Success!

I typed www.example.net/index.html and the page opened as example.net

I wonder if Google sees it the same way.

Any minor adjustments to this code will be much appreciated...

#6 redirect from www
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.html
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC]
RewriteRule ^(.*)$ http://example.net/$1 [R=301]

Crikey, how did we rack up 30 more posts in one day?

#1:

You don't need to number every single line in htaccess! Just number the RewriteRules.

#2:

You MUST convert the three "Redirect..." lines to mod_rewrite syntax. There is nothing wrong with the rules themselves; they just need to be handled in mod_rewrite instead of mod_alias. Doesn't matter if you originally got the rules from the Pope himself.

If you had no RewriteRules, then mod_alias (Redirect by that name) would be appropriate. But you can't mix them.

When you're changing from mod_alias to mod_rewrite, you end up with a simple conditionless RewriteRule.

Old:

Redirect 301 /Pinto/oldindex.html http://example.net/Pinto/oldindex.php

Redirect 301 /Asia/Indonesia/bali.html http://example.net/Asia/Indonesia/bali.php

Redirect 301 /Asia/Indonesia/indonesia.html http://example.net/Asia/Indonesia/indonesia.php

New:

# 7a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]
# 7b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]
# 7c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]

This set of rules goes before the index redirect and the domain-name redirect (typically the last two RewriteRules).

Looking more closely at the rules, though, I don't see why you'd bother. You could have kept the old URLs-- I assume it was the same domain-- and just quietly rewrite from html to php. No need for anyone to know that your pages are anything other than static html. Too late to change it now, though; I assume the redirect is already in effect.

Edit:
And now that we're in mod_rewrite, which uses Regular Expressions whether you want to or not, there's no reason not to combine the last two redirects:

# 7b
RewriteRule ^Asia/Indonesia/(bali|indonesia)\.html http://example.net/Asia/Indonesia/$1.php [R=301,L]

Andorra? Really?

Hi Eureka. Andorra calling! (do you have any idea where it is?

"Crikey, how did we rack up 30 more posts in one day?"

You shouldn' have gone to bed...

I will implement the redirects; you convinced me. When you say it goes before the index redirect do you mean #6 redirect from www ? And why is the order important?

Doesn't matter if you originally got the rules from the Pope himself.

How did you know?...

Thanks

Ok here goes the final (?) version:

(I'm going to rename the website example.net...

# 1 Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php

# 2 Do not allow access to the directories
Options -Indexes 

# 3
AddType text/x-component .htc 

# 4 allow all except those indicated here
    <Files *>
    order allow,deny
    allow from all
    
    </Files>


# block visitors referred from indicated domains
RewriteEngine on 
# For security reasons, Option followsymlinks cannot be overridden.

#5 Options +FollowSymlinks 
Options +SymLinksIfOwnerMatch
RewriteCond %{HTTP_REFERER} semalt\.com [NC]
RewriteRule .* - [F]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]



#6 redirect from www
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.html 
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L] 

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC] 
RewriteRule ^(.*)$ http://example.net/$1 [R=301] 






#7 redirects from file that changed name

# 7a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]
# 7b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]
# 7c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]


#8 bandwidth theft 
RewriteCond %{HTTP_REFERER} !^http://example.net/.*$ [NC] 
RewriteCond %{HTTP_REFERER} !^http://example.net$ [NC] 
RewriteCond %{HTTP_REFERER} !^http://www.example.net/.*$ [NC] 
RewriteCond %{HTTP_REFERER} !^http://www.example.net$ [NC] 
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

Just remembered: I've got to put the 7s before the 6. You not very good at Maths...

Why is that? The order, not the Maths.

Why is that?

Within any one category, list rules from most specific to most general. Otherwise you risk getting multiple redirects on the same request.

Incidentally:

RewriteCond %{HTTP_REFERER} semalt\.com [NC]
RewriteRule .* - [F]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

Those can perfectly well be a single rule:

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

The SymLinks directive should go at the beginning, and definitely before you start in on mod_rewrite. (For your own sake, not for the rules. They're different mods-- or, here, one mod plus core-- so they don't "see" each other.) And you should generally group any Options directives together. Here it's

Options -Indexes +SymLinksIfOwnerMatch

---

Sure, I know where Andorra is.
46.136.11.0/24
46.136.87.0/24
46.136.145.0/24
85.94.160.0/19
91.187.64.0/19
109.111.96.0/19
185.4.52.0/22
194.158.64.0/19

;)

Physically it's in Basque-land. But that's another matter.

