Обсуждение .htacces общие правила, примеры регулырных выражений


9 Ноя 2012
В данном разделе хочется собрать максимально полную информацию и правилах написания регулярных выражений в файле .htacces + собрать максимально полный список рабочих правил.

По мере добавления рабочих примеров в коментах, топик будет дополняться как 1 большая инструкция.
Справочники и мануалы с примерами как правильно составить .htacces
Все правила проверялись лично на работоспособность
Топик будет постоянно пополняться, по мере нахождения полезной информации

защита от взлома
## Начнем блокировку злоумышленников
# ниже описаны привила наиболее наспространенных правил взлома сайта
# скажем так, убираем часть уязвимостей сайта
# блокирование закодированного PHP кода base64_encode использованного в URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Блокирование скриптов используемых <script> в URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Блокирование любых глобальных PHP переменных используемых в URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Блокирование запросов пытающихся изменить переменные _REQUEST через URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Перекидываем хитро.....баных му...ил пытающихся взломать сайт, на главную страницу сайта
RewriteRule .* index.php [F]
# отключаем глобальные переменные
php_value register_globals 0
# отключаем отображение содержимого каталога, если отсутствует файл index.php
Options -Indexes
#запрет отображения php и pl файлов
IndexIgnore *.php* *.pl

хз что означает, но пишется во всех файлах
# пробовал удалять и наоборот вставлять данную строчку - ничего не меняется
RewriteBase /

редирект с www на сайт без www, с https на http
# редирект с www на сайт без www
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ Для просмотра ссылки Войди или Зарегистрируйся [R,L]

# редирект с https на http
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ Для просмотра ссылки Войди или Зарегистрируйся [R,L]

редирект с index.php на корень сайта
# редирект с index.php на корень сайта
#RewriteCond %{THE_REQUEST} ^[A-Z0-9_-]{3,12}\ /index\.php\ HTTP/
#RewriteRule ^index\.php$ Для просмотра ссылки Войди или Зарегистрируйся [R=301,L]

помогите сделать код универсальным
# редирект с https на http
RewriteCond %{HTTPS} on
RewriteRule ^(.*)$ Для просмотра ссылки Войди или Зарегистрируйся [R,L]

Оставляем исполняемыми файлами только index.php
# выставляем скрипт по умолчанию во всех директориях - index.php
RewriteCond %{REQUEST_URI} !^/index\.php
# на некоторых хостингах без этой строчки не пускает в админку сайта
RewriteCond %{REQUEST_URI} !^/administrator/index\.php
# если файл index.php отсутствует в папке, отобразить список файлов
RewriteCond %{REQUEST_FILENAME} !-f
# если исполняемые файлы отсутствуют
RewriteCond %{REQUEST_FILENAME} !-d
# редирект на корневой файл index.php
RewriteRule .* index.php [L]

Буду очень рад, если кто поделится правилами составления регулярных выражений в .htacces (уже рабочими примерами).
Любой флуд без полезной информации будет тут же удаляться!!!!!
Если не сложно - напишите комментарий на каждую строчку описанного кода, заранее спасибо.
Всем привет!
Никак не получается запустить Gzip.
У провайдера модули: "mod_setenvif.c" и "mod_expires.c" включены.
Пробовал две вариации правил .htaccess, но всё тщетно. Форумчане, подскажите, что не так?
Первая вариация:
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css
application/xml application/xhtml+xml application/rss+xml
application/javascript application/x-javascript

<IfModule mod_setenvif.c>
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch  MSIE !no-gzip !gzip-only-text/html
Header set Cache-Control "max-age=43200"
# 1 YEAR
<FilesMatch ".(flv|ico|pdf|avi|mov|ppt|
Header set Cache-Control "max-age=29030400, public"
# 1 WEEK
<FilesMatch ".(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"
# 3 HOUR
<FilesMatch ".(txt|xml|js|css)$">
Header set Cache-Control "max-age=604800"
<FilesMatch ".(html|htm|php|cgi|pl)$">
Header set Cache-Control "max-age=0, private, no-store, no-cache,


