tags:

views:

41

answers:

2
Q: 

Is there a major downside to using .htaccess files in your svn/git repository?

If our .htaccess files are purely for mod rewrites, is there a security / development downside to committing .htaccess files alongside other files in your repository?

For various reasons (our SEO optimisers like to add pretty urls as new promotions occur, etc) we need a fair few rewrite rules inside these files. Would I be better off pushing the routing into php-land and dealing with it there? Or is reading from a .htaccess via apache fine?

The .htaccess files are not exposed via the web server, so that's not a security risk.

A: 

As I recall, once you use one .htaccess file, you already have agreed to pay the price, that price being apache will look all over the place, every request, for .htaccess files. That's a performance issue though.

I think your ideal solution is to not use .htaccess files at all, but set those rules in httpd.conf. PHP is not better at redirection than apache, so no help there. That's the performance answer. Develop however feels best, and then for production move the rules into the server core.

As for version control, if it is a file full of text, that is needed for the code, then yes, I would put it into version control. I'd do that right now in fact. If many people are adding in their own redirect rules in .htaccess files all over the place, you'll want to be able to:

  1. Roll back the changes.
  2. Point the finger! ;)
chiggsy  2010-05-16 15:33:07
It's *slightly* more complex than that - we have a CMS which writes rewrite rules into .htaccess files - this is so that the SEO guys can add pretty urls. Could be bad business process but it's how it's currently done... so that may rule out httpd.confThe routing via php is how most frameworks do it now, ie. pass through a generic catch-all rewrite that then determines the correct route based on php rules. (ie. codeigniters 'routes.php')
Rob  2010-05-17 02:12:11
A: 

.htaccess mod_rewrite is waaaaaay faster than routing things on the php side, i would stick with mod_rewrite for url manipulation

David Morrow  2010-05-19 02:15:03
more and more frameworks are shifting into a scripting environment routing engine, you can't do MVC that well without it, which is the direction I am trying to push the project into. I agree that vanilla PHP would be slower but it's likely that memcache style caching could parallel or even be faster than apache's continual file access for every request (disk caching might nullify that though). Given that the cms is taking client-entered (unsafe) content and writing it out to config files... exceptions occur in the apache land not php land, which may not be as recoverable and isn't as flexible.
Rob  2010-05-19 10:01:00

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases