how to optimize .htaccess for typo3 projects to optimize .htaccess for typo3 projects jochen weiland...

How to Optimize .htaccess for TYPO3 Projects

Jochen Weiland

T3EE Cluj Napoca November 2015

Happy Developer -

almost finished a new project

But then… some .htaccess Configuration is

needed

Why .htaccess?

• Configure your Apache Web Server on a per-directory basis

• Directives apply to directory and all sub-directories

Why not .htaccess

• In general, use of .htaccess files should be avoided when possible

• Use the<Directory> section in your main server configuration file

• Need to restart Apache

Redirect/Rewrite

Redirect

Redirect301/old-page.htmlhttp://www.mydomain.com/new-page.html

Regular Expressions

Matching Anything (.)

a.bpattern will match a string containing “a”, followed by any character, followed by “c”. So, that pattern will match the strings “abc”, “ancient”, and “warcraft”

Escaping Characters (\)

\.While . means “any character,” \. means a literal “.” character.

Special meaning when used with some characters:

\t = Tab \s = Whitespace

Anchoring Text to the Start and End (^ and $)

^/

This matches any string that starts with a slash

\.jpg$

This pattern matches any string that ends with .jpg

Matching One or More Characters (+)

giraf+e+

This pattern will allow one or more “f”s, as well as one or more “e”s. So it will match “girafe”, “giraffe”, and “giraffee” (and even girafffffeeeeee)

Matching Zero or More Characters (*)

giraf*e*

This pattern will match the same strings listed previously (“giraffe”, “girafe”, and “giraffee”) as well as “giraeeeee” and “gira”

Making a Match Optional (?)

e-?mail

This pattern will match both “email” and “e-mail”

Grouping and Capturing ( () )

(abc)+

This pattern will match “abc” and “abcabc”

(.*\.gif)$

This will match any .gif file and capture the filename in $1

Matching One of a Group of Characters ([ ])

[abc]

This will match the letter “a”, or the letter “b”, or the letter “c”.

/home/([abc].*)

Matches user names starting with a, b or c and stores them in back reference $1

Negation (!)

!^/images

This will match any path not starting with /images

RewriteRule

• First enable Rewriting:

RewriteEngineOn

RewriteRule

• General Syntax

RewriteRulepatterntarget[flags]

RewriteRule Pattern

• Pattern is a regex applied to the requested URI

RewriteRulepatterntarget[flags]

RewriteRule Target

• Target is either a URL (http://…). Scheme and domain can be omitted if it is the same

RewriteRulepatterntarget[flags]

RewriteRule Flags

• L (Last) Stop Rewriting after this Rule

• R (Redirect, with Status) [R=301,L]

• F (Forbidden) Return a 403 Status Code

• QSA (Query String Append) Append the original Query String

• NE (No Escape) Do not escape special chars

RewriteRulepatterntarget[flags]

RewriteCond

• Next RewriteRule only executed, if certain conditions are TRUE

RewriteCondTeststringPattern[Flags]RewriteRule<Pattern><Target>

38 Teststrings• %{REQUEST_URI}

• %{HTTP_HOST}

• %{REMOTE_ADDR}

• %{HTTP_HOST}

• %{SCRIPT_FILENAME}

• %{QUERY_STRING}

• …

Flags

• NC No Case

• OR Or

RewriteCond

• Several Conditions can be combined, all Conditions must be TRUE:

RewriteCondTeststringPatternRewriteCondTeststringPatternRewriteCondTeststringPatternRewriteRule<Pattern><Target>

RewriteCond

• Several Conditions can be combined, the RewriteRule will be executed if at least one Condition is TRUE:

RewriteCondTeststringPattern[OR]RewriteCondTeststringPattern[OR]RewriteCondTeststringPatternRewriteRule<Pattern><Target>

Example

RewriteCond%{TIME_HOUR}%{TIME_MIN}>0700RewriteCond%{TIME_HOUR}%{TIME_MIN}<1900RewriteRule^/page\.html$page.day.htmlRewriteRule^/page\.html$page.night.html

Redirect http to https

RewriteCond%{SERVER_PORT}!^443$RewriteRule(.*)https://%{HTTP_HOST}/$1[L]

Redirect based on Query Parameters

RewriteCond%{QUERY_STRING}^id=7$RewriteRule^.*$http://example.com/imprint.html?[L,R=301]

Rewrite

example.com/index.php?id=7

to

example.com/imprint.html

Always prepend www.

