Issue 4312049: Joomla master .htaccess - differences 2.3.a - 2.4.1
|
Created:
13 years, 1 month ago by g1smd Modified:
13 years, 1 month ago Reviewers:
nikosdion Base URL:
http://joomla-master-htaccess.googlecode.com/svn/trunk/ Visibility:
Public. |
DescriptionBased on the version 2.3 code originally found at: http://snipt.net/nikosdion/the-master-htaccess/ and now listed at: http://code.google.com/p/joomla-master-htaccess/source/browse/trunk/joomla-master-htaccess.txt?spec=svn2&r=2
The original file contains a number of syntax errors, several rules that can never work, and a number of expressions that can be more efficiently coded.
Bugs and enhancements originally discussed at: http://forum.joomla.org/viewtopic.php?f=432&t=549841
Discussion also at: http://snipt.net/nikosdion/the-master-htaccess/
The new proposed file: http://snipt.net/g1smd/joomla-master-htaccess-file-proposed-v24-2011-03-24/ or at: http://code.google.com/p/joomla-master-htaccess/source/browse/trunk/joomla-master-htaccess.txt?spec=svn4&r=4
NOTE: this is not now the latest version of the file.
Continued in: http://codereview.appspot.com/4290071/
Patch Set 1 #
Total comments: 93
MessagesTotal messages: 2
http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt File joomla-master-htaccess.txt (left): http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldcode4 joomla-master-htaccess.txt:4: ## Version 2.2 - November 18th, 2010 Ver 2.2 here but noted as 2.3 further down. Assume 2.3 is correct. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:103: # Image files expiration: 1 year after request There are diminishing returns after only a few days. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:171: Redirect 301 /mail http://mail.google.com/a/domain.com Execution order not guaranteed if Redirect and RewriteRule are mixed in the same .htaccess file. Use RewriteRule for all rules. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:176: RewriteCond %{THE_REQUEST} ^.*/index\.php$ This rule can never work. Pattern will never match "GET /index.php HTTP/1.1" request. Leading .* also forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:177: RewriteRule ^index\.php$ http://www.domain.com/ [R,L] Returns 302 status. 301 required. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:181: RewriteCond %{HTTP_HOST} !^www\. [NC] Domain canonicalisation fails for www.example.com:80 requests. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:182: RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R,L] Returns 302 status. 301 required. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:187: #RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] Domain canonicalisation fails for example.com:80 requests. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:188: #RewriteRule ^(.*)$ http://%1/$1 [R,L] Returns 302 status. 301 required. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:196: RewriteCond %{HTTP_HOST} ^olddomain.com [NC] Literal periods in patterns should be escaped. Redirects olddomain.com but not www.olddomain.com here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:197: RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R] Returns 302 status. 301 required. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:203: RewriteCond %{HTTPS} ^off$ [NC] HTTPS variable isn't available on all servers. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:207: RewriteRule ^foobar\.html$ https://www.domain.com/foobar.html [L,R] Returns 302 status. 301 required. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:216: RewriteCond %{QUERY_STRING} proc\/self\/environ [OR] Slashes should not be escaped. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:220: RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] The .* forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:222: RewriteCond %{QUERY_STRING} base64_decode.*\(.*\) [OR] The .* forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:224: RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] The .* forces multiple backoff and retry attempts. The < and > should not be escaped. Escaping causes 500 error in some servers. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:230: RewriteRule ^(.*)$ index.php [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:236: RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]\=http:\/\/(.*) [a-zA-Z] simplifies to [a-z] when used with [NC] flag. Parses 33% faster. Escaping not needed on "equals" or "slashes". No need to create backreference that isn't going to be used. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:237: RewriteRule ^(.*)$ - [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:246: RewriteRule ^(components/com_uddeim/captcha15\.php)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:248: RewriteRule ^(plugins/system/GoogleGears/gears-manifest\.php) $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:250: RewriteRule ^(plugins/content/jw_allvideos/includes/jw_allvideos_scripts\.php) $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:252: RewriteRule ^(administrator/components/com_admintools/restore\.php) $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:254: RewriteRule ^(administrator/components/com_akeeba/restore\.php) $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:260: RewriteCond %{REQUEST_FILENAME} !(\.php)$ Don't run the very slow and inefficient file-system read for all requests. Do it only for those not ending in ".php" by swapping rule order. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:261: RewriteRule ^(components/com_agora/img/members/.*) $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:266: #RewriteRule ^(cache/.*)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:268: #RewriteRule ^(tmp/.*)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:282: RewriteRule ^(images/stories/*\.(jpe[g,2]?|jpg|png|gif|bmp|css|js|swf|ico|htm[l]?))$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. The .* forces multiple backoff and retry attempts. "jpe[g,2]?