT}/dir1/%{REQUEST_URI}"  -f
RewriteRule "^(.+)" "%{DOCUMENT_ROOT}/dir1/$1"  [L]

#   second try to find it in dir2/...
#   ...and if found stop and be happy:
RewriteCond         "%{DOCUMENT_ROOT}/dir2/%{REQUEST_URI}"  -f
RewriteRule "^(.+)" "%{DOCUMENT_ROOT}/dir2/$1"  [L]

#   else go on for other Alias or ScriptAlias directives,
#   etc.
RewriteRule "^"     "-"                                          [PT]

This is useful during migrations when content is being moved between directories. For permanent setups, consider using Alias or symbolic links instead.

On some webservers there is more than one URL for a resource. Usually there are canonical URLs (which are be actually used and distributed) and those which are just shortcuts, internal ones, and so on. Independent of which URL the user supplied with the request, they should finally see the canonical one in their browser address bar.

We do an external HTTP redirect for all non-canonical URLs to fix them in the location view of the Browser and for all subsequent requests. In the example ruleset below we replace /puppies and /canines by the canonical /dogs.

RewriteRule   "^/(puppies|canines)/(.*)"    "/dogs/$2"  [R]

RedirectMatch "^/(puppies|canines)/(.*)" "/dogs/$2"

Usually the DocumentRoot of the webserver directly relates to the URL "/". But often this data is not really of top-level priority. For example, you may wish for visitors, on first entering a site, to go to a particular subdirectory /about/. This may be accomplished using the following ruleset:

We redirect the URL / to /about/:

RewriteEngine on
RewriteRule   "^/$"  "/about/"  [R]

Note that this can also be handled using the RedirectMatch directive:

RedirectMatch "^/$" "http://example.com/about/"

Note also that the example rewrites only the root URL. That is, it rewrites a request for http://example.com/, but not a request for http://example.com/page.html. If you have in fact changed your document root - that is, if all of your content is in fact in that subdirectory, it is greatly preferable to simply change your DocumentRoot directive, or move all of the content up one directory, rather than rewriting URLs.

As of version 2.2.16, you should use the FallbackResource directive for this:

<Directory "/var/www/my_blog">
  FallbackResource index.php
</Directory>

However, in earlier versions of Apache, or if your needs are more complicated than this, you can use a variation of the following rewrite set to accomplish the same thing:

<Directory "/var/www/my_blog">
  RewriteBase "/my_blog"

  RewriteCond "/var/www/my_blog/%{REQUEST_FILENAME}" !-f
  RewriteCond "/var/www/my_blog/%{REQUEST_FILENAME}" !-d
  RewriteRule "^"                                    "index.php" [PT]
</Directory>

If, on the other hand, you wish to pass the requested URI as a query string argument to index.php, you can replace that RewriteRule with:

RewriteRule "(.*)" "index.php?$1" [PT,QSA]

Note that these rulesets can be used in a .htaccess file, as well as in a <Directory> block.

The FallbackResource directive is almost always the better choice for this use case. See the When not to use mod_rewrite document for a simpler one-line alternative.

Many of the solutions in this section will all use the same condition, which leaves the matched value in the %2 backreference. %1 is the beginining of the query string (up to the key of intererest), and %3 is the remainder. This condition is a bit complex for flexibility and to avoid double '&&' in the substitutions.

• This solution removes the matching key and value:

  # Remove mykey=???
  RewriteCond "%{QUERY_STRING}" "(.*(?:^|&))mykey=([^&]*)&?(.*)&?$"
  RewriteRule "(.*)"            "$1?%1%3"

• This solution uses the captured value in the URL substitution, discarding the rest of the original query by appending a '?':

  # Copy from query string to PATH_INFO
  RewriteCond "%{QUERY_STRING}" "(.*(?:^|&))mykey=([^&]*)&?(.*)&?$"
  RewriteRule "(.*)"            "$1/products/%2/?" [PT]

• This solution checks the captured value in a subsequent condition:

  # Capture the value of mykey in the query string
  RewriteCond "%{QUERY_STRING}" "(.*(?:^|&))mykey=([^&]*)&?(.*)&?$"
  RewriteCond "%2"              !=not-so-secret-value
  RewriteRule "(.*)"            "-" [F]

• This solution shows the reverse of the previous ones, copying path components (perhaps PATH_INFO) from the URL into the query string.

  # The desired URL might be /products/kitchen-sink, and the script expects
  # /path?products=kitchen-sink.
  RewriteRule "^/?path/([^/]+)/([^/]+)" "/path?$1=$2" [PT]

See also the [QSA] and [QSD] flags, which control whether the original query string is appended to or discarded from the substitution.

Some sites with thousands of users use a structured homedir layout, i.e. each homedir is in a subdirectory which begins (for instance) with the first character of the username. So, /~larry/anypath is /home/l/larry/public_html/anypath while /~waldo/anypath is /home/w/waldo/public_html/anypath.

We use the following ruleset to expand the tilde URLs into the above layout.

RewriteEngine on
RewriteRule   "^/~(([a-z])[a-z0-9]+)(.*)"  "/home/$2/$1/public_html$3"

This technique is primarily useful for large hosting environments with thousands of users. For most sites, mod_userdir handles tilde-based user URLs without requiring mod_rewrite.

By default, redirecting to an HTML anchor doesn't work, because mod_rewrite escapes the # character, turning it into %23. This, in turn, breaks the redirection.

Use the [NE] flag on the RewriteRule. NE stands for No Escape.

We wish to use mod_rewrite to serve different content based on the time of day.

There are a lot of variables named TIME_xxx for rewrite conditions. In conjunction with the special lexicographic comparison patterns <STRING, >STRING and =STRING we can do time-dependent redirects:

RewriteEngine on
RewriteCond   "%{TIME_HOUR}%{TIME_MIN}" >0700
RewriteCond   "%{TIME_HOUR}%{TIME_MIN}" <1900
RewriteRule   "^foo\.html$"             "foo.day.html" [L]
RewriteRule   "^foo\.html$"             "foo.night.html"

This provides the content of foo.day.html under the URL foo.html from 07:01-18:59 and at the remaining time the contents of foo.night.html.

Serving dynamic content through your application is almost always a better approach. Caching by browsers, proxies, and mod_cache makes time-based rewriting unreliable in practice.

We wish to dynamically generate content, but store it statically once it is generated. This rule will check for the existence of the static file, and if it's not there, generate it. The static files can be removed periodically, if desired (say, via cron) and will be regenerated on demand.

# This example is valid in per-directory context only
RewriteCond "%{REQUEST_URI}"   !-U
RewriteRule "^(.+)\.html$"     "/regenerate_page.cgi"   [PT,L]

The -U operator determines whether the test string (in this case, REQUEST_URI) is a valid URL. It does this via a subrequest. In the event that this subrequest fails - that is, the requested resource doesn't exist - this rule invokes the CGI program /regenerate_page.cgi, which generates the requested resource and saves it into the document directory, so that the next time it is requested, a static copy can be served.

In this way, documents that are infrequently updated can be served in static form. if documents need to be refreshed, they can be deleted from the document directory, and they will then be regenerated the next time they are requested.

Modern approaches such as mod_cache, CDN caching layers, or application-level caching provide more robust and controllable solutions for serving pre-generated static content. The -U subrequest test used here also carries a performance cost on every request.