RewriteCond%{HTTP_HOST}^example\.com$[NC]RewriteRule^(.*)$http://www.example.com/$1[R=301,L]

Redirect to Anchor

example.com/news.html#artikel25

RewriteRule^info\.html$/news.html#artikel25[R=301,L,NE]

Beware of Looping!

RewriteEngineOnRewriteRule(.*)/maintenance.html[R=302]

Beware of Looping!

RewriteEngineOnRewriteRule(.*)/maintenance.html[R=302]

Block Access to Folders

RewriteRule_(?:recycler|temp)_/-[F]RewriteRulefileadmin/templates/.*\.(?:txt|ts)$-[F]RewriteRuletypo3temp/logs/-[F]RewriteRule^(vendor|typo3_src)-[F]RewriteRule(?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/-[F]

TYPO3 _.htaccess

• Included in TYPO3 Source Directory

• 358 Lines, 12.8 kB

• Use only for Inspiration !!

Enable gzip Encoding<FilesMatch"\.js\.gzip$">AddType"text/javascript".gzip</FilesMatch>

<FilesMatch"\.css\.gzip$">AddType"text/css".gzip</FilesMatch>

AddEncodinggzip.gzip

TYPO3 .htaccess<FilesMatch"\.js\.gzip$">AddType"text/javascript".gzip</FilesMatch><FilesMatch"\.css\.gzip$">AddType"text/css".gzip</FilesMatch>AddEncodinggzip.gzip

RewriteEngineOnRewriteRule^typo3$-[L]RewriteRule^typo3/.*$-[L]RewriteRule^uploads/.*$-[L]RewriteRule^fileadmin/.*$-[L]RewriteRule^typo3conf/.*$-[L]

RewriteCond%{REQUEST_FILENAME}!-fRewriteCond%{REQUEST_FILENAME}!-dRewriteCond%{REQUEST_FILENAME}!-lRewriteRule.*/index.php

Media FilesAddTypeaudio/mp4f4af4bm4aAddTypeaudio/oggogaoggopusAddTypeimage/bmpbmpAddTypeimage/svg+xmlsvgsvgzAddTypeimage/webpwebpAddTypevideo/mp4f4vf4pm4vmp4AddTypevideo/oggogvAddTypevideo/webmwebmAddTypevideo/x-flvflvAddTypeimage/x-iconcurico

Web FontsAddTypeapplication/font-woffwoffAddTypeapplication/font-woff2woff2AddTypeapplication/vnd.ms-fontobjecteotAddTypeapplication/x-font-ttfttcttfAddTypefont/opentypeotf

#allowfromalldomains<FilesMatch"\.(eot|otf|tt[cf]|woff2?)$">HeadersetAccess-Control-Allow-Origin"*"</FilesMatch>

Data Interchange

AddTypeapplication/atom+xmlatomAddTypeapplication/jsonjsonmaptopojsonAddTypeapplication/ld+jsonjsonldAddTypeapplication/rss+xmlrssAddTypeapplication/vnd.geo+jsongeojsonAddTypeapplication/xmlrdfxml

Browser CachingExpiresActiveOnExpiresDefault"accessplus1month"ExpiresByTypeimage/jpegA2592000ExpiresByTypeimage/gifA2592000ExpiresByTypeimage/pngA2592000ExpiresByTypeimage/x-iconA2592000ExpiresByTypeimage/svg+xml"accessplus1year"ExpiresByTypetext/plainA2592000ExpiresByTypeapplication/x-javascriptM3600ExpiresByTypetext/cssM30ExpiresByTypetext/htmlM300ExpiresByTypefont/truetype"accessplus1year"ExpiresByTypefont/opentype"accessplus1year"ExpiresByTypeapplication/x-font-woff"accessplus1year"ExpiresByTypeapplication/vnd.ms-fontobject"accessplus1year"

Exclude IP Address

orderdeny,allow#LingueeBotdenyfrom188.138.104.208

Password Protection

AuthTypeBasicAuthName"Pleaselogin"AuthUserFile/absolute_path/.htpasswdrequirevalid-user

Create Userhtpasswd-cm./.htpasswdusername

Create Add’l Users

htpasswd-m./.htpasswdusername

If things go wrong

• Check httpd error logs

• RewriteLog /var/log/rewrite.log

• RewriteLogLevel 9

Any Questions?

jweiland@jweiland.net @jweilandnet