Sure, I know where Andorra is.
46.136.11.0/24
46.136.87.0/24
46.136.145.0/24
85.94.160.0/19
91.187.64.0/19
109.111.96.0/19
185.4.52.0/22
194.158.64.0/19

I´ll enter that in my gps tomorrow!

Physically it's in Basque-land. But that's another matter.

Well, being American I'll forgive you. You're only a few hundred miles away, on the wrong side of the Pyrenees. The Basque country is a province of Spain. Andorra is an independent country, member of the UN and just about every other international organization. It's also about the only country in Europe that does not have a fiscal deficit!
But don't worry, I'm only a foreigner living here!

Ok, so now having moved the options, I end up with a section that does not seem to make much sense:

# block visitors referred from indicated domains
RewriteEngine on
# For security reasons, Option followsymlinks cannot be overridden.

#5 Options +FollowSymlinks

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

I end up with a section that does not seem to make much sense:

Well, there's not much point to numbering and commenting the rules if you don't keep the comment line with the rule it belongs to :)

:: irritably thinking that one of these days I will hunt down g1's e-mail address, and then he will no longer be able to hide behind a conveniently full mailbox ::

Fer hevvins sakes, I know that Andorra is an independent country. Right up there with Liechtenstein and San Marino. And there are Basques in France too.

hey.. I was kidding. Most people don't have a clue where Andorra is. When I moved here, from Portugal, the removals firm asked me if the lorry (truck) had to get on a ferry-boat...

What if I did the following, removing the rest altogether, perhaps moving

# For security reasons, Option followsymlinks cannot be overridden.

up above to

# 1 Use PHP5.4 Single php.ini as default
AddHandler application/x-httpd-php54s .php

# 2 Do not allow access to the directories - For security reasons, Option followsymlinks cannot be overridden

Options -Indexes +SymLinksIfOwnerMatch

# 3
AddType text/x-component .htc

# 4 allow all except those indicated here
<Files *>
order allow,deny
allow from all

</Files>


RewriteEngine on

#5 block visitors referred from indicated domains

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

Throw out all those

#4 comment

lines. They've become a hopeless mess. Keep the comment-- unnumbered-- if and only if you see a clear relationship between the comment and the line that immediately follows it. Otherwise, it's worse than useless.

Then number only the RewriteRules.

When I moved here, from Portugal, the removals firm asked me if the lorry (truck) had to get on a ferry-boat...

Lord, that's funny. In the cheesy 18th-century novel The Victim of Magical Delusion there are at least two major scenes where a character is shipwrecked ... en route from Spain to Portugal. Never let geography get in the way of a good plot device.

Throw out all those

#4 comment

I used to have an IP there, which I have since taken out. I thought I would leave it in case I wanted to block someone in future. But I was goig to ask you if it conflicts with 5. Right now, it allows all and then I block semalt, libwww , etc.

Then number only the RewriteRules.

So #5 becomes #1 and above that they are not numbered, right?

In the cheesy 18th-century novel The Victim of Magical Delusion there are at least two major scenes where a character is shipwrecked ... en route from Spain to Portugal. Never let geography get in the way of a good plot device.

In fact, that's not for lack of research. The first railway lines in the Peninsula only arrived in the second half of the 19th century. Roads, where in existence, were very dangerous due to highway robbers. In Portugal, for instance, before the arrival of the railroad, the recommended way to travel between Lisbon and Oporto was by sea. So, it depends on where the people departed from in Spain. Obviously, from Madrid, being inland, the sea route was inapropriate (or maybe not as it might be safer to take the shortest route to the sea and then continue by boat). But from the coastal towns in the Mediterranean, or especially from northwestern Spain which shares the same costline as Portugal, that would, indeed, be the way to travel. I have not read the book but if it is about the French Revolution or the Napoleonic incursions into Spain and Portugal, it is of little surprise that people travelled by boat rather than risk meeting the French armies or the highway robbers.

Here's the current file. Better?
Should I not have [OR] in the first 3 lines of #4 ?

#Use PHP5.4 Single php.ini as default

AddHandler application/x-httpd-php54s .php


#Do not allow access to the directories -For security reasons, Option followsymlinks cannot be overridden.

Options -Indexes +SymLinksIfOwnerMatch


#
AddType text/x-component .htc



RewriteEngine on


#1 # block visitors referred from indicated domains

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]



#2 redirect from www

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.html
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC]
RewriteRule ^(.*)$ http://example.net/$1 [R=301]






#3 redirects from file that changed name

# 3a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]
# 3b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]
# 3c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]


#4 bandwidth theft

RewriteCond %{HTTP_REFERER} !^http://example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://example.net$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

Deleted!

I had example.net in my code and nothing worked!

