Red Leaf Media

The Apache HTTP Server is software that powers a large percentage of the world's websites.  Apache is essentially the brain that a web server uses to handle http requests that are made of it (e.g. most activity that takes place in web browser windows).  I am by no means an Apache expert, but from what I can tell it is relatively flexible and powerful at what it does.  Much of its power comes from its ability to arbitrarily configure how the server responds to various requests with Apache configuration files.  A common type of configuration file is the .htaccess file. Any configuration that takes place in a .