MOD_REWRITE is a versitile and some what complex utility which can be extremely useful for directing traffic on a web server. It is a real good idea to be well versed in regex for this one.

The basic principal is to create a condition to apply a rule. If a condition or all conditions match the rule is applied.

RewriteCond   %{REQUEST_URI}   ^phpmyadmin$   [NC]

Rewrite Condition - The condition to apply the rule. The condition is made up of three parts:

• Test String or Input
• Condition - what to match against
• Flags

Example: to deny anyone looking for phpmyadmin, which is a fairly common thing for hackers to do, a condition may look like this...

This condition will match the request of phpmyadmin and in-turn apply a rule, depending on other conditions (if any). The [NC] at the end is a flag for No Case i.e. makes the condition case insensitive.

RewriteRule   ^   -   [F,L]

When the conditions match in whole or in part (depending on the flags) the rule is applied. The rule is broken down into three parameters:

• Pattern - the pattern to match
• Substitution - what to change the pattern to
• Flags - what to do when the rule is used - Flags are optional

This rule will basically do nothing but send the requester to a 403 - Forbidden error page. The Flags indicate Forbidden and Last.

The flags determine the behavior of a condition or rule. For example all conditions are ANDed together which means they all must apply or match for the rule to engage. However the OR flag can change that.

This is a list of mod_rewrite flags. Each is a link that goes directly to the apache documentation. Note: these docs are for version 2.4.

• B (escape backreferences)
• BNP|backrefnoplus (don't escape space to +)
• C|chain
• CO|cookie
• DPI|discardpath
• E|env
• END
• F|forbidden
• G|gone
• H|handler
• L|last
• N|next
• NC|nocase
• NE|noescape
• NS|nosubreq
• P|proxy
• PT|passthrough
• QSA|qsappend
• QSD|qsdiscard
• QSL|qslast
• R|redirect
• S|skip
• T|type

Variables available to MOD_Rewrite conditions and rules:

• API_VERSION
• AUTH_TYPE
• CONTENT_LENGTH
• CONTENT_TYPE
• DOCUMENT_ROOT
• GATEWAY_INTERFACE
• IS_SUBREQ
• ORIG_PATH_INFO
• ORIG_PATH_TRANSLATED
• ORIG_SCRIPT_FILENAME
• ORIG_SCRIPT_NAME
• PATH
• PATH_INFO
• PHP_SELF
• QUERY_STRING
• REDIRECT_QUERY_STRING
• REDIRECT_REMOTE_USER
• REDIRECT_STATUS
• REDIRECT_URL
• REMOTE_ADDR
• REMOTE_HOST
• REMOTE_IDENT
• REMOTE_PORT
• REMOTE_USER
• REQUEST_FILENAME
• REQUEST_METHOD
• REQUEST_TIME
• REQUEST_URI
• SCRIPT_FILENAME
• SCRIPT_GROUP
• SCRIPT_NAME
• SCRIPT_URI
• SCRIPT_URL
• SCRIPT_USER
• SERVER_ADDR
• SERVER_ADMIN
• SERVER_NAME
• SERVER_PORT
• SERVER_PROTOCOL
• SERVER_SIGNATURE
• SERVER_SOFTWARE
• THE_REQUEST
• TIME
• TIME_DAY
• TIME_HOUR
• TIME_MIN
• TIME_MON
• TIME_SEC
• TIME_WDAY
• TIME_YEAR
• TZ
• UNIQUE_ID

• HTTP_ACCEPT
• HTTP_ACCEPT_CHARSET
• HTTP_ACCEPT_ENCODING
• HTTP_ACCEPT_LANGUAGE
• HTTP_CACHE_CONTROL
• HTTP_CONNECTION
• HTTP_COOKIE
• HTTP_FORWARDED
• HTTP_HOST
• HTTP_KEEP_ALIVE
• HTTP_PROXY_CONNECTION
• HTTP_REFERER
• HTTP_USER_AGENT

• SSL_CIPHER
• SSL_CIPHER_ALGKEYSIZE
• SSL_CIPHER_EXPORT
• SSL_CIPHER_USEKEYSIZE
• SSL_CLIENT_VERIFY
• SSL_PROTOCOL
• SSL_SERVER_A_KEY
• SSL_SERVER_A_SIG
• SSL_SERVER_CERT
• SSL_SERVER_I_DN
• SSL_SERVER_I_DN_C
• SSL_SERVER_I_DN_CN
• SSL_SERVER_I_DN_L
• SSL_SERVER_I_DN_O
• SSL_SERVER_I_DN_OU
• SSL_SERVER_I_DN_ST
• SSL_SERVER_M_SERIAL
• SSL_SERVER_M_VERSION
• SSL_SERVER_S_DN
• SSL_SERVER_S_DN_CN
• SSL_SERVER_S_DN_O
• SSL_SERVER_S_DN_OU
• SSL_SERVER_V_END
• SSL_SERVER_V_START
• SSL_SESSION_ID
• SSL_VERSION_INTERFACE
• SSL_VERSION_LIBRARY

Check this:

• Make sure the variable is preceeded with a % for Apache variables and a $ for variables you defined:    Apache: %{REQUEST_URI} NOT ${REQUEST_URI}.    Yours : ${MY_LOCAL_VARIABLE} NOT %{MY_LOCAL_VARIABLE}.