20

I'm trying to prevent, in this case WordPress, from rewriting certain URLs. In this case I'm trying to prevent it from ever handling a request in the uploads directory, and instead leave those to the server's 404 page. So I'm assuming it's as simple as adding the rule:

RewriteCond %{REQUEST_URI} !^/wp-content/uploads/

This rule should evaluate to false and make the chain of rules fail for those requests, thus stopping the rewrite. But no... Perhaps I need to match the cover the full string in my expression?

RewriteCond %{REQUEST_URI} !^/wp-content/uploads/.*$

Nope, that's not it either. So after scratching my head I do a check of sanity. Perhaps something is wrong with the actual pattern. So I make a simple test case.

RewriteCond %{REQUEST_URI} ^/xyz/$

In this case, the rewrite happens if and only if the requested URL is /xyz/ and shows the server's 404 page for any other page. This is exactly what I expected. So I'll just stick in a ! to negate that pattern.

RewriteCond %{REQUEST_URI} !^/xyz/$

Now I'm expecting to see the exact opposite of the above condition. The rewrite should not happen for /xyz/ but for every other possible URL. Instead, the rewrite happens for every URL, both /xyz/ and others.

So, either the use of negated regexes in RewriteConds is broken in Apache, or there's something fundamental I don't understand about it. Which one is it?

The server is Apache2.

The file in its entirety:

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /
RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/wp-content/uploads/
RewriteRule . /index.php [L]
</IfModule>

WordPress's default file plus my rule.

nitro2k01
  • 7,627
  • 4
  • 25
  • 30

5 Answers5

13
<IfModule mod_rewrite.c>
RewriteEngine On

RewriteBase /
RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_URI} !^/wp-content/uploads/ [OR]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]
</IfModule>
Cecil
  • 147
  • 3
  • 6
    That's not what I want to do. I want to UNDERSTAND how the hell this works, as this same problem pops up in various rewrites and is causing me some major headaches. – nitro2k01 Jan 28 '11 at 05:32
  • oh ok, guess I misunderstood. Can you explain in simple terms maybe? I'll write up the full .htaccess for you. – Cecil Jan 28 '11 at 05:34
  • 1
    well, every RewriteRule with an [L] flag is "LAST" so it stops there if the pattern matches.. You could add another condition/rule set down under the one you have now. so it does exactly what you want, without affecting the other one by wordpress. thats what I'd do :) – Cecil Jan 28 '11 at 05:36
  • Ok, put in different terms, I want every possible URL to be handled by index.php, except if it starts with /xyz. http://www.example.com/abc and http://www.example.com/def and anything else will be rewritten to index.php but not http://www.example.com/xyz If it starts with /xyz it should be handled normally. Maybe there's a file at http://www.example.com/xyz/image.png or maybe not. – nitro2k01 Jan 28 '11 at 05:53
  • ok try that.. added an [OR] flag to your RewriteCond - it litterally means "or" so it now reads like.. if !NOT this urls [OR] these other conditions, then rewriterule. [L]ast – Cecil Jan 31 '11 at 16:35
  • Please explain this answer, .htaccess and regex is already cryptic enough without vague half-handed stack overflow responses – Abraham Brookes Feb 06 '19 at 06:15
6

So, after a lot of irritation, I figured out the problem, sort of. As it turned out, the rule in my original question actually did exactly what it was supposed to. So did a number of other ways of doing the same thing, such as

RewriteRule ^wp-content/uploads/.*$ - [L]

(Mark rule as last if pattern matches) or

RewriteRule ^wp-content/uploads/.*$ - [S=1]

(Skip the next rule if pattern matches) as well as the negated rule in the question, as mentioned. All of those rules worked just fine, and returned control to Apache without rewriting.

The problem happened after those rules were processed. Instead, the problem was that I deleted a the default 404.shtml, 403.shtml etc templates that my host provided. If you don't have any .htaccess rewrites, that works just fine; the server will dish up its own default 404 page and everything works. (At least that's what I thought, but in actual fact it was the double error "Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.")

When you do have a .htaccess, on the other hand, it is executed a second time for the 404 page. If the page is there, it will be used, but now, instead the request for 404.shtml was caught by the catch-all rule and rewritten to index.php. For this reason, all other suggestions I've gotten here, or elsewhere, have all failed because in the end the 404 page has been rewritten to index.php.

So, the solution was simply to restore the error templates. In retrospect it was pretty stupid to delete them, but I have this "start from scratch" mentality. Don't want anything seemingly unnecessary lying around. At least now I understand what was going on, which is what I wanted.

Finally a comment to Cecil: I never wanted to forbid access to anything, just stop the rewrite from taking place. Not that it matters much now, but I just wanted to clarify this.

nitro2k01
  • 7,627
  • 4
  • 25
  • 30
  • After banging my head against the problem for the better part of a week, and reading this post more than once, it turns out my problem _was_ the same. I had deleted the 404. It was causing repeated runs through the rules. – felwithe Apr 04 '15 at 22:27
  • Sigh ... Apache config files are among the worst languages I've had to work with, and mod_rewrite pushes them to the very top. I find Perl a breeze in comparison. Rewrite rules are very useful but really dense. – reinierpost Oct 17 '19 at 09:58
  • Tip: Use something like Header add X-Remark-Rewrite "/path.to/htaccess" in the beginning which you can inspect in the developer tools so you know what htaccesses it went through. – Herbert Van-Vliet Nov 03 '22 at 13:55
3

If /wp-content/uploads/ is really the prefix of the requested URI path, your rule was supposed to work as expected.

But as it obviously doesn’t work, try not to match the path prefix of the full URI path but only the remaining path without the contextual per-directory path prefix, in case of the .htaccess file in the document root directory the URI path without the leading /:

RewriteCond $0 !^wp-content/uploads/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .+ /index.php [L]

If that doesn’t work neither, it would certainly help to get some insight into mod_rewrite’s rewriting process by using its logging feature. So set RewriteLogLevel to a level of at least 4, make your request and take a look at the entries in the log file specified with RewriteLog. There you can see how mod_rewrite handles your request and with RewriteLogLevel greater or equal to 4 you will also see the values of variables like %{REQUEST_URI}.

Ates Goral
  • 137,716
  • 26
  • 137
  • 190
Gumbo
  • 643,351
  • 109
  • 780
  • 844
0

I have found many examples like this when taking a "WordPress First" approach. For example, adding:

ErrorDocument 404 /error-docs/404.html

to the .htaccess file takes care of the message ("Additionally, a 404 Not Found error...").

cbos
  • 1
  • 2
0

Came across this trying to do the same thing in a Drupal site, but might be the same for WP since it all goes through index.php. Negating index.php was the key. This sends everything to the new domain except old-domain.org/my_path_to_ignore:

RewriteCond %{REQUEST_URI} !^/my_path_to_ignore$
RewriteCond %{REQUEST_URI} !index.php
RewriteCond %{HTTP_HOST} ^old-domain\.org$ [NC]
RewriteRule ^(.*)$ http%{ENV:protossl}://new-domain.org/$1 [L,R=301]
Boinkster
  • 11
  • 1