Welcome to WebmasterWorld Guest from

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Rewriting query strings



1:00 pm on Apr 29, 2010 (gmt 0)

5+ Year Member

I actually did search a solution for this but I guess it's to specific because I couldn't find a solution to fit my needs.

Anyway on to my "problem".

I'm looking for a way to rewrite all query strings.
Why? Well I don't want http://www.example.com/ to display the same as http://www.example.com/? or http://www.example.com/?test or http://www.example.com/?=test or http://www.example.com/test? etc...

Here come's the tricky bit.

I'm using Joomla! 1.5.x with SEO/SEF url's turned on, so I don't have any query strings in the "front-end". There are query strings in the back-end however.

http://www.example.com/administrator/ and everything within this folder is not supposed to be effected.

I did find the following:
# Create 404 on all root folder requests with query strings
# appended by rewriting to a file that does not exist
RewriteCond %{QUERY_STRING} &?ID=
RewriteRule ^[^/]*$ /non-existent-file.hmtl? [L]


RewriteCond %{THE_REQUEST} ^[A-Z]+\ /[^?\ ]*\?[^\ ]*\ HTTP/
RewriteRule ^ /non-existent-file.hmtl? [L]

Obviously the above examples don't take the /administrator/ folder into account. Nor am I a 100% the above code does what I need.

If I need to provide more info give me a shout.

Thanks in advance for any help/tips provided.


1:10 pm on Apr 29, 2010 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

Well, you can add an exclusion prevent rewriting requests for the /administrator/ folder path -- Either in a RewriteCond examining %{REQUEST_URI} or even in the RewriteRule pattern itself.

The first example you posted detects a specific query string value, while the second detects any request that has any query string appended, even a blank one.

Be very careful in deciding what to do with these requests. You can indeed 404 them, but I suggest 301-redirecting them to the requested page after removing the query string, unless that query string is malicious (e.g. an SQL-injection attempt) in which case I suggest a 403-Forbidden response and blocking the requestor's IP address.



1:17 pm on Apr 29, 2010 (gmt 0)

5+ Year Member

Hi Jim,

Thanks for the fast reply.

At the moment we have no "bad" url's. We want to prevent this by doing what Google does: [google.com...]

Featured Threads

Hot Threads This Week

Hot Threads This Month