Apache’s mod_rewrite document, calls this module as “Swiss Army Knife of URL manipulation!”
mod_rewrite is an Apache module that allows for server-side manipulation of requested URLs. Incoming URLs are checked against a series of rules. The rules contain a regular expression to detect a particular pattern. If the pattern is found in the URL, and the proper conditions are met, the pattern is replaced with a provided substitution string or action. This process continues until there are no more rules left or the process is explicitly told to stop.
Fig: mod_rewrite control flow.
mod_rewrite can be used to transform long and complex urls into user friendly or short urls.
For eg. http://myrurl.php/customer.php?name=shan&id=4562&aadr=561
Above url can be converted to a more user friendly one as,
Consider the above example a potential hacker can try out different urls to hack into the system by giving different parameters and values passed to customer.php, using mod_rewrite we can prevent such threats.
mod_rewrite can be enabled by uncommenting the line,
LoadModule rewrite_module modules/mod\_rewrite.so
in apache configuration file httpd.conf.