Redirecting URLs that Include Numbers

Redirecting stuff with .htaccess generally is pretty straightforward, but there can be a lot of confusion when it comes to targeting patterns that include numbers. I think this largely is due to the syntax used for matching numbers in regular expressions. It’s sort of unintuitive until you get the hang of it. So to help in that regard, this tutorial explains the basics of matching numbers with .htaccess, and then provides some useful examples that should get you there.

Basics of regex number matching

Without going into the logic and mechanics of numerical regular expressions, here is the basic idea:

[0-9]*       matches zero or more of any number       e.g., 
[0-9]+       matches one or more of any number        e.g., 123
[0-9]{8}     matches any 8 numbers                    e.g., 12345678
[0-9]{8,}    matches any 8 or more numbers            e.g., 1234567890
[0-9]{0,8}   matches any number 0-8 times             e.g., 123456
[0-9]{4,8}   matches any number 4-8 times             e.g., 1234

[5]          matches the number 5 one time            e.g., 5
[5]+         matches the number 5 one or more times   e.g., 555
[5-9]{2}     matches any numbers 5-9 two times        e.g., 56
[5-9]{0,4}   matches any numbers 5-9 four times       e.g., 5678
[5-9]{4,8}   matches any numbers 5-9 4-8 times        e.g., 56789567

To test any of these (or other) regular expressions, you can use a good regex testing tool. These examples cover just about any possible number(s) and/or numerical ranges. Equipped with this information, let’s use Apache’s mod_alias to redirect some URLs that include numbers.

Redirect numbers via mod_alias

Apache’s alias module provides two great directives for redirecting URLs: Redirect and RedirectMatch. Here are some examples that demonstrate how to redirect URLs that include numbers.

Example 1

Say we want to redirect any URL that contains 32 or more numbers. We can do this with RedirectMatch, like so:

<IfModule mod_alias.c>
	RedirectMatch 301 [0-9]{32,} /wherever/index.html
</IfModule>

Likewise, if we want to block any request that contains 64 or more alphanumeric characters:

<IfModule mod_alias.c>
	RedirectMatch 403 [a-zA-Z0-9]{64,}
</IfModule>

By replacing the regex patterns used in these examples, it’s possible to redirect just about anything to anywhere.

Example 2

Say we have the following resources that we would like to redirect:

/89859-1326045863.png
/99727-1332938600.jpg
/34811-1282709729.gif

For these resources, we want to prepend a site identifier, s123-, like so:

/s123-89859-1326045863.png
/s123-99727-1332938600.jpg
/s123-34811-1282709729.gif

To do this, we can use RedirectMatch:

<IfModule mod_alias.c>
	RedirectMatch 301 /([0-9]{5})-([0-9]{10})\.(gif|jpg|png)$ /s123-$1-$2.$3
</IfModule>

In English, this says:

1. Match any number exactly five times,
2. followed by a hyphen,
3. followed by any number matched exactly ten times,
4. followed by a literal dot,
5. followed by one the specified image types.

Then for any matching URLs, redirect the request to the following location:

/s123-89859-1326045863.png

..where 89859, 1326045863, and png are the same as in the original URL.

Redirect numbers via mod_rewrite

While redirecting with mod_alias is simple and works great, we can get more flexibility by using Apache’s mod_rewrite. Here are some examples to demonstrate how it’s done.

Example 1

In this example, we use mod_rewrite to redirect all URLs that look like these:

/temp/092846562.php
/temp/107305832.php

/cache/bc987.php
/cache/ce006c5947d4ded3c6e.php
/cache/df1a9a67a7584ce006c5947d4ded3c6.php

That is, we want to redirect any of the following:

• Any request that begins with /temp/ followed by exactly 9 numbers
• Any request that begins with /cache/ followed by 5-32 alphanumeric characters

Here is one way to achieve it:

<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_URI} /temp/([0-9]{9})\.php [NC,OR]
	RewriteCond %{REQUEST_URI} /cache/([a-z0-9]{5,32})\.php [NC]
	RewriteRule (.*) /wherever/index.html [L,R=302]
</IfModule>

A few points about this technique:

• Important: the [OR] flag is excluded on the last RewriteCond
• To change the location to which matched URLs will be redirected, edit /wherever/index.html
• As-is, a 302 “Temporary” status code will be sent along with the redirect; you can change that to any valid status code

Let’s check out one more example before wrapping up..

Example 2

This example uses mod_rewrite to match the following URLs:

/example/?key=2a208fe3c7
/example/?key=3b523hv1x4

/?hash=123
/?hash=123456789
/?hash=12345678901234567890

That is, we want to redirect any of the following:

• Any query string that includes key followed by exactly 10 alphanumeric characters
• Any query string that includes hash followed by 3-20 numbers

Here is the magic code:

<IfModule mod_rewrite.c>
	RewriteCond %{QUERY_STRING} key=([a-z0-9]{10}) [NC,OR]
	RewriteCond %{QUERY_STRING} hash=([0-9]{3,20}) [NC]
	RewriteRule (.*) - [F]
</IfModule>

A couple of points about this technique:

• Important: the [OR] flag is excluded on the last RewriteCond
• As-is, any matched requests are forbidden via 403 server response, customize as needed

Related resources

I hope this article helps with your redirecting needs. For more information on redirecting with Apache/.htaccess, check out the following resources:

• Case-Insensitive RedirectMatch
• Redirecting Hash Fragments with .htaccess
• Redirect WordPress Date Archives with .htaccess
• Redirecting Subdirectories to the Root Directory via HTAccess
• Blank Space / Whitespace Character for .htaccess
• Eight Ways to Blacklist with Apache’s mod_rewrite

As always, questions and comments welcome :)

About the Author

Jeff Starr = Web Developer. Security Specialist. WordPress Buff.