Home > Back-end >  .htaccess /<dir>/index.php -> /<dir>/, despite /.htaccess
.htaccess /<dir>/index.php -> /<dir>/, despite /.htaccess

Time:05-17

Remove indx.php from URL; always redirect ??/ from ??/index.php

...including subdirectories, which may have their own .htaccess and index.php.

I'm using Apache with .htaccess.

I have a webapp with index.php in a subdirectory of the domain, say here:

example.tld/somedir/

But, it could be installed to any directory, such as these...

example.tld/anotherdir/
sub.domain.tld/
another.tld/
  • Each has its own index.php and its own .htaccess, for our purposes
  • On example.tld/somedir/: example.tld/, sub.example.tld/, et cetera also have their separate index.php and .htaccess, for their separate purposes
  • I need this to still work if placed in a subdir example.tld/dir/ of a WordPress or October or SuitCRM installation at example.tld/.

Always hide index.php via .htaccess

I want to make sure that:

  1. All above four / (root) addresses link to index.php in whatever same directory.
  2. index.php always redirects to / (root)
  3. Examples
example.tld/anotherdir/index.php   -> example.tld/anotherdir/
sub.domain.tld/index.php           -> sub.domain.tld/
another.tld/index.php              -> another.tld/

I need something like this

RewriteRule ^.*$ /{$PWD}/index.php [L,QSA]

...and any Rewrite statements that must precede it.


These Questions do not provide an answer:

CodePudding user response:

To serve index.php from the requested directory you use mod_dir's DirectoryIndex directive (which is probably already set in the server config, although defaults to index.html only) - you do not need mod_rewrite for this. For example:

# Serve "index.php" from the requested directory
DirectoryIndex index.php

This instructs Apache to serve index.php from whatever directory is requested. eg. Request /foo/bar/ then /foo/bar/index.php is served via an internal subrequest (no redirect). If index.php is not present in that directory you'll get a 403 Forbidden response (assuming directory listings - as generated by mod_autoindex - are disabled).

To remove index.php from any URL that is requested directly you can use mod_rewrite. For example:

RewriteEngine On

# Remove "index.php" from any URL and redirect back to the "directory"
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^(. /)?index\.php(/|$) /$1 [R=301,L]

The above will redirect as follows, preserving the requested protocol and hostname:

  • /index.php to /
  • /foo/index.php to /foo/
  • /foo/bar/index.php to /foo/bar/
  • /fooindex.php - NO REDIRECT (404 expected)
  • /foo/index.php/bar (containing path-info) to /foo/ (path-info removed)
  • /foo/index.phpbar - NO REDIRECT (404 expected)

The (optional) capturing group (.*/)? contains the part of the URL-path before index.php. This is then available in the substitution string using the $1 backreference. In the case when /index.php is requested in the document root, this is empty. When a subdirectory is present then this contains a string of the form subdir/, including the trailing slash.

If you have no other directives in your .htaccess file then you don't strictly need the condition that checks against the REDIRECT_STATUS environment variable. This condition ensures that only direct requests are redirected in the case when you have a front-controller pattern later in the file that might rewrite requests to index.php.

If you do have other directives in the file then the order can be important. This rule that removes index.php via an external redirect must go before any existing rewrites, near the top of the file.

Note that this removes index.php from the URL regardless of whether the requested URL actually maps to a real file or whether the preceding URL-path even exists as a physical directory. So, /<something>/index.php is redirected to /<something>/ regardless of whether /<something>/ is a physical directory or not. This check can be implemented at the cost of an additional filesystem check - but it's probably not required.

NB: Test first with a 302 (temporary) redirect to avoid potential caching issues. Only change to a 301 (permanent) redirect once you have tested that it works as intended.


UPDATE#1:

These Questions do not provide an answer:

Actually, the first question you've linked to does answer your question, with regards to removing index.php from the requested URL. It does address subdirectories and would redirect example.tld/dir/index.php to example.tld/dir/ (not example.tld/ as you've stated).

The part of the question that discusses subdomains is a bit misleading as it doesn't really have anything to do with subdomains specifically.

The solution presented in the linked question basically does the same sort of thing as I've done above, except that it arguably matches too much (and not enough). It would incorrectly/unnecessarily redirect /fooindex.php to /foo (no trailing slash) and would fail to redirect URLs that contained path-info (which could be malicious). eg. /foo/index.php/bar would fail to redirect but still serve the contents of /foo/index.php (unless AcceptPathInfo had been disabled). Although whether these "errors" would actually cause an issue in your case is another matter.


UPDATE#2:

I have the code exactly in the directory for example.tld/dir

The code above assumes the .htaccess file is located in the document root. If the .htaccess file is located in the directory of where the app is installed then you would need to modify the above like so:

# Remove "index.php" from any URL and redirect back to the "directory"
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteCond %{REQUEST_URI} ^/(. /)?index\.php
RewriteRule (^|/)index\.php(/|$) /%1 [R=301,L]

The %1 backreference (as opposed to $1) refers to the captured group in the preceding CondPattern. This naturally includes the full URL-path, so avoids having to hardcode the directory in which the .htaccess file is located.

This applies to the directory that contains the .htaccess file and any subdirectories thereof. Note that, by default, this completely overrides any mod_rewrite directives that might be present in the parent .htaccess file (mod_rewrite directives are not inherited by default).

...including subdirectories, which may have their own .htaccess and index.php.

If additional sub-subdirectories have their own .htaccess file then this may or may not work depending on the directives used in these sub-subdirectory .htaccess files and/or how mod_rewrite inheritance is configured.

mod_rewrite directives do not inherit by default. So, if the .htaccess file in the sub-subdirectory enables the rewrite engine then the above mod_rewrite directives in the parent directory will be completely overridden (they are not even processed).

If, on the other hand, the .htaccess file in the sub-subdirectory uses directives from other modules then this may not be an issue.

  • Related