Apache Tips & Tricks

Allow URLs to be case-insensitive.
If you've made the switch to Apache from Internet Information Server (IIS), one of the first things you'll notice is that Apache matches URLs with case sensitivity.  This can be a problem for websites that were built for IIS, but were migrated to apache.  A simple solution is to enable mod_speling using the --enable-speling directive when configuring Apache.

Then be sure to include the following directive in your Apache configuration file:

CheckSpelling On
What mod_speling actually does is it attempts to locate files that were spelled improperly, and in doing so, checks for upper- and lower-case equivalents of files.



Automatically redirecting to https / SSL.

Many times, out of habit, users will forget to include the https:// in front of a URL when accessing a secure site.  You can force them to redirect using the RewriteCond and RewriteRule directives.

First, use RewriteCond to make sure the user actually did forget to include https, and is still connecting through unencrypted port 80:

RewriteCond "%{SERVER_PORT}"      "^80$"
Then, if the condition is true, the RewriteRule below will force the request to use SSL:
RewriteRule "^(/ecommerce/.*)"      "https://%{HTTP_HOST}$1" [R, L]



Deny other servers from accessing your files

If you have some popular files or images on your site, other webmasters may link directly to them, in an attempt to save bandwidth on their own sites.  Fortunately, you can prevent this occurrence by following the example below, which restricts access to all GIF or JPG files from requests that come from any domain other than your own:

<FilesMatch "\.(gif|jpe?g)$">
    SetEnvIf Referer "^http://([^/]*\.)?mydomain.com/" request_ok = 1
    Order Allow, Deny
    Allow from env=request_ok
</FilesMatch>

You can place this group inside you Apache config file, a virtual host group, a directory group, or even an .htaccess file.