Apache2 rewrite without htaccess
Reading up on doing url rewrites in Apache2, I found this:
"In general, you should never use .htaccess files unless you don't have access to the main server configuration file.
Okay, great. But there is no information anywhere about how to do it in the server configuration file. So before I mess stuff up, can I safely use the same rewrite directives, like
<IfModule mod_rewrite.c> Options +FollowSymLinks RewriteEngine On RewriteCond %{SCRIPT_FILENAME} !-d RewriteCond %{SCRIPT_FILENAME} !-f RewriteRule ^test/(\w+)$ test.php?n=$1 [L]
</IfModule>in /etc/apache2/apache2.conf? /etc/apache2/httpd.conf is blank, but I suppose I could do it there too?
Another question, should the rewrite rule paths be prefixed with /var/www/ or can I do it relative to the site root? Thanks.
1 Answer
I don't necessarily agree with their reasons for claiming you should avoid .htaccess files. Their reasons are:
Reason 1 is performance - Apache needs to scan directories and read and parse the .htaccess files at run time. This isn't a huge burden and caches well.
Reason 2 is security. You're allowing users to modify Apache's configuration. But they're only modifying its local configuration for that particular directory, and it's possible to specify in Apache's global configuration which directives they are and aren't allowed to modify. Plus, if users having access to edit .htaccess files is a security problem for you, then surely also allowing the same users to use .php files is an even bigger security problem.
There's still some benefits to using .htaccess. It's somewhat of a de facto standard now so much so that you can pretty much depend on being able to use it on shared hosting, and many web application software packages make use of them in their own software. And it means that local Apache configuration is kept with the application it's configuring which might be good for backups, version control etc.
Anyway, whether you want to heed this advice is up to you.
If you do want to move to using Apache's global configuration, you can do as in your example.
However, the global apache2.conf file can be somewhat of a mess, and it was installed by the Apache2 package itself. For a more portable solution, put your rules into individual config files:
Apache2 reads all config files in
/etc/apache2/conf.d/. This can be good for any general configuration directives you want to add that don't relate to any particular virtual host. Just add a new file there and put config into it.Apache2 stores config files for each virtual host in
/etc/apache2/sites-available/. That is a suggested place for putting in configuration for each virtual host, in separate files. Then, enable and disable these virtual hosts witha2ensiteanda2dissite.Assuming that these configuration directives apply specifically apply to a certain virtual host I'd choose the latter - put it in where-ever you've put the configuration for that virtual host (which I'd recommend placing in
/etc/apache2/sites-available/.
More in general
"Zoraya ter Beek, age 29, just died by assisted suicide in the Netherlands. She was physically healthy, but psychologically depressed. It's an abomination that an entire society would actively facilitate, even encourage, someone ending their own life because they had no hope. Th…"