<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 month"
ExpiresByType text/css "access 1 month"
# Data interchange
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
# Favicon (cannot be renamed!) and cursor images
ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
ExpiresByType text/html "access plus 0 seconds"
# JavaScript
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access 1 month"
# Manifest files
ExpiresByType application/manifest+json "access plus 1 year"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Media files
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/bmp "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
# Web fonts
# Embedded OpenType (EOT)
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType font/eot "access plus 1 month"
# OpenType
ExpiresByType font/opentype "access plus 1 month"
# TrueType
ExpiresByType application/x-font-ttf "access plus 1 month"
# Web Open Font Format (WOFF) 1.0
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType font/woff "access plus 1 month"
# Web Open Font Format (WOFF) 2.0
ExpiresByType application/font-woff2 "access plus 1 month"
# Other
ExpiresByType text/x-cross-domain-policy "access plus 1 week"

ExpiresByType image/jpg "access 1 weeks"
ExpiresByType application/pdf "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"

Вторая вариация:
########## Begin - ETag Optimization
## Note: It may cause problems on your server and you may need to remove it
FileETag MTime Size
########## End - ETag Optimization
########## Begin - Automatic compression of resources
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css
application/xml application/xhtml+xml application/rss+xml
application/javascript application/x-javascript
########## Begin - Optimal default expiration time
## Note: this might cause problems and you might have to comment it out by
## placing a hash in front of this section's lines

    # Enable expiration control
    ExpiresActive On

    # Default expiration: 1 hour after request
    ExpiresDefault "now plus 1 hour"

    # CSS and JS expiration: 1 week after request
    ExpiresByType text/css "now plus 1 week"
    ExpiresByType application/javascript "now plus 1 week"
    ExpiresByType application/x-javascript "now plus 1 week"

    # Image files expiration: 1 month after request
    ExpiresByType image/bmp "now plus 1 month"
    ExpiresByType image/gif "now plus 1 month"
    ExpiresByType image/jpeg "now plus 1 month"
    ExpiresByType image/jp2 "now plus 1 month"
    ExpiresByType image/pipeg "now plus 1 month"
    ExpiresByType image/png "now plus 1 month"
    ExpiresByType image/svg+xml "now plus 1 month"
    ExpiresByType image/tiff "now plus 1 month"
    ExpiresByType image/vnd.microsoft.icon "now plus 1 month"
    ExpiresByType image/x-icon "now plus 1 month"
    ExpiresByType image/ico "now plus 1 month"
    ExpiresByType image/icon "now plus 1 month"
    ExpiresByType text/ico "now plus 1 month"
    ExpiresByType application/ico "now plus 1 month"
    ExpiresByType image/vnd.wap.wbmp "now plus 1 month"
    ExpiresByType application/vnd.wap.wbxml "now plus 1 month"
    ExpiresByType application/smil "now plus 1 month"

    # Audio files expiration: 1 month after request
    ExpiresByType audio/basic "now plus 1 month"
    ExpiresByType audio/mid "now plus 1 month"
    ExpiresByType audio/midi "now plus 1 month"
    ExpiresByType audio/mpeg "now plus 1 month"
    ExpiresByType audio/x-aiff "now plus 1 month"
    ExpiresByType audio/x-mpegurl "now plus 1 month"
    ExpiresByType audio/x-pn-realaudio "now plus 1 month"
   ExpiresByType audio/x-wav "now plus 1 month"

    # Movie files expiration: 1 month after request
    ExpiresByType application/x-shockwave-flash "now plus 1 month"
    ExpiresByType x-world/x-vrml "now plus 1 month"
    ExpiresByType video/x-msvideo "now plus 1 month"
    ExpiresByType video/mpeg "now plus 1 month"
    ExpiresByType video/mp4 "now plus 1 month"
    ExpiresByType video/quicktime "now plus 1 month"
    ExpiresByType video/x-la-asf "now plus 1 month"
    ExpiresByType video/x-ms-asf "now plus 1 month"
хз что означает, но пишется во всех файлах
# пробовал удалять и наоборот вставлять данную строчку - ничего не меняется
RewriteBase /
Преобразование в базовый url.

Посмотри, в твоем шаблоне на сайте ctrl+U не прописан случайно <base href="..." /> ??

