htaccess – What’s the difference between access and access plus in ExpiresByType directive?

These two directives are the same.

The plus keyword is entirely optional. It is just syntactic sugar, to make it (arguably) more “readable”.

As stated in the Apache docs for mod_expires:

ExpiresByType type/encoding "base(plus num type) (num type) ..."

:
The plus keyword is optional.

So, include it or not – it is up to you. But, as with everything, it is important to be consistent. Include it OR don’t include it; don’t mix it.


Aside:

ExpiresByType image/jpg "access 1 year"

As I noted in my answer to your other question, you should probably be using image/jpeg here, not image/jpg.

htaccess – Point all to index.php conflict with a private directory

Here is my website structure (root):

private
public
.htaccess
index.php

The htaccess file contains:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ /index.php (L)

Having this said, all urls points to index.php

In the private folder I also have an htaccess file which contains:

Order Deny,Allow
Deny from all

The problem is that http://www.mywebsite.com/private/ throws 403 and I don’t want this. I may want to use http://www.mywebsite.com/private/ location to show something in my website.

I must mention that I don’t want to remove the htaccess file from the private folder because this is a assurance for me that nothing from this directory will be accessed.

So, I’m looking for a way to set some rules to the main htaccess file without touching the htaccess file from the private folder.

How do I do that ? Is it possible ?

htaccess – Rewrite Rule With Wildcard

This set of rules causes the nolinks.jpg image to appear if anyone tries to link directly to an image from a remote site. It is working well but sometimes, especially with the latest Firefox, the browser seems to get stuck trying and keeps going to https rather than http. How can it be made to work whether https, http? I rarely use regular expressions so not sure how to apply them here.

# Block external links
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain1.com/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain1.net/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain1.org/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain2.com/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain2.net/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?domain2.org/ (NC)
RewriteCond %{HTTP_REFERER} !^http://(.+.)?devdomain.dev/ (NC)

RewriteCond %{HTTP_REFERER} !^$
RewriteRule show_image.php http://www.domain1.com/nolinks.jpg? (R=301,QSA)

htaccess – Problem with URL path when I applied SEO friendly URL

I was working on PHP project and making SEO friendly URL Like,

OLD : http://example.com/list_product?q=men-top-wear

New : http://example.com/list_product/men-top-wear

Here is my .htaccess file:

RewriteEngine on
Options -MultiViews

RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{QUERY_STRING} ^q=(.*)$
RewriteRule ^list_product$ /list_product/%1? (R=301,L)


RewriteRule ^list_product/(.*)$ list_product.php?q=$1 (L)


RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.*?)/?$ /$1.php (NC,L)

It’s working well but my link path has been changed to: http://example.com/list_product/images/logo.png

But I need this to be:
http://example.com/images/logo.png

It adds list_product, but it’s not working. Does anyone know why this is happening?

htaccess – Understanding mod_expires apache module

Working with htaccess is a new capitol for me. I have already read about mod_expires here https://httpd.apache.org/docs/current/mod/mod_expires.htm, but I’m stil confused.

I have the next code from stack overflow:

ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access plus 2 months"

My questions are:

  1. I suppose the line ExpiresByType image/jpg "access 1 year" tells the client (browser) to download the file and keep it for one year. And when the client accesses the same page from my website, the jpg image won’t be downloaded from my website. It will be read from his computer (where the browser saved first time). After one year, the browser automatically deletes the file and, once the client access my website, it will download again, for another year. If the client cleans his browser history after 2 months, then the browser will download it again even if a year hasn’t passed. Do I miss something ?

  2. What cache availability should I set for each file type ? It depends on the file ? What should I consider when set the expiration time ?

  3. What’s the difference between "access 1 year" and "access plus 1 year" ?

  4. Does ExpiresDefault rule works for php files too ? I mean, if I have a contact.php file with some content and I modify the content of contact.php, because of ExpiresDefault rule, the content won’t change to the user ?

  5. Do search engine spiders listen for this cache rules or they download the files each time they crawling my website ?

  6. Is it true that ExpiresDefault is for the files I don’t set using ExpiresByType ? If the answer is yes, what are the other types ? What types of files are included here ?

  7. Do I understand correct that Header set Cache-Control "max-age=290304000, public" is the maximum time allowed for a file to be cached ? If the answer is yes, then means that "access 999 years" will take no effect as long 290304000 is the limit. True or false ?

Understanding htaccess cache rules – Webmasters Stack Exchange

Ok.

