Main Menu
Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Perishable Press
Web Dev + WordPress + Security
eBook: Digging Into WordPress
Digging Into WordPress: Take your WordPress skills to the next level.
Related Posts
+ More related posts »

Case-Insensitive RedirectMatch

♦ Posted by in .htaccess
Updated 9 comments

Cool trick that you may not have known about.. it’s possible to get case-insensitive matching with the powerful RedirectMatch directive. Normally, you would just write your redirect as something like this:

RedirectMatch 301 /phpMyAdmin http://example.com/somewhere/

This works great, but it’s case-sensitive. You could just match the all-lowercase version, but there are some phrases — such as “phpMyAdmin” — that really benefit from going the case-insensitive route. Those familiar with Apache might be screaming, “just use a rewrite rule!” Something like this will certainly get you there:

<IfModule mod_rewrite.c>
 RewriteCond %{REQUEST_URI} /phpMyAdmin [NC]
 RewriteRule .* http://example.com/somewhere-else/ [R=301,L] 
</IfModule>

Notice the [NC] flag? That tells Apache to ignore casing for the pattern match. This works great, but there are situations where you would rather just keep it simple with good ‘ol RedirectMatch. When? Let me give you an example with the recent WordPress add-on for the 5G Blacklist, which originally looked like this:

# 5G WP
RedirectMatch 403 /\$\&
RedirectMatch 403 /\.(bash|git|hg|log|svn|swp|tar)
RedirectMatch 403 /(1|contact|i|index1|iprober|phpinfo|phpspy|product|signup|t|test|timthumb|tz|visit|webshell|wp-signup).php
RedirectMatch 403 /(author-panel|class|database|manage|phpMyAdmin|register|submit-articles|system|usage|webmaster)/?$
RedirectMatch 403 /(=|_mm|cgi|cvs|dbscripts|jsp|rnd|userfiles)

Simple and effective, made super lightweight and awesome mainly because of the flexible RedirectMatch directive. But notice the “phpMyAdmin” in the penultimate directive — as Andy W reminds us:

Your WP blacklist checks for “phpMyAdmin”. As I understand it RedirectMatch is case sensitive so it wouldn’t block “phpmyadmin” (all lowercase) which I recollect seeing on old logs for my site.

Pattern-matching with case-insensitivity increases the scope of your .htaccess redirect rules. For the RedirectMatch directive, here’s how to do it..

Case-Insensitive RedirectMatch

Fortunately, Apache makes it easy to declare case-insensitivity with RedirectMatch. Simply precede the pattern with “(?i)” (without the quotes). Returning to our initial example, we can get case-insensitivity like so:

RedirectMatch 301 (?i)/phpMyAdmin http://example.com/somewhere-else/

That’s all you need to match all the crazy variations for requests such as phpMyAdmin:

  • phpMYadmin
  • PHPmyAdmin
  • phpmyadmin
  • PHPMYADMIN
  • PHPMyAdmin
  • phpMyAdmin

And here is the 5G WP add-on, now with case-insensitivity:

RedirectMatch 403 /\$\&
RedirectMatch 403 (?i)/\.(bash|git|hg|log|svn|swp|tar)
RedirectMatch 403 (?i)/(1|contact|i|index1|iprober|phpinfo|phpspy|product|signup|t|test|timthumb|tz|visit|webshell|wp-signup).php
RedirectMatch 403 (?i)/(author-panel|class|database|manage|phpMyAdmin|register|submit-articles|system|usage|webmaster)/?$
RedirectMatch 403 (?i)/(=|_mm|cgi|cvs|dbscripts|jsp|rnd|userfiles)

When it comes to redirecting most requests, its all lowercase anyway. Or you can use RewriteRule to establish case-insensitivity. But for some situations, it’s good to know that you can also roll with RedirectMatch by simply adding the (?i) to the rule.

apache redirect tips tricks
About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
GA Pro: Add Google Analytics to WordPress like a pro.
← Next Post
Previous Post →

9 responses to “Case-Insensitive RedirectMatch”

  1. Isiah 2012/04/20 3:31 pm

    And presmably the ‘(?i)’ could be added as prefixes to the main 5G RedirectMatch 403 strings too?

    • Jeff Starr 2012/04/20 7:58 pm • Post Author

      Yes, in fact the 6G will include this feature where it makes sense – not all directives require it.

  2. Andy W 2012/04/21 5:29 am

    Hi Jeff,

    Another great article. I’m still (avoiding) learning about regular expressions. I didn’t know about “(?i)” so this post has proved very useful to me.

    P.S. Thanks for the mention!

  3. Bharat Mandava 2012/04/29 11:27 am

    Thanks for this great article, learning some stuff not related to my niche.

  4. Andreas Kohl 2012/06/19 7:20 am

    Hi,

    Could you tell me what’s the code if have more sites on same server?

    Example:

    http://www.site1.com/phpmyAdmin
    http://www.site2.com/phpMyAdmin
    http://www.site3.com/phpmyadmin

    And I wish to put the command
    RedirectMatch 301 (?i)/phpMyAdmin http://www.site1.com/
    RedirectMatch 301 (?i)/phpMyAdmin http://www.site2.com/
    RedirectMatch 301 (?i)/phpMyAdmin http://www.site3.com/

    I’ve tried to put it on httpd.conf but than all redirects goes to http://www.site1.com/.

    Thank you.

    PS: If I put in the .htaccess it doesn’t work, ’cause the “phpmyadmin” is loaded from other directory (is not on the site directory).

  5. Michel 2012/10/16 11:37 am

    Thanks for this. I noticed some interesting behavior .. if you try this:

    RedirectMatch (?i)/community http://www.example.com

    It will work .. but it will ALSO redirect patterns with a hyphen for example:

    http://www.site.com/community-ties

    :(

    • Jeff Starr 2012/10/16 12:16 pm • Post Author

      Correct, that is because the pattern you have set up is non-terminating, so it will match any request that begins with /community. To match only /community, try this:

      RedirectMatch (?i)/community/?$ http://www.example.com

      That will match either /community or /community/ in case-insensitive fashion and won’t match anything else :)

  6. Carsten 2013/06/05 8:11 am

    Thanks. Just what I needed. Now it works.

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Blackhole Pro: Trap bad bots in a virtual black hole.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
+ More thoughts »
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.
Topics
Perishable Press Newsletter
Get news, updates, deals & tips via email.
Your email will remain private. Easy unsubscribe anytime.
Find me on the social medias
Around the site
WordPress help
Favorite projects
© 2004–2024 Perishable Press • Yes Theme by Monzilla Media • Built w/ shapeSpaceSitemapPolicyRSSJohn 3:16