The .htaccess file is the most important file for having great, clean, and keyword-rich URLs. It is also a beast that can mess up your web site, making it totally inaccessible for every visitor who wants to move through your site clicking on a link from the front page and every link ends up telling them, "404 page not found".
The best part is that you might need to change it for every installation you do, even sometimes with the same hosting provider. Unfortunately, there are also some hosting providers that don't allow you to have your own .htaccess file because of its potential security risk.
If you have a hosting package that uses IIS (Internet Information Services) or even Apache on Windows, you will see that you will not be able to use the .htaccess file and you should use another option such as sh404SEF, which is discussed in Chapter 6.
There are some basic rules in the .htaccess file for Joomla! that should always be in place:
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
These lines make sure that your URL rewrite function is working if you renamed the file from htaccess.txt to .htaccess. Next, the SEO Settings in your Joomla! should be set to active.
Test these settings first and get them to work before you install and configure any SEF component.
As easy as it sounds to get the basic SEO Settings to work, it can be a challenge to get everything working the way you want it to. Every hosting provider has its own security settings that will affect the way the .htaccess file should be configured. You could even find that with the same provider, each new server needs different .htaccess file content.
The good thing is that once you've got the configuration right, you don't have to look at it again (unless your hosting provider changes some settings). One thing to remember is that you need to set the permissions for that file to 644 as it is a real threat to your site to leave the file world writable.
Some providers will not permit you to use your own .htaccess file because of this possible threat. In that case you can switch providers or just try to work with sh404SEF to overcome this limitation.
In the Joomla! .htaccess file there are some lines to prevent certain possible hacker attacks. Leave those lines in place as they are active by default.
Looking at .htaccess configurations, there are usually a number of settings that can possibly hold you back in getting the URL rewrites to work. These setting are commented in the basic Joomla! htaccess.txt file, but somehow people don't really see what they need to do to get it right.
The first problem is the fact that the server is not set to use FollowSymLinks—one of the best options for fast file linking on a *Nix server.
This is the first option to comment, if you get 500 or 404 errors. Locate the following line in your .htaccess file:
Options +FollowSymLinks
And change it to the following:
# Options +FollowSymLinks
Save the file, upload it, and try again. The other option is the base for the rewrite action:
# RewriteBase /
If you have your Joomla! installation done in a subdirectory, you need to activate and change this setting to the following:
RewriteBase /subdirname
Your .htaccess file should always be in the root of your domain. If you don't have your site in a subdirectory, you might still need to activate this setting and change it to the following:
RewriteBase /
As I stated before, you need to do some testing to find the settings that work for your site. The above mentioned problems combined will give you several possible settings to figure out and test. These settings will be the cause of 80 to 90 percent of all problems in getting your .htaccess file to work.
Here are some extras that you might want to try once your basic .htaccess is working. First up, you can remove the /index.php and /home.html, by adding the following code at the end of your .htaccess file.
The last lines are there to make sure that your site is redirected from http://example.com to www.example.com.
If you want to use this, change the highlighted www.example.com references to reflect your own domain name.
# index.php redirect
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteRule ^index\.php$ http://www.example.com/ [R=301,L]
# Homepage redirect
Redirect 301 /home.html http://www.example.com
# Redirect non-www to www version
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
If you change your old URLs, you might encounter some problems with them and you need to redirect the old URLs that are still in the search engines to your new URLs. A code 301 will tell the Search Engine Robots that this URL is permanently changed and is now located at the new URL.
If you use an SEF component and change from Non-SEF URLs to SEF URLs, the SEF component will do this 301 redirect stuff for you. Otherwise you need to set some 301 redirect rules in your .htaccess file.
A basic 301 redirect rule will look like this:
Redirect 301 /blog/example-article.html http://www.example.com/example-article.html
Make sure to accommodate the above rule in one line in your .htaccess file. The build up is as follows:
First you set the 301 redirect—the command needed to tell the robots what is moved.
The
/blog/example-article.htmlneeds to be a part of the URL after the main domain name, so in this case,http://www.example.com/blog/example-article.html.The last part is the "full URL" where the article has moved to. You cannot use a relative link for this part, you need to state the full URL.
In the following pages you will find some examples of real .htaccess files, so that you can see how they were built for specific situations.
First, here is the standard Joomla! htaccess.txt for reference:
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
## Can be commented out if causes errors, see notes above.
#Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root)
# RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
The following example has FollowSymLinks set to Off and most comments removed:
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
## Can be commented out if causes errors, see notes above.
# Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
# Update Your Joomla! Directory (just / for root)
# RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
The following example has FollowSymLinks set to Off and Rewritebase On.
If you have your site in a subdirectory such as /Joomla or /website, you need to place that after the Rewritebase /, for example, Rewritebase /website.
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
## Can be commented out if causes errors, see notes above.
# Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
# Update Your Joomla! Directory (just / for root)
RewriteBase /
########## Begin - Joomla! core SEF Section
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
#
########## End - Joomla! core SEF Section
The following is an example of the basic sh404SEF component's .htaccess file, where you will need to check if you need FollowSymLinks set to Off and Rewritebase On:
##
# @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $
# @package Joomla
# @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##
## Can be commented out if causes errors, see notes above.
# Options +FollowSymLinks
#
# mod_rewrite in use
RewriteEngine On
########## Begin - Rewrite rules to block out some common exploits
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
# Update Your Joomla! Directory (just / for root)
RewriteBase /
########## Begin - 3rd Party SEF Section
############# Use this section if you are using a 3rd party (Non
Joomla! core) SEF extension - e.g. OpenSEF, 404_SEF, 404SEFx, SEF
Advance, etc
#
RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional
- see notes##
RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php
#
########## End - 3rd Party SEF Section