I’ve read a lot and I understand almost nothing.

I talk about cache, and I don’t know any cache system that is interested in keeping my files, for me, and for free. And, as I read, there are almost 5 other cache systems triggered when a user/client access let’s say www.webmasters.stackexchange.com

Ok, I know one cache. My visitor browser’s cache, which, once he accesses my website, he (the browser) may save the resources into his system (where the browser set it). The next time when the user navigates to the same page, the resources are loaded from his system and not from my website.

Further, I want to take advantage of the most important cache methods for my website. So I use some rules. The problem is that it doesn’t help me just to have them. I also want to understand them.

The code I found from stack overflow and other sites is (which I will modify further):

# Block 1 #
<ifModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access 1 year"
    ExpiresByType image/jpeg "access 1 year"
    ExpiresByType image/gif "access 1 year"
    ExpiresByType image/png "access 1 year"
    ExpiresByType text/css "access 1 month"
    ExpiresByType text/html "access 1 month"
    ExpiresByType application/pdf "access 1 month"
    ExpiresByType text/x-javascript "access 1 month"
    ExpiresByType application/x-shockwave-flash "access 1 month"
    ExpiresByType image/x-icon "access 1 year"
    ExpiresDefault "access plus 2 months"
    Header set Cache-Control "max-age=290304000, public"
</ifModule>

# Block 2 #
<IfModule mod_headers.c>
    <FilesMatch ".(js|css|xml|svg|gz)$">
        Header append Vary Accept-Encoding
    </FilesMatch>
</IfModule>

# Block 3 #
<IfModule mod_deflate.c>
    <filesMatch ".(js|css|html|php|txt|svg|otf|ttf|woff2|xml)$">
        SetOutputFilter DEFLATE
    </filesMatch>
</IfModule>

In the first block, I have some instructions but ONLY if mod_expires module is available. Anyway, inside the block 2, I also have at the last line:

    Header set Cache-Control "max-age=290304000, public"

Is it true that this line doesn’t belong to this block as instructions will be loaded only if mod_expires is available ? If mod_headers is disabled, then I will probably get a 500 error. So this line should better be in the <IfModule mod_headers.c> block. Isn’t it ?

So, the code looks now like this:

# Block 1 #
<ifModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access 1 year"
    ExpiresByType image/jpeg "access 1 year"
    ExpiresByType image/gif "access 1 year"
    ExpiresByType image/png "access 1 year"
    ExpiresByType text/css "access 1 month"
    ExpiresByType text/html "access 1 month"
    ExpiresByType application/pdf "access 1 month"
    ExpiresByType text/x-javascript "access 1 month"
    ExpiresByType application/x-shockwave-flash "access 1 month"
    ExpiresByType image/x-icon "access 1 year"
    ExpiresDefault "access plus 2 months"
</ifModule>

# Block 2 #
<IfModule mod_headers.c>
    <FilesMatch ".(js|css|xml|svg|gz)$">
        Header append Vary Accept-Encoding
    </FilesMatch>
    
    # Line from block 1 #
    Header set Cache-Control "max-age=290304000, public"
</IfModule>

# Block 3 #
<IfModule mod_deflate.c>
    <filesMatch ".(js|css|html|php|txt|svg|otf|ttf|woff2|xml)$">
        SetOutputFilter DEFLATE
    </filesMatch>
</IfModule>

I’m not interested in checking if module xyz is available. It must be. So I will remove IF conditions. If, for some reason, one module won’t be available in the future, then I’ll probably get a 500 error, which is fine for me. I want to take advantage of the cache methods for true, not if whatever. It’s something wrong here ?

So, the code looks now like this:

# Block 1 #
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access plus 2 months"

# Block 2 #
Header set Cache-Control "max-age=290304000, public"
<FilesMatch ".(js|css|xml|svg|gz)$">
    Header append Vary Accept-Encoding
</FilesMatch>

# Block 3 #
<filesMatch ".(js|css|html|php|txt|svg|otf|ttf|woff2|xml)$">
    SetOutputFilter DEFLATE
</filesMatch>

Inside block 1 I have the first line which sets “ExpiresActive on”, which is clear. I activate the module even if it is available.

Next, on second line I set ExpiresByType image/jpg “access 1 year”

Is this the cache system for the user’s browser (I talked above) ? I understand well ?

What cache availability should I set here ? It depends on the file ? I see 1 year for some files and one month for others. What should I consider when set the expiration time ?

