.htaccess URL rewriting for clean user profile urls

Question

I am trying to rewrite the URL of the users profile page to be more clean.

https://example.com/user/profile.php?user=username

to

https://example.com/username

I have looked around for a solution and read some documentation but I can't quite figure out how to get it right.

I have this code in my .htaccess

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ user/profile.php?username=$1 [QSA,L]

When I run this code I get an internal server error each time but I ran my code through htaccesscheck.com and it said my syntax was all good. So I'm guessing that my problem stems from my lack of knowledge on htaccess.

I should also mention I have another RewriteRule to remove the .php extension from the URL. Not sure if this would affect anything, but if it would than I can follow up with my whole .htaccess file.

EDIT:

I did check error logs and I guess I should have put that here in the beginning, my bad. It outputted this:

RewriteRule: bad flag delimiters

Full .htaccess:

Options +Indexes
Options +MultiViews
IndexOptions FancyIndexing
IndexIgnore *


RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]
RewriteRule ^(.*)$ user/profile?username=$1 [QSA,L]

Answer 1

Your parameter name in first example is user and then you set as username .

Options +Indexes
Options +MultiViews
IndexOptions FancyIndexing
IndexIgnore *

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ user/profile?user=$1 [QSA,L] # <<< see this line
RewriteRule ^([^\.]+)$ $1.php [NC,L] # <<< this should be the last line in rules

Moreover, is the mod_rewrite module enabled in your web server?

Answer 2

RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^([^\\.]+)$ $1.php [NC,L] RewriteRule ^(.*)$ user/profile?username=$1 [QSA,L]

This is very different to the code you initially posted. There are also no "bad flag delimiters" here, unless there is a character in your source code that has not been copied? If, for example, you had [QSA, L] (with a space) then that would have triggered such an error.

You've also changed the URL parameter name from user to username ?

However, this code will certainly trigger a rewrite loop, as the last RewriteRule executes unconditionally and applies to everything . The RewriteCond directive (that checks that the request maps to a file) only applies to the single RewriteRule that follows.

These directives also conflict, since the first rule will try to append .php when requesting /username . This could be avoided by checking that the file with a .php extension exists before rewriting to it. (Unless there is a more restrictive pattern you can use for the URL-path - which would be preferable - since file system checks are relatively expensive.)

You also need to disable MultiViews - you have enabled it on the second line. MultiViews and your directive to append the file extension will conflict.

Try something like the following instead:

Options -Indexes -MultiViews

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI}.php -f
RewriteRule ^([^.]+)$ $1.php [NC,L]

RewriteRule ^([^/.]+)$ user/profile.php?username=$1 [QSA,L]

Unless you have a specific requirement to display an empty directory listing when viewing a directory then just disable directory indexes altogether (as above). The user then gets a 403 and no chance of it getting indexed by search engines.

There is no need to backslash escape the literal dot inside a regex character class.

^([^/.]+)$ is a more restrictive pattern to avoid a rewrite loop. Your previous pattern matched everything and since there was no filesystem check, it would have rewritten the rewrite etc. etc.

You should rewrite to the actual file, ie. profile.php (as you did in your first example), rather rely on another directive to append the .php .