А так в принципе легко все гуглится. А файл хороший, у самого накиданный htaccess с кучей правил, посмотрю, если что-то будет интересное здесь не выложенное, то поделюсь.
редирект с index.php на корень сайта
# редирект с index.php на корень сайта
#RewriteCond %{THE_REQUEST} ^[A-Z0-9_-]{3,12}\ /index\.php\ HTTP/
#RewriteRule ^index\.php$ Для просмотра ссылки Войди или Зарегистрируйся [R=301,L]
А для чего прописывать этот редирект в .htacces,если это можно в общих настройках сайта сделать?
К моему Для просмотра ссылки Войди или Зарегистрируйся посту:
Финальный .htaccess выглядит так:
########## Begin - ETag Optimization
## Note: It may cause problems on your server and you may need to remove it
FileETag MTime Size
########## End - ETag Optimization
########## Begin - Automatic compression of resources
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript
########## Begin - Optimal default expiration time
## Note: this might cause problems and you might have to comment it out by
## placing a hash in front of this section's lines

   # Enable expiration control
   ExpiresActive On
   # Default expiration: 1 hour after request
   ExpiresDefault "now plus 1 hour"
   # CSS and JS expiration: 1 week after request
   ExpiresByType text/css "now plus 1 week"
   ExpiresByType application/javascript "now plus 1 week"
   ExpiresByType application/x-javascript "now plus 1 week"
   # Image files expiration: 1 month after request
   ExpiresByType image/bmp "now plus 1 month"
   ExpiresByType image/gif "now plus 1 month"
   ExpiresByType image/jpeg "now plus 1 month"
   ExpiresByType image/jp2 "now plus 1 month"
   ExpiresByType image/pipeg "now plus 1 month"
   ExpiresByType image/png "now plus 1 month"
   ExpiresByType image/svg+xml "now plus 1 month"
   ExpiresByType image/tiff "now plus 1 month"
   ExpiresByType image/vnd.microsoft.icon "now plus 1 month"
   ExpiresByType image/x-icon "now plus 1 month"
   ExpiresByType image/ico "now plus 1 month"
   ExpiresByType image/icon "now plus 1 month"
   ExpiresByType text/ico "now plus 1 month"
   ExpiresByType application/ico "now plus 1 month"
   ExpiresByType image/vnd.wap.wbmp "now plus 1 month"
   ExpiresByType application/vnd.wap.wbxml "now plus 1 month"
   ExpiresByType application/smil "now plus 1 month"
   # Audio files expiration: 1 month after request
   ExpiresByType audio/basic "now plus 1 month"
   ExpiresByType audio/mid "now plus 1 month"
   ExpiresByType audio/midi "now plus 1 month"
   ExpiresByType audio/mpeg "now plus 1 month"
   ExpiresByType audio/x-aiff "now plus 1 month"
   ExpiresByType audio/x-mpegurl "now plus 1 month"
   ExpiresByType audio/x-pn-realaudio "now plus 1 month"
   ExpiresByType audio/x-wav "now plus 1 month"
   # Movie files expiration: 1 month after request
   ExpiresByType application/x-shockwave-flash "now plus 1 month"
   ExpiresByType x-world/x-vrml "now plus 1 month"
   ExpiresByType video/x-msvideo "now plus 1 month"
   ExpiresByType video/mpeg "now plus 1 month"
   ExpiresByType video/mp4 "now plus 1 month"
   ExpiresByType video/quicktime "now plus 1 month"
   ExpiresByType video/x-la-asf "now plus 1 month"
   ExpiresByType video/x-ms-asf "now plus 1 month"

########## End - Optimal expiration time

<IfModule mod_deflate.c>

# Force compression for mangled `Accept-Encoding` request headers
# https://developer.yahoo.com/blogs/ydn/pushing-beyond-gzipping-25601.html

<IfModule mod_setenvif.c>
   <IfModule mod_headers.c>
     SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
     RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding

AddOutputFilterByType DEFLATE "application/atom+xml" \
                "application/javascript" \
                "application/json" \
                "application/ld+json" \
                "application/manifest+json" \
                "application/rdf+xml" \
                "application/rss+xml" \
                "application/schema+json" \
                "application/vnd.geo+json" \
                "application/vnd.ms-fontobject" \
                "application/x-font-ttf" \
                "application/x-javascript" \
                "application/x-web-app-manifest+json" \
                "application/xhtml+xml" \
                "application/xml" \
                "font/eot" \
                "font/opentype" \
                "image/bmp" \
                "image/svg+xml" \
                "image/vnd.microsoft.icon" \
                "image/x-icon" \
                "text/cache-manifest" \
                "text/css" \
                "text/html" \
                "text/javascript" \
                "text/plain" \
                "text/vcard" \
                "text/vnd.rim.location.xloc" \
                "text/vtt" \
                "text/x-component" \
                "text/x-cross-domain-policy" \
с ним PageSpeedInsight кидает значительно меньше ошибок, но всё же несколько есть.
Но в DeveloperTools заголовки не несут никакой информации о Gzip.