|jpg" matches "jpeg" "jpe," "jpe2" "jpe" "jpg". Assume "jp," match is an error. No need for "character group" syntax when there is only one character. "htm[l]?" simplifies to "html?" here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:283: RewriteCond %{REQUEST_FILENAME} -f Don't run the very slow and inefficient file-system read for all requests. Do it only if the REFERER test has already returned true, by swapping the rule order. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:284: RewriteCond %{HTTP_REFERER} !^http://www\.domain\.com [NC] Rule fails if REFERER is HTTPS version of own site or is blank. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:285: RewriteRule \.(jpe[g,2]?|jpg|png|gif|bmp|css|js|swf|ico|htm[l]?)$ - [F,L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. "jpe[g,2]?|jpg" matches "jpeg" "jpe," "jpe2" "jpe" "jpg". Assume "jp," match (j p comma) is an error. No need for "character group" syntax when there is only one character. "htm[l]?" simplifies to "html?" here. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:293: RewriteRule ^(.*)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:297: RewriteRule ^(.*)$ - [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:302: RewriteCond %{QUERY_STRING} =PHP[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12} [NC] Leading "=" says the following is LITERAL, not a pattern. Rule fails. Characters are hexadecimal so [0-9a-f] is all that is needed. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:303: RewriteRule ^(.*)$ - [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:307: RewriteRule ^(administrator[/]?)$ administrator/index.php [L] No need to create backreference that isn't going to be used. No need for "character group" syntax when there is only one character. "[/]?" simplifies to "/?" here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:308: RewriteRule ^(administrator/index.htm[l]?)$ $1 [L] Literal periods in patterns must be escaped. No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. No need for "character group" syntax when there is only one character. "htm[l]?" simplifies to "html?" here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:309: RewriteRule ^(administrator/index.php)$ $1 [L] Literal periods in patterns must be escaped. The php and html lines can be combined php|html? and the local OR parses faster. No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:310: RewriteRule ^(administrator/index[2,3].php)$ $1 [L] Literal periods in patterns must be escaped. No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. "index[2,3].php" matches "index2.php" "index,.php" "index3.php". Assume "index,.php" match (index comma period php) is an error. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:311: RewriteRule ^(administrator/(components|modules|templates|images|plugins)/.*\.(jpe[g,2]?|jpg|png|gif|bmp|css|js|swf|htm[l]?))$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. The .* forces multiple backoff and retry attempts. "jpe[g,2]?|jpg" matches "jpeg" "jpe," "jpe2" "jpe" "jpg". Assume "jp," match (j p comma) is an error. No need for "character group" syntax when there is only one character. "htm[l]?" simplifies to "html?" here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:312: RewriteRule ^administrator/(.*)$ - [F,L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:315: RewriteRule ^(xmlrpc/index\.php)$ $1 [L] "-" instead of "$1" is faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:316: RewriteRule ^xmlrpc/(.*)$ - [F,L] No need to create backreference that isn't going to be used. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:319: RewriteRule ^(includes/js/.*)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:320: RewriteRule ^(cache|includes|language|libraries|logs|tmp)/.*$ - [F,L] Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:323: RewriteRule ^((components|modules|plugins|templates)/.*\.(jp[g,2,eg]?|png|gif|bmp|css|js|swf|ico|htm[l]?))$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. The .* forces multiple backoff and retry attempts. "jp[g,2,eg]?" matches "jp" "jpg" "jp," "jp2" "jpe" "jpg". Assume "jp," match (j p comma) is an error. No need for "character group" syntax when there is only one character. "htm[l]?" simplifies to "html?" here. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:324: RewriteRule ^((components|modules|plugins|templates)/.*index\.php(.*))$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. The .* forces multiple backoff and retry attempts. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:325: RewriteRule ^(templates/.*\.php)$ $1 [L] No need to create backreference that isn't going to be used. "-" instead of "$1" is faster. The .* forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:326: RewriteRule ^(components|modules|plugins|templates)/.*$ - [F,L] Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. No need for that when the "-" do nothing substitution is used instead. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:329: RewriteRule ^(htaccess\.txt|configuration\.php-dist)$ - [F,L] [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:334: RewriteCond %{QUERY_STRING} concat.*\( [NC,OR] The .* forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:335: RewriteCond %{QUERY_STRING} union.*select.*\( [NC,OR] The .* forces multiple backoff and retry attempts. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:336: RewriteCond %{QUERY_STRING} union.*all.*select.* [NC] The .* forces multiple backoff and retry attempts. Trailing .* patterns which match "anything, everything or nothing" but which are not captured as backreferences are just wasting processor cycles. Trailing .* forces pattern matching to read whole URL path after the leading characters have matched. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:337: RewriteRule ^(.*)$ - [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:343: RewriteCond %{query_string} \bviagra\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:344: RewriteCond %{query_string} \bambien\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:345: RewriteCond %{query_string} \bblue\spill\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:346: RewriteCond %{query_string} \bcialis\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:347: RewriteCond %{query_string} \bcocaine\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:348: RewriteCond %{query_string} \bejaculation\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:350: RewriteCond %{query_string} \berections\b [NC,OR] %{QUERY_STRING} not %{query_string} http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:369: RewriteRule ^(.