Forum Moderators: phranque
RewriteRule ^(.*)/file/(.*)/$ file.php?foo=$1&foo2=$2
rewrites nicely to /whatever/file/whatever2/ , but a request for /whatever/file/whatever2 returns a 404
# Externally redirect to add a trailing slash if no filetype
# or trailing slash is present on the requested URL-path
RewriteRule ^(([^/]+/)*[^./]+)$ http://www.example.com/$1 [R=301,L]
#
# Internally rewrite /<foo>/file/<foo2>/ to file.php?foo=$1&foo2=$2
RewriteRule ^([^/]+)/file/([^/]+)/$ file.php?foo=$1&foo2=$2 [L]
If you add these or other rules, be sure that your rules are ordered with external redirects first, in order from most-specific patterns (fewest URLs affects) to least-specific (most URLs affected), followed by internal rewrites, again in order from most-specific to least-specific.
Use the [L] flag on all rules, unless you have a good reason not to.
Avoid the use of ".*" patterns, and especially multiple-".*" subpatterns in your patterns. These result in ambiguous pattern matches (which can cause unexpected results) at best, and in both unexpected pattern matches and extremely-slow execution at worst.
Using the ".*" subpattern is "easy" but almost never the most efficient or safest solution. For example, with your current rule, request the URL-path /foo/malicious-junk/file/foo2/ from your server. Does it behave as desired, returning a 404 or 403 status? If it returns a 200-OK, then you have opened up a vulnerability to malicious linking (search for "googlebombing") and you have created a duplicate-content problem on your site (which can also be exploited).
For every resource (e.g. page or image) on your site, there should be one and only one canonical URL that can be used to reach it; All other possible variations on that single URL should result in either a 301-Moved Permanently redirect to the correct canonical URL or a 404-Not Found error response.
Jim
URLs are used 'out on the web', so you need to redirect requests for the wrong URL to the right URL, before invoking the rewrite.
