Turn off MultiViews (and on Apache 2.x) AcceptPathInfo and DirectorySlash to start. Any of these can pre-empt mod_rewrite.
Tweak the code for security, portability, and efficiency:
# Next two lines for Apache 2.x only
DirectorySlash off
AcceptPathInfo off
#
Options +FollowSymlinks -MultiViews
RewriteEngine on
#
RewriteRule ^(.*)\.xml$ /$1.php [NC]
#
RewriteCond $1 !(^index\.php|\.(gif|jpe?g|png|ico|css|js|swf|flv|avi|mov|mp[34]|wmv|pdf|doc|xls))$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /index.php?module=$1 [QSA,L]
By excluding filetypes that your script does not and cannot generate from the two filesystem "exists" checks, you can greatly improve the performance of your server. In some cases, these checks may require a physical disk access, which can markedly slow your server response and result in premature hard drive failure.
On a busy site on shared hosting, you will likely get an obvious performance improvement with this simple change.
It is not necessary to enumerate *all* filetypes which are not handled by your script. It is most beneficial to simply include the most-often-requested filetypes (usually .gif and .jpg images) which your script cannot or does not actually create/generate. The filetypes I listed are only examples; this list represents neither a specific recommendation nor a comprehensive implementation. Consult your server stats to determine the most-frequently-requested filetypes for your site.
If you wish to rewrite *only* extensionless URL requests to your script, you could eliminate all three RewriteConds and just use the rule
RewriteRule ^(([^/]*/)*[^./]+)$ /index.php?module=$1 [QSA,L]
This rule will reject any 'page name' request in any 'directory level' which contains a period (indicating a filetype) and all URL-paths with a trailing slash (indicating a directory request).
Jim