*)$ - [F,L] No need to create backreference that isn't going to be used. [F] implies [L]. Omit [L]. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:376: RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|\.ini|\.zip|\.json|/[^.]*)$ [NC] Why "find" the period nine times when you can find it once and then parse from there? Pattern matches "/" in two places. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt File joomla-master-htaccess.txt (right): http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:11: ## example.com and example\.com should be replaced with your real domain name. example.com as per RFC 2606. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:106: # Image files expiration: 1 month after request One month is way more than enough. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:170: # The server needs to be compiled with mod_deflate otherwise it will send HTTP 500 Error. Helpful note as several people reported 500 error but did not know why. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:182: RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html?\ HTTP/ Matches "GET /index.html HTTP/1.1" in one pass, but also matches at any level of folders. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:188: RewriteCond %{THE_REQUEST} !^POST POST should not be redirected, so stops this redirect for POST. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:189: RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.php\ HTTP/ Matches "GET /index.php HTTP/1.1" in one pass. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:190: RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$ Preserves HTTP/HTTPS from original request in the redirect. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:191: RewriteRule ^(([^/]+/)*)index\.php$ http%2://www.example.com/$1 [R=301,L] Redirects in folders and in root. Avoids Duplicate Content issues. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:196: RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$ If not EXACTLY www.example.com then redirect to www.example.com http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:202: #RewriteCond %{HTTP_HOST} !^(example\.com)?$ If not EXACTLY example.com then redirect to example.com http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:211: RewriteCond %{HTTP_HOST} ^(www\.)?olddomain\.com [NC] Redirect both www and non-www for olddomain requests. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:212: RewriteRule ^(([^/]+/)*)index\.(php|html?) http://www.example.com/$1 [R=301,L] Canonicalisation for index requests made to old domain. Avoids unwanted redirection chain for index requests. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:213: RewriteCond %{HTTP_HOST} ^(www\.)?olddomain\.com [NC] Redirect both www and non-www for olddomain requests. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:221: RewriteCond %{SERVER_PORT} !^443$ SERVER_PORT is a more reliable test. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:297: ## the dots with \. i.e. use www\.example\.com for www.example.com visual clarity for \. characters. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:300: RewriteCond %{HTTP_REFERER} !^https?://(www\.)?example\.com [NC] Cater for http and https. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:301: RewriteCond %{REQUEST_FILENAME} -f Expensive file system read is the last condition, runs only if all other conditions are true. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:331: RewriteRule ^xmlrpc/(index\.php)?$ - [L] Allow "/xmlrec/" index page and named "/xmlrpc/index.php" only. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:346: RewriteRule ^(htaccess\.txt|configuration\.php(-dist)?|php\.ini)$ - [F] Match both configuration.php and configuration.php-dist http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:360: ## This code uses PCRE and works only with Apache 2.x. Useful note. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:365: RewriteCond %{QUERY_STRING} \b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b [NC] Local OR parses faster. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:367: RewriteRule .* - [F] .* instead of (.*) http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:379: RewriteCond %{REQUEST_URI} (/[^.]*|\.(php|html?|feed|pdf|raw|ini|zip|json))$ [NC] Find root or extensionless. If it fails then find period and check the extension.
Sign in to reply to this message.
http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt File joomla-master-htaccess.txt (left): http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:282: RewriteRule ^(images/stories/*\.(jpe[g,2]?|jpg|png|gif|bmp|css|js|swf|ico|htm[l]?))$ $1 [L] The pattern "/stories/*\.(jpe" matches only when there is no filename for the image and either none, one or multiple slashes after "stories". That is, the URL example.com/images/stories///////////////////.jpg DOES match this rule, but example.com/images/stories/imagename.jpg does NOT. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:315: RewriteRule ^(xmlrpc/index\.php)$ $1 [L] Comment says "allow plain xmlrpc/ directory" but code does not do that. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:365: RewriteCond %{query_string} \bviagra\b [NC,OR] Duplicate entry. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#oldco... joomla-master-htaccess.txt:375: RewriteCond %{REQUEST_URI} !^/index.php Literal periods in patterns must be escaped. http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt File joomla-master-htaccess.txt (right): http://codereview.appspot.com/4312049/diff/1/joomla-master-htaccess.txt#newco... joomla-master-htaccess.txt:331: RewriteRule ^xmlrpc/(index\.php)?$ - [L] Code changed to now do what comment says it should do.
Sign in to reply to this message.
|
||||||||||||||||||||||||||
