... h1. Apache mod_rewrite .htaccess Solutions for MODx
{toc}MODx supports Friendly URLs via this .htaccess file. You must serve web pages via Apache with mod_rewrite to use this functionality, and you must change the file name from ht.access to .htaccess. Additional tweaks and environment specific additions follow the default template below:
{code}# For full documentation and other suggested options, please see
# http://svn.modxcms.com/docs/display/MODx096/Friendly+URL+Solutions
# including for unexpected logouts in multi-server/cloud environments
Options +FollowSymlinks
RewriteEngine On
RewriteBase /
# Fix Apache internal dummy connections from breaking [(site_url)] cache
RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC]
RewriteRule .* - [F,L]
# Rewrite domain.com -> www.domain.com -- used with SEO Strict URLs plugin
#RewriteCond %{HTTP_HOST} .
#RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
#RewriteRule (.*) http://www.example.com/$1 [R=301,L]
# Exclude /assets and /manager directories from rewrite rules
RewriteRule ^(manager|assets) - [L]
# For Friendly URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
# Reduce server overhead by enabling output compression if supported.
#php_flag zlib.output_compression On
#php_value zlib.output_compression_level 5
{code}
|
... Make sure RewriteBase points to the directory where you installed MODx. E.g., "/modx" if your installation is in a "modx" subdirectory:
{code}RewriteBase /modx
{code}Note in the last block of directives the gzip compression was left commented out since this can potentially cause issues in some environemnts. For a faster webserver experience, ucomment the last two lines as follows:
{code}# Reduce server overhead by enabling output compression if supported.
php_flag zlib.output_compression On
php_value zlib.output_compression_level 5
{code}You may also want to make your URLs non-case-sensitive by adding a NC directive to the directive in the "For Friendly URLs" part:
{code}RewriteRule ^(.*)$ index.php?q=$1 [L,QSA,NC]
{code}If you prefer your website to always add the "www." part to always show "www.example.com" URLs, then the section below should be changed as follows:
{code}RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
{code}
If you're working off of virtual domains and have a preview for development or while waiting for DNS updates to occur such as accessing your site through [http://10.0.0.1/~myacct], the rewrite rule should be written as follows. Don't forget to change it back when you go live.
{code}RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /~myacct/index.php?q=$1 [L,QSA]
{code}
h2. Manager Protection
If you would like to limit the manager to being accessed by only a specific IP address, but need access to some things on the public site like the captcha, use the following. Make sure this goes inside the Manager directory:
{code}# Allow manager access to specific IPs only
Options +FollowSymlinks
RewriteEngine On
# Deny by IP. The IP address(es) listed will get through.
RewriteCond %{REMOTE_ADDR} !^(192\.168\.0\.128)$
RewriteCond %{REQUEST_FILENAME} !/includes/veriword\.php$
RewriteRule ^(.*)$ ../index.php?q=$1 [L,QSA]
{code}
{note}The first line ("Options \+FollowSymlinks") may need to be commented out in some situations where a similar line is present in the site install root to prevent server errors.
{note}
h2. Session Handling
If you are deployed in an environment that has problems with aggressive garbage collection, as evidenced by unexpected and frequent logouts from the manager, then you can adjust the location of the sessions to remove them from the default and shared global tmp/session location:
{tip}If you add this to your .htaccess file, make sure to also add it to the .htaccess file located in the /manager directory.{tip}
{code}php_value session.save_path /path/to/your/web/content/sessions/
php_value session.gc_maxlifetime 28800
{code}
h2. CSS or JS files as MODx documents
By default, MODx Evolution's htaccess template file excludes the /assets and /manager directories from rewrite rules. If you are using a MODx document as a CSS file, you'll need to adjust the one line to allow rewrites in the /assets directory if that's where you store your CSS file.
{code}RewriteRule ^(manager|assets) - [L]
{code}
Would become
{code}RewriteRule ^manager - [L]
{code}
{tip:title=Tip}If you still wish to maintain some subdirectories in the exclusions, you could disable /assets/images and /assets/snippets for example with the following rule:
{code}RewriteRule ^(manager|assets/images|assets/snippets) - [L]{code}{tip}
h2. Timezone
Some servers do not have their timezone settings set, which can cause issues. You can try the following setting with full details of timezone definitions available at [http://php.net/manual/en/timezones.php]
{code}php_value date.timezone Europe/Moscow
{code}
or
{code}SetEnv TZ America/Chicago
{code}
h2. Default Character Sets
Really, you should fix your code and database to handle character sets properly. But, if you insist, please see [http://httpd.apache.org/docs/2.0/mod/core.html#adddefaultcharset] and you might consider using:
{code}AddDefaultCharset utf-8
{code}
h2. Register Globals
{warning:title=Warning}If your server has register_globals enabled (and it's not possible to disable), run as fast as possible to a new webhost. Seriously.
{warning}Your site is almost 99.99999% absolutely destined to be hacked at some point by script kiddies with register_globals on, ESPECIALLY in shared hosting environemnts. This is an inherrent security risk, equivalent to letting a baby play with a loaded gun and hoping they don't pull the trigger. If you're paying under $15/month, you're on a shared host. For more information: [http://php.net/register_globals]
To verify that this option has been set to OFF, open the Manager and choose Reports \-> System Info and then click the phpinfo() link. Do a Find on Page for "register_globals". The Local Value should be OFF. If the Master Value is OFF then you do not need this directive here.
IF REGISTER_GLOBALS DIRECTIVE CAUSES 500 INTERNAL SERVER ERRORS:
Your server does not allow PHP directives to be set via .htaccess. In that case you must make this change in your php.ini file instead. If you are using a commercial web host, contact the administrators for assistance in doing this. Not all servers allow local php.ini files, and they should include all PHP configurations (not just this one), or you will effectively reset everything to PHP defaults. Consult www.php.net for more detailed information about setting PHP directives.
{code}# Turn off register_globals because I have a lazy webhost that doesn't care about security
php_flag register_globals Off
{code}
h2. Solving Internet Explorer Woes
If htc files are being used on your site, some servers may serve this with the incorrect mime type. The following can be added to resolve this. The following is critical for MS Windows XP SP2 surfers:
{code}# Fix .htc mime type for Internet Explorer
AddType text/x-component .htc
{code}The following directives stop screen flicker in IE on CSS rollovers. When they're in place, you may have to do a force-refresh in order to see changes in your designs.
{code}# Fix screen flicker for images in Internet Explorer
ExpiresActive On
ExpiresByType image/gif A2592000
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
BrowserMatch "MSIE" brokenvary=1
BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
BrowserMatch "Opera" !brokenvary
SetEnvIf brokenvary 1 force-no-vary
{code}
{note}
.htaccess directives provide directory-level configuration overrides when you cannot access the main Apache httpd.conf file. The main configuration file should be used for server directives whenever possible because .htaccess rules result in increased page processing times.
{note}
|
E-mail