1) The second rule passes all requests except for those files and filetypes listed, to app_index.php. So be sure that you really want to use the "!" NOT operator there.

2) mod_rewrite in .htaccess is effectively recursive. Once a rewrite is performed, control is passed back up through httpd.conf. There, the newly rewritten URL-path is checked for authorization requirements and for any aliases, rewrites, or redirects that might apply to it. After, that, control is passed back down through all .htaccess files in the new URL-path, checking for applicable access controls and rewrites/redirects. So, the [L] flag only applies to the current pass through your code; It is used to prevent wasting CPU time parsing the rules that follow if you know there is no reason to do so.

Two work-arounds:
1) Add a RewriteCond to each rule, each excluding specific {REQUEST_URI}s from being rewritten by that rule.
2) Use RewriteCond %{THE_REQUEST} to test the client-requested URL, and act only upon the original HTTP request, independent of any rewrites that have ocurred. Note that a redirect ends the current and starts a new HTTP transaction, while a rewrite does not.

Jim

Thanks alot! Your replies are always well "fleshed out" and gives me the opertunity to learn more, I like it :)

Well, I tried this:

RewriteCond %{THE_REQUEST} ^[A-Z]+\ /_/.+
RewriteRule ^/_/.+$ script_index.php [L]

RewriteCond %{THE_REQUEST} ^[A-Z]+\!/_/.+
RewriteRule!(\.(jpg¦gif¦css¦png¦ico)$) app_index.php [L]

but that gives a 404(?) when redirecting from "/_/o". I cannot understand why it would generate a 404 seeing as I thought I was rewriting every possible URL? Do you spot any errors here?

The URI "seen" by RewriteRule in .htaccess is localized to the current directory (where the .htaccess file is), and so the Rule does not see the path to the current directory, only the path within the current directory or below it. This is a long way of saying that in your "/" directory, none of th URLs seen by RewriteRule will start with "/".

So your pattern should be "^_/." and not "/_/.+$" (You can leave off the "+$" in this case, because it's redundant).

However, the URLs seen by RewriteCond %{REQUEST_URI} are always the full path from root, so the leading slash is always needed in those patterns.

In the second rule's RewriteCond, the "!" for NOT is misplaced. It needs to be at the very beginning before the start anchor, and not in the middle of the pattern. This is because "!" is a mod_rewrite operator, and serves to negate the result of the completed regular-expressions evaluation. So, the pattern there should be:
!^[A-Z]+\ /_/.

Jim

Ah, of course! Heh, stupid errors on my behalf. It works now. Thanks alot!