I will change the site's name to that.

Heh.

#4 bandwidth theft

RewriteCond %{HTTP_REFERER} !^http://example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://example.net$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net$ [NC]

You only need one line here. The ones in

/.*$

and

$

can collapse to

^http://example\.net($|/)

The $ variant is only for insurance; I doubt it ever occurs. The with-and-without www. pairs can be expressed as

(www\.)?example\.net

but don't do it, because you actually don't want both forms. See, the anti-hotlinking rule is intended to exclude requests from your own site-- and also from search engines, which don't send a referer.* Same goes for some humans. Who appear to be overrepresented among WebmasterWorld readers. That's why one line has to be
!^-?$
Your own site has a domain-name-canonicalization redirect. That means by the time someone reaches a specific page, they are on either www.example.net OR example.net, but never both. Your anti-hotlinking routine should list only the form of your name that you actually use.

RewriteCond defaults to [AND], which is normally what you want. "Referer is not this, AND not that, AND not the other..."


* Malign robots are a separate issue. If they can't reach the page in the first place, they won't know about the images.

Hi

What kept you so long? I've been missing you!

But now you've really got me confused!

First, notwithstanding what you said, which I will accept, what would have been the answer to my question about the [OR] if I maintained the

#bandwidth theft
RewriteCond %{HTTP_REFERER} !^http://example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://example.net$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.example.net$ [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [L,NC]

Are you saying it should be [AND] instead?


As for the new code, no [NC]?

And now another matter: I want to add this to the code. Is it ok and can I put it at the very end?

# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

* Malign robots are a separate issue. If they can't reach the page in the first place, they won't know about the images.

Are you saying that the code is useless then? I understood that main reason was to stop thieves from stealing my pics,

There you are! Agree?

There is no "!" in front?

#4 bandwidth theft

RewriteCond %{HTTP_REFERER} ^http://example\.net($|/)

RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [F,NC]

[edited by: qimqim at 10:37 pm (utc) on Feb 25, 2014]

I've just checked the compression with a couple of outfits, and they both say. UNCOMPRESSED!

So, what is wrong with the code? Or with me?

DISASTER!

One of my pages lost ALL its images. I didn't check the others.

So, I took the #4 code out altogether and the pics came back.

Is it because of the missing "!" ?


OK,OK,OK

I had a further problem because I replaced the old code for #4 deleting the last 2 lines and adding AND to the end. The system did not like the AND and everything went crazy. I took out the ANd and we are back to normal. I hope...

Returning to compression, My server only has mod_default enabled and I think what I have is for Gzip... is that it?

Could you help me with mod_default, please?


PS

It's late here. Must go to bed. Will look in in 7 hours.

Good night and thank you

Are you saying it should be [AND] instead?

No, I'm saying you only need one of the four conditions. You don't need [NC] because this, too, has already been standardized. When you have a rule with condition

RewriteCond %{HTTP_HOST} !^(www\.example\.net)?$

the result is that the only people who reach your site are the ones that do ask for "www.example.net", case sensitive. Or the stray HTTP/1.0 users who may ask for nothing. So the referer on your own site can never be anything but the exact form

^http://www\.example\.net/

One of my pages lost ALL its images. I didn't check the others.

So, I took the #4 code out altogether and the pics came back.

Is it because of the missing "!" ?

Well, yes. You changed the code from "block if the referer is NOT my own page" to "block if the referer IS my own page" :)

It's very rare to use [OR] with negative conditions. You're saying "block if this item is not X, OR is not Y, OR is not Z..." which generally means block all the time, since X Y Z are mutually exclusive. In practice the only time you'd use [OR] and ! in combination is if the conditions are all looking at different things: "take this action if the referer is not my own site, OR if the request came from that guy in the Ukraine, OR if the user-agent contains the word 'Bork', OR..."

Are you saying that the code is useless then? I understood that main reason was to stop thieves from stealing my pics

You can't use a referer-based block to lock out bad robots while letting in search engines-- and those inconvenient refererless humans. But it's rare for robots to request images at all. And most of the time they only request images if they've already seen the page and therefore know the image exists. Anti-hotlinking routines are essentially just that: a way to prevent www.example.biz from linking directly to your image at example.net.

---

Don't ask me about compression. I only do Regular Expressions. Let's get the existing questions sorted out and then you can start a fresh thread with unrelated questions.

Ok. Thanks Lucy

Here's the final version:

#Use PHP5.4 Single php.ini as default

AddHandler application/x-httpd-php54s .php


#Do not allow access to the directories -For security reasons, Option followsymlinks cannot be overridden.

