Friendly URL Solutions

Apache mod_rewrite .htaccess Solutions for Evo

Evo supports Friendly URLs via this .htaccess file. You must serve web pages via Apache with mod_rewrite to use this functionality, and you must change the file name from ht.access to .htaccess. Additional tweaks and environment specific additions follow the default template below:

Options +FollowSymlinks
RewriteEngine On
RewriteBase /
# Fix Apache internal dummy connections from breaking [(site_url)] cache
RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC]
RewriteRule .* - [F,L]
# Rewrite -> -- used with SEO Strict URLs plugin
#RewriteCond %{HTTP_HOST} .
#RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
#RewriteRule (.*)$1 [R=301,L]
# Exclude /assets and /manager directories from rewrite rules
RewriteRule ^(manager|assets) - [L]
# For Friendly URLs
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
# Reduce server overhead by enabling output compression if supported.
#php_flag zlib.output_compression On
#php_value zlib.output_compression_level 5
If Windows IIS serves your pages, you're not left out of the Friendly URLs party, but optimal solutions do require a commercial IIS add on.

Common Edits to the Default .htacces File

Make sure RewriteBase points to the directory where you installed Evo. E.g., "/Evo" if your installation is in a "Evo" subdirectory:

RewriteBase /Evo

Note in the last block of directives the gzip compression was left commented out since this can potentially cause issues in some environemnts. For a faster webserver experience, ucomment the last two lines as follows:

# Reduce server overhead by enabling output compression if supported.
php_flag zlib.output_compression On
php_value zlib.output_compression_level 5

You may also want to make your URLs non-case-sensitive by adding a NC directive to the directive in the "For Friendly URLs" part:

RewriteRule ^(.*)$ index.php?q=$1 [L,QSA,NC]

If you prefer your website to always add the "www." part to always show "" URLs, then the section below should be changed as follows:

RewriteCond %{HTTP_HOST} .
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule (.*)$1 [R=301,L]

If you're working off of virtual domains and have a preview for development or while waiting for DNS updates to occur such as accessing your site through "", the rewrite rule should be written as follows. Don't forget to change it back when you go live.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /~myacct/index.php?q=$1 [L,QSA]

Admin Protection

If you would like to limit the admin interface to being accessed by only a specific IP address, but need access to some things on the public site like the captcha, use the following. Make sure this goes inside the admins interface directory:

# Allow admin access to specific IPs only
Options +FollowSymlinks
RewriteEngine On
# Deny by IP. The IP address(es) listed will get through.
RewriteCond %{REMOTE_ADDR} !^(192\.168\.0\.128)$
RewriteCond %{REQUEST_FILENAME} !/includes/veriword\.php$
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
The first line ("Options +FollowSymlinks") may need to be commented out in some situations where a similar line is present in the site install root to prevent server errors.

Session Handling

If you are deployed in an environment that has problems with aggressive garbage collection, as evidenced by unexpected and frequent logouts from the admin interface, then you can adjust the location of the sessions to remove them from the default and shared global tmp/session location:

If you add this to your .htaccess file, make sure to also add it to the .htaccess file located in the admin interface directory.
php_value session.save_path /path/to/your/web/content/sessions/
php_value session.gc_maxlifetime 28800

CSS or JS files as Evo documents

By default, Evo's htaccess template file excludes the /assets and admin interface directories from rewrite rules. If you are using a Evo document as a CSS file, you'll need to adjust the one line to allow rewrites in the /assets directory if that's where you store your CSS file.

RewriteRule ^(manager|assets) - [L]

Would become

RewriteRule ^manager - [L]
If you still wish to maintain some subdirectories in the exclusions, you could disable /assets/images and /assets/snippets for example with the following rule:
RewriteRule ^(manager|assets/images|assets/snippets) - [L]


Some servers do not have their timezone settings set, which can cause issues. You can try the following setting with full details of timezone definitions available in the full List of Supported Timezones

php_value date.timezone Europe/Moscow


SetEnv TZ America/Chicago

Default Character Sets

Really, you should fix your code and database to handle character sets properly. But, if you insist, please read the AddDefaultCharset Directive and you might consider using:

AddDefaultCharset utf-8

Register Globals

If your server has register_globals enabled (and it's not possible to disable), run as fast as possible to a new webhost. Seriously.

As of Evo v.1.2.1 your server must have register_globals deactivated, otherwise Evo will not work.

Your site is almost 99.99999% absolutely destined to be hacked at some point by script kiddies with register_globals on, ESPECIALLY in shared hosting environemnts. This is an inherrent security risk, equivalent to letting a baby play with a loaded gun and hoping they don't pull the trigger. If you're paying under $15/month, you're on a shared host. For more information about Using register_globals

To verify that this option has been set to OFF, open the Admin Interface and choose Reports -> System Info and then click the phpinfo() link. Do a Find on Page for "register_globals". The Local Value should be OFF. If the Master Value is OFF then you do not need this directive here.


Your server does not allow PHP directives to be set via .htaccess. In that case you must make this change in your php.ini file instead. If you are using a commercial web host, contact the administrators for assistance in doing this. Not all servers allow local php.ini files, and they should include all PHP configurations (not just this one), or you will effectively reset everything to PHP defaults. Consult for more detailed information about setting PHP directives.

# Turn off register_globals because I have a lazy webhost that doesn't care about security
php_flag register_globals Off

Solving Internet Explorer Woes

If htc files are being used on your site, some servers may serve this with the incorrect mime type. The following can be added to resolve this. The following is critical for MS Windows XP SP2 surfers:

# Fix .htc mime type for Internet Explorer
AddType text/x-component .htc

The following directives stop screen flicker in IE on CSS rollovers. When they're in place, you may have to do a force-refresh in order to see changes in your designs.

# Fix screen flicker for images in Internet Explorer
ExpiresActive On
ExpiresByType image/gif A2592000
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
BrowserMatch "MSIE" brokenvary=1
BrowserMatch "Mozilla/4.[0-9]{2}" brokenvary=1
BrowserMatch "Opera" !brokenvary
SetEnvIf brokenvary 1 force-no-vary
.htaccess directives provide directory-level configuration overrides when you cannot access the main Apache httpd.conf file. The main configuration file should be used for server directives whenever possible because .htaccess rules result in increased page processing times.

Suggest an edit to this page.