В глобальных нстройках Jooml'ы опция Gzip включает сам движок или по идеи он должен работать и без .htaccess?
Подскажите пожалуйста. Как подключить формат .webp через .htaccess

# @package    Joomla
# @copyright  Copyright (C) 2005 - 2018 Open Source Matters. All rights reserved.
# @license    GNU General Public License version 2 or later; see LICENSE.txt

# The line 'Options +FollowSymLinks' may cause problems with some server configurations.
# It is required for the use of mod_rewrite, but it may have already been set by your
# server administrator in a way that disallows changing it in this .htaccess file.
# If using it causes your site to produce an error, comment it out (add # to the
# beginning of the line), reload your site in your browser and test your sef urls. If
# they work, then it has been set by your server administrator and you do not need to
# set it here.

## No directory listings
<IfModule autoindex>
  IndexIgnore *

## Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -Indexes

## Mod_rewrite in use.

RewriteEngine On

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site then comment out the operations listed
# below by adding a # to the beginning of the line.
# This attempts to block the most common type of exploit `attempts` on Joomla!
# Block any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root home page
RewriteRule .* index.php [F]
## End - Rewrite rules to block out some common exploits.

## Begin - Custom redirects
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
## End - Custom redirects

# Uncomment the following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).

# RewriteBase /

## Begin - Joomla! core SEF Section.
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
## End - Joomla! core SEF Section.

<IfModule mod_expires.c>
  ExpiresActive on

# Perhaps better to whitelist expires rules? Perhaps.
  ExpiresDefault "access plus 1 month"

# cache.appcache needs re-requests in FF 3.6 (thanks Remy ~Introducing HTML5)
  ExpiresByType text/cache-manifest "access plus 0 seconds"

# Your document html
  ExpiresByType text/html "access plus 0 seconds"

# Data
  ExpiresByType text/xml "access plus 0 seconds"
  ExpiresByType application/xml "access plus 0 seconds"
  ExpiresByType application/json "access plus 0 seconds"

# Feed
  ExpiresByType application/rss+xml "access plus 1 hour"
  ExpiresByType application/atom+xml "access plus 1 hour"

# Favicon (cannot be renamed)
  ExpiresByType image/x-icon "access plus 1 week"

# Media: images, video, audio
  ExpiresByType image/gif "access plus 1 month"
  ExpiresByType image/png "access plus 1 month"
  ExpiresByType image/jpg "access plus 1 month"
  ExpiresByType image/jpeg "access plus 1 month"
  ExpiresByType video/ogg "access plus 1 month"
  ExpiresByType audio/ogg "access plus 1 month"
  ExpiresByType video/mp4 "access plus 1 month"
  ExpiresByType video/webm "access plus 1 month"

# HTC files (css3pie)
  ExpiresByType text/x-component "access plus 1 month"

# Webfonts
  ExpiresByType application/font-ttf "access plus 1 month"
  ExpiresByType font/opentype "access plus 1 month"
  ExpiresByType application/font-woff "access plus 1 month"
  ExpiresByType application/font-woff2 "access plus 1 month"
  ExpiresByType image/svg+xml "access plus 1 month"
  ExpiresByType application/vnd.ms-fontobject "access plus 1 month"

# CSS and JavaScript
  ExpiresByType text/css "access plus 1 year"
  ExpiresByType text/javascript "access plus 1 year"
  ExpiresByType application/javascript "access plus 1 year"

  <IfModule mod_headers.c>
    Header append Cache-Control "public"


<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/font
AddOutputFilterByType DEFLATE application/font-truetype
AddOutputFilterByType DEFLATE application/font-ttf
AddOutputFilterByType DEFLATE application/font-otf
AddOutputFilterByType DEFLATE application/font-opentype
AddOutputFilterByType DEFLATE application/font-woff
AddOutputFilterByType DEFLATE application/font-woff2
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/woff
AddOutputFilterByType DEFLATE font/woff2
# For Olders Browsers Which Can't Handle Compression
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html