Options -Indexes +SymLinksIfOwnerMatch


#
AddType text/x-component .htc



RewriteEngine on


#1 # block visitors referred from indicated domains

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]



#2 redirect from www

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.html
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC]
RewriteRule ^(.*)$ http://example.net/$1 [R=301]






#3 redirects from file that changed name

#3a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]

# 3b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]

# 3c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]




#4 bandwidth theft
RewriteCond %{HTTP_REFERER} !^http://www\.example\.net/

RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [L,NC]

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index.html

Whoops! That only covers requests for the root. The condition needs to say ^[A-Z]{3,9}\ /([^/]+/)*index\.html

Matter of fact, it may be more efficient to shift the capture to the condition. Don't know if it makes a difference.

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(([^/]+/)*)index\.html
RewriteRule index\.html http://www.example.com/%1 [R=301,L] 

Option B-- this works for me, but doesn't work for everyone-- is to go minimalist:

RewriteCond %{THE_REQUEST} index
RewriteRule ^(([^/]+/)*)index\.html http://www.example.com/$1 [R=301,L]

You can only do this if there's no other place the element "index" could possibly occur in the request. But it makes evaluating the condition a bit snappier.

Hi Lucy

I'm having problems, as usual with me...

First, that code for the rdirects to example.net did not work if I entered www.pintotours.net/indx.html I got a 404 error. So, at the mom I put back my old code that works until we sort that out.


AMENDMENT

I've got rid of CloudFlare. I did not like the way that I ended up with an url that was theirs!

Ok, out your amended code back in and the other prob has disappeared. All looks good.

#Use PHP5.4 Single php.ini as default

AddHandler application/x-httpd-php54s .php

#
AddType text/x-component .htc


#Do not allow access to the directories -For security reasons, Option followsymlinks cannot be overridden.

Options -Indexes +SymLinksIfOwnerMatch
RewriteEngine on


#1 # block visitors referred from indicated domains

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]



#2 redirect from www

#redirect from www

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC]
RewriteRule ^(.*)$ http://example.net/$1 [R=301] ]


#3 redirects from file that changed name

#3a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]

# 3b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]

# 3c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]



#4 bandwidth theft
RewriteCond %{HTTP_REFERER} !^http://www\.example\.net/

RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [L,NC]

External redirects go before internal rewrites. Check.

List rules from most specific to most general.
...
Whoops!

The group of rules numbered #3 go before the two rules numbered #2.

The two rules #2 are in the right order relative to each other, though the #comment is confusing. The first of the two is the "index redirect"; the second and last is the "domain-name canonicalization redirect".

Now, rule #4 -- the anti-hotlinking rule -- is a special case. You would expect it to go after all the external redirects, since it's a simple rewrite. But this type of rewrite acts as a [F] lockout, so it needs to go before all redirects. The last thing you want is to redirect a hotlinker if they've got your domain name wrong!

And speaking of domain name: All other quoted rules have "example.net" as the preferred form. The hotlinking rule has "www.example.net" -- a form which will never occur, so the rule will only execute when you don't want it to.

Details:

RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

This looks fine to human eyes, because you look at the pattern and see the "index.html" coming up. But a server only operates in one dimension. So it merrily captures all the way to the end-- and then finds "Oh, oops, I was supposed to leave room for 'index.html'." That's why the pattern has to be expressed as

^([^/]+/)*index\.html

Remember to escape the period! And speaking of periods: If your URL paths don't contain periods, you can replace [^/] everywhere with [^/.] to get the server out of there a few nanoseconds sooner.

RewriteRule ^(.*)$ http://example.net/$1 [R=301] ]

I hope that stray ] is an artifact of cutting-and-pasting for the post, since it would surely make the server explode.

The pattern doesn't need anchors. By default, Regular Expressions start as soon as they can and go on as long as they can.

Now, back to those hotlinkers:

RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ - [L,NC]

Since you are not capturing, everything before the \. isn't needed. The two items
jpg|jpeg
can be expressed as
jpe?g

Does your site actually use a mixture of upper- and lower-case filenames for images? The [NC] choice is a bit of a tossup. With the flag your server has to do more work at the outset, because that innocuous [NC] is just a front for

[Jj][Pp][Ee]?[Gg]|[Gg][Ii] ...

... et cetera. I get tired just typing it!
Without the [NC], the matching part goes faster. But a request for "Filename.JPG" when you've really got "filename.jpg" would result in a 404, meaning that the server has to look for the file instead of ...