Why:

ExpiresByType image/jpg "access 1 year"

And not:

ExpiresByType image/jpg "1 year"

What’s access keyword doing here ?

A user access my website which contains one jpg image. Next, the browser loads and save that image and keeps it for one year. After one year, the browser automatically delete this image and the next time the user access my website, the browser will save the jpg image again for another year. If the user cleans his browser cache after let’s say 2 months, the next time when the user access my website, the browser saves the image again, even if a year hasn’t passed. Do I understand ok ?

What types of files should I put here ?

I know that images, css files and javascript files are almost required. Do I need to put other files here ?

Does ExpiresDefault rule works for php files too ? I mean, if I have a contact.php file with some content and I modify the content of contact.php, because of ExpiresDefault rule, the content won’t change to the user ?

If one image file was changed, how would I force the browser to re-download the file ? I understand that the recommendation would be to set another link for that image, but let’s say I want to use the same url. The name of that image may be good for optimization and I may not want to change his name or even his directory. So, if the image was already saved to the user, how can I force a re-download ?

Now, last line of block 1 is:

ExpiresDefault "access plus 2 months"

I understand that this is the default expiration time, but for what type of files ?

In the block 2 I have now:

Header set Cache-Control "max-age=290304000, public"

Does this has something to do with block 1 ? If the answer is yes, then means that a file saved in the user’s browser won’t exceed the time set in max-age even if I set ExpiresByType image/jpg "access 999 years" ?

What files are included in Header set Cache-Control "max-age=290304000, public" ? For what types of files is this max-age cache available ?

Can someone give me an example of what are the benefits of Header append Vary Accept-Encoding rule ? And an example of what happens if I don’t use it ?

In the block 2, the Header append Vary Accept-Encoding is available only for js, css, xml, svg, gz files. There are other files should I put here ? What should I consider when I set those file types ?

Can someone explain what does SetOutputFilter DEFLATE with an example ? And what happens if I don’t use this ?

Here, almost like in block 2, the line SetOutputFilter DEFLATE is available for js, css, html, php, txt, svg, otf, ttf, woff2 and xml files. Should the php files be here ? Should I put other file types here too ?


That’s all. Please, be kind and don’t condemn my questions. I just try to understand what I’m doing…

redirecting google bots user grant with .htaccess

i want to redirect old domin to new domin only for google bots and users can open the old url and use it as normaly
. i think i should use Rewrite in .htaccess but im not sure what is the code

redirection – How to htaccess redirect homepage url to external url without affecting other internal website links

I have an archive website say here:
www.myarchivesite.com

I do not need this site, just a subfolder here
www.myarchivesite.com/useful-pages-in-here/

Is there anyway, for example htaccess, that I can redirect all requests to my homepage www.myarchivesite.com to my new site www.mynewsite.com without breaking the contents of the subfolder www.myarchivesite.com/useful-pages-in-here/

Thank you.

malware – .htaccess to stop scripts with image extensions

I use a .htaccess file in my images directory to block scripts from running. I exclude .php .cgi and so on. But some malware are disguised by naming them with an image extension. I did not previously add various image extensions fearing it could prevent images from displaying on site pages. My question is three fold.

1> would adding image extensions prevent any malware with an image extension from being executed?

2> would adding extensions to the .htaccess impact the normal loading of an image as asset into content pages?

3> Could I place limit in the /root .htaccess file to prevent running anything with image extensions as a script to protect entire site from this kind of exploit without causing issues with proper display of images? (obviously not including any actual scripts that are required to run)

example:

<Files .htaccess>
order allow,deny
deny from all
</Files>

Options -Indexes
Options -ExecCGI
AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi

## No directory listings
<IfModule autoindex>
  IndexIgnore *
</IfModule>

## Suppress mime type detection in browsers for unknown types
<IfModule mod_headers.c>
Header always set X-Content-Type-Options "nosniff"
</IfModule>

php – como configurar mi htaccess con urls amigables?

Buen Dia a Todos espero Puedan ayudarme.
tengo el siguiente htaccess:

RewriteEngine on RewriteRule ^(w+)$ index.php?action=$1

me funciona de maravilla para el redireccionamiento.

El Problema:
Cuando trato de pasar un parĂ¡metro por ejemplo <a href="www.Mihost.com/MiPaginaVarible?Valor=123></a>"
me da como error que Valor No existe, Por lo tanto como podria configurar mi htaccess para poder pasar valores de ese modo .
cualquier ayuda seria de agrado.