Friendly URL Solutions
Last edited by JP DeVries on Aug 10, 2013.
Apache mod_rewrite .htaccess Solutions for MODx
# For full documentation and other suggested options, please see # http://svn.modxcms.com/docs/display/MODx096/Friendly+URL+Solutions # including for unexpected logouts in multi-server/cloud environments Options +FollowSymlinks RewriteEngine On RewriteBase / # Fix Apache internal dummy connections from breaking [(site_url)] cache RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC] RewriteRule .* - [F,L] # Rewrite domain.com -> www.domain.com -- used with SEO Strict URLs plugin #RewriteCond %{HTTP_HOST} . #RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] #RewriteRule (.*) http://www.example.com/$1 [R=301,L] # Exclude /assets and /manager directories from rewrite rules RewriteRule ^(manager|assets) - [L] # For Friendly URLs RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] # Reduce server overhead by enabling output compression if supported. #php_flag zlib.output_compression On #php_value zlib.output_compression_level 5
For other web servers such as Zeus or lighttpd, see our General Requirements page under supported web servers.
Common Edits to the Default .htaccess File
Make sure RewriteBase points to the directory where you installed MODx. E.g., "/modx/" if your installation is in a "modx" subdirectory:
RewriteBase /modx/
Note in the last block of directives the gzip compression was left commented out since this can potentially cause issues in some environemnts. For a faster webserver experience, ucomment the last two lines as follows:
# Reduce server overhead by enabling output compression if supported. php_flag zlib.output_compression On php_value zlib.output_compression_level 5
You may also want to make your URLs non-case-sensitive by adding a NC directive to the directive in the "For Friendly URLs" part:
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA,NC]
If you prefer your website to always add the "www." part to always show "www.example.com" URLs, then the section below should be changed as follows:
RewriteCond %{HTTP_HOST} . RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] RewriteRule (.*) http://www.example.com/$1 [R=301,L]
If you're working off of virtual domains and have a preview for development or while waiting for DNS updates to occur such as accessing your site through http://10.0.0.1/~myacct, the rewrite rule should be written as follows. Don't forget to change it back when you go live.
RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /~myacct/index.php?q=$1 [L,QSA]
Manager Protection
If you would like to limit the manager to being accessed by only a specific IP address, but need access to some things on the public site like the captcha, use the following. Make sure this goes inside the Manager directory:
# Allow manager access to specific IPs only Options +FollowSymlinks RewriteEngine On # Deny by IP. The IP address(es) listed will get through. RewriteCond %{REMOTE_ADDR} !^(192\.168\.0\.128)$ RewriteCond %{REQUEST_FILENAME} !/includes/veriword\.php$ RewriteRule ^(.*)$ ../index.php?q=$1 [L,QSA]
Session Handling
If you are deployed in an environment that has problems with aggressive garbage collection, as evidenced by unexpected and frequent logouts from the manager, then you can adjust the location of the sessions to remove them from the default and shared global tmp/session location:
php_value session.save_path /path/to/your/web/content/sessions/ php_value session.gc_maxlifetime 28800
CSS or JS files as MODx documents
By default, MODx Evolution's htaccess template file excludes the /assets and /manager directories from rewrite rules. If you are using a MODx document as a CSS file, you'll need to adjust the one line to allow rewrites in the /assets directory if that's where you store your CSS file.
RewriteRule ^(manager|assets) - [L]
Would become
RewriteRule ^manager - [L]
If you still wish to maintain some subdirectories in the exclusions, you could disable /assets/images and /assets/snippets for example with the following rule:
RewriteRule ^(manager|assets/images|assets/snippets) - [L]
Timezone
Some servers do not have their timezone settings set, which can cause issues. You can try the following setting with full details of timezone definitions available at http://php.net/manual/en/timezones.php
php_value date.timezone Europe/Moscow
or
SetEnv TZ America/Chicago
Default Character Sets
Really, you should fix your code and database to handle character sets properly. But, if you insist, please see http://httpd.apache.org/docs/2.0/mod/core.html#adddefaultcharset and you might consider using:
AddDefaultCharset utf-8
Register Globals
If your server has register_globals enabled (and it's not possible to disable), run as fast as possible to a new webhost. Seriously.
Your site is almost 99.99999% absolutely destined to be hacked at some point by script kiddies with register_globals on, ESPECIALLY in shared hosting environemnts. This is an inherrent security risk, equivalent to letting a baby play with a loaded gun and hoping they don't pull the trigger. If you're paying under $15/month, you're on a shared host. For more information: http://php.net/register_globals
To verify that this option has been set to OFF, open the Manager and choose Reports -> System Info and then click the phpinfo() link. Do a Find on Page for "register_globals". The Local Value should be OFF. If the Master Value is OFF then you do not need this directive here.
IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS:
Your server does not allow PHP directives to be set via .htaccess. In that case you must make this change in your php.ini file instead. If you are using a commercial web host, contact the administrators for assistance in doing this. Not all servers allow local php.ini files, and they should include all PHP configurations (not just this one), or you will effectively reset everything to PHP defaults. Consult www.php.net for more detailed information about setting PHP directives.
# Turn off register_globals because I have a lazy webhost that doesn't care about security php_flag register_globals Off
Solving Internet Explorer Woes
If htc files are being used on your site, some servers may serve this with the incorrect mime type. The following can be added to resolve this. The following is critical for MS Windows XP SP2 surfers:
# Fix .htc mime type for Internet Explorer AddType text/x-component .htc
The following directives stop screen flicker in IE on CSS rollovers. When they're in place, you may have to do a force-refresh in order to see changes in your designs.
# Fix screen flicker for images in Internet Explorer ExpiresActive On ExpiresByType image/gif A2592000 ExpiresByType image/jpeg A2592000 ExpiresByType image/png A2592000 BrowserMatch "MSIE" brokenvary=1 BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1 BrowserMatch "Opera" !brokenvary SetEnvIf brokenvary 1 force-no-vary
Suggest an edit to this page on GitHub (Requires GitHub account. Opens a new window/tab).