Here I grind to a screeching halt as I realize that the meat of the rule got lost. [L,NC] makes no sense. You have to do one of two things: either end the rule in [F] (with or without [NC]) or rewrite to a custom graphic:

RewriteCond blahblah
RewriteCond blahblah
RewriteRule \.(jpe?g|gif|png)$ /images/hotlink.png [L]

Matter of fact I'm glad this came up, because when I pulled a random htaccess of my own to copy-and-paste, I found I'd got the rule in the wrong place there too! Secondary site that just happens to come first in the alphabet.

As written, the rule will also block all results of image searches and all translations. This may or may not be what you want, so make sure you've thought it out. The list of referer exceptions can easily be 6, 8 or 10 items.

Hi there

I have work here for a week...

I changed everything up to details and some of those, or I'll get in a mess, Slowly, slowly.
Ther is one thing that puzzles me. Having moved #4 to the top, and made it without the www, I wonder if the server will understand that beacuse th rules to ignore the www will come later...

Is that ok? Have a look at what I have now and don't worry about the added ones at the bottom which don't work anyway; I just would like to know where they should go.

And speaking of domain name: All other quoted rules have "example.net" as the preferred form. The hotlinking rule has "www.example.net" -- a form which will never occur, so the rule will only execute when you don't want it to.

#Use PHP5.4 Single php.ini as default

AddHandler application/x-httpd-php54s .php

#
AddType text/x-component .htc


#Do not allow access to the directories -For security reasons, Option followsymlinks cannot be overridden.

Options -Indexes +SymLinksIfOwnerMatch
RewriteEngine on


#1 # block visitors referred from indicated domains

RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl
RewriteRule .* – [F]

#4 bandwidth theft
RewriteCond %{HTTP_REFERER} !^http://example\.net/

RewriteRule .*\.(jpe?g|gif|png|bmp)$ - [L,NC]

#3 redirects from file that changed name

#3a
RewriteRule ^Pinto/oldindex\.html http://example.net/Pinto/oldindex.php [R=301,L]

# 3b
RewriteRule ^Asia/Indonesia/bali\.html http://example.net/Asia/Indonesia/bali.php [R=301,L]

# 3c
RewriteRule ^Asia/Indonesia/indonesia\.html http://example.net/Asia/Indonesia/indonesia.php [R=301,L]


#2a index redirect

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^/]+/)*index\.html
RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

#2b domain-name canonicalization redirect

RewriteCond %{HTTP_HOST} !^(example\.net)?$ [NC]
RewriteRule ^(.*)$ http://example.net/$1 [R=301]








# 5 Set Expires Headers
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Thu, 15 Jan 2015 20:00:00 GMT"
</FilesMatch>

# 6 Set the cache-control max-age
# 1 year
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Cache-Control "max-age=31449600, public"
</FilesMatch>
# 2 DAYS
<FilesMatch "\.(xml|txt)$">
Header set Cache-Control "max-age=172800, public, must-revalidate"
</FilesMatch>
# 4 HOURS
<FilesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=14400, must-revalidate"
</FilesMatch>

I've sorted out the rest except this one which I can't understand. Are you saying I need to leave a space between the closing brackets and the beginning of index ?

And what else?

RewriteRule ^(.*)index.html$ http://example.net/$1 [R=301,L]

This looks fine to human eyes, because you look at the pattern and see the "index.html" coming up. But a server only operates in one dimension. So it merrily captures all the way to the end-- and then finds "Oh, oops, I was supposed to leave room for 'index.html'." That's why the pattern has to be expressed as
^([^/]+/)*index\.html
Remember to escape the period! And speaking of periods: If your URL paths don't contain periods, you can replace [^/] everywhere with [^/.] to get the server out of there a few nanoseconds sooner.

All the stuff inside <FilesMatch> envelopes has nothing to do with mod_rewrite, so it can go anywhere. I prefer to group all the short stuff at the beginning of the htaccess file.

Are you saying I need to leave a space between the closing brackets and the beginning of index ?

No, absolutely not, unless you want to blow up the server. Spaces in mod_rewrite --and elsewhere in Apache-- have syntactic meaning. I meant that a non-final .* is never a good idea in Regular Expressions. It doesn't matter so much in something like text editing where you can always twiddle your thumbs for a few more seconds, but in your server, all those nanoseconds add up. So any time you are tempted to say .* or .+ see if you can replace it with whatever you "really" mean. Here it would be

^([^/]+/)*

or rather-- ahem, oops, my bad--

^(([^/]+/)*)

so the whole thing gets captured. Or, if you have no literal periods anywhere,
^([^.]*)index\.html
There is no way to prevent the server from first trying to capture the word "index" and then having to backtrack. But if you can use [^.] instead of the form with [^/] the server will be out of there four or five characters sooner ;)