A Micro Micro CMS

The .htaccess file

For Apache web server only. Has no effect on Microsoft-IIS (Windows) or NGINX servers.

The .htaccess file is located in the root folder and performs various useful functions, some related to performance, some to security, some to cleaner urls. That is why Apache web server is recommended for superMicro CMS. The system will still operate without .htaccess but without those benefits. Most shared web hosting packages use Apache.

An .htaccess file is installed with superMicro CMS whether the server is Apache or not. If not, the file will simply have no effect.


Default .htaccess file

From 26th August 2020

Lines shown in green beginning with a # hash symbol are 'commented out' and have no effect. If required they can be removed altogether. The active lines are only those not beginning with a # hash symbol (not in green).

# BEGIN superMicro CMS
<IfModule mod_rewrite.c>
  RewriteEngine on
# Forbid direct viewing of txt files in pages folder
  RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\ (.*)/pages/(.*)\.txt [NC]
  RewriteRule ^ "-" [F]
# Rewrite non php URLs to php on server
# php URLs still usable
#     is not a directory
  RewriteCond %{REQUEST_FILENAME} !-d
#     is a php file
  RewriteCond %{REQUEST_FILENAME}\.php -f
# Internally rewrite to actual php file
  RewriteRule ^(.*)$ $1.php
# If not found, relative path to error 404 file
#     is not an actual file or directory
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule .* inc/404.php [L]
</IfModule>
# END superMicro CMS

Aside from performance and security, the main difference between an installation with a functioning .htaccess file and one without is that the addresses of public pages do not need the .php file extension at the end.

Web pages addresses can then be either of:

https://example.com/page
https://example.com/page.php

Internal links can be either of:

<a href="./page">page</a>
<a href="./page.php">page</a>

Addresses without .php at the end look better but a website with links that do not have the extension will not be transferable to a Windows or NGINX server without changing all the internal links to add the extension. This is an unlikely eventuality but is worth bearing in mind.


Extended .htaccess file

Version 3.3 of superMicro CMS has an additional admin page that allows an extended .htaccess file to be created by pressing a button.

Example:

# BEGIN superMicro CMS
<IfModule mod_rewrite.c>
  RewriteEngine on

# EXTERNAL REDIRECTS

# Remove index php root only
  RewriteCond %{REQUEST_URI} !(admin|diagnostics|visits) [NC]
  RewriteRule ^index\.php$ https://domain.com/ [R=301,L]

# Remove php extensions root only
  RewriteCond %{REQUEST_URI} !(admin|diagnostics|visits) [NC]
  RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\ (.*)\.php [NC]
  RewriteRule ^(.+)\.php$ https://domain.com/$1 [R=301,L]

# Hostname canonicalization redirect 1 not www
  RewriteCond %{HTTP_HOST} ^www\. [NC]
  RewriteRule (.*) https://domain.com/$1 [R=301,L]

# Hostname canonicalization redirect 2
  RewriteCond %{HTTPS} !on
  RewriteRule (.*) https://domain.com/$1 [R=301,L]

# FACEBOOK QUERY STRING

# Redirect Facebook query string to non-query string
  RewriteCond %{QUERY_STRING} ^(.*)(?:^|&)fbclid=(?:[^&]*)((?:&|$).*)$ [NC]
  RewriteCond %1%2 (^|&)([^&].*|$)
  RewriteRule ^(.*) /$1?%2 [R=301,L]

# INTERNAL REWRITES

# Forbid direct viewing txt files in pages folder
  RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\ (.*)/pages/(.*)\.txt [NC]
  RewriteRule ^ "-" [F]

# Rewrite non php URLs to php on server
  #RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME}\.php -f
  RewriteRule ^(.*)$ $1.php [L]

# If not found then relative path to error 404 file
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule .* inc/404.php [L]

</IfModule>
# END superMicro CMS

The rules are enclosed by BEGIN and END comments as follows:

# BEGIN superMicro CMS
  rules
# END superMicro CMS

Additional custom rules can be written above and below the comments and will not be touched whenever an updated .htaccess file is created in admin, only the rules between the comments.

The additional rules in the extended version are 'external' redirects and are configued by admin according to the site domain, whether it's secured by https (not insecure http), or is www or not, or the cms is in a sub-directory, and includes the name of the admin folder. They will be different for each website.

If you edit the .htaccess file manually, make sure not to remove the BEGIN and END comments. If you do, the file can't be updated in admin. The root folder of the cms contains a file named htaccess.txt which contains the default rules for .htaccess (they are also in this page – top).

Page last modified: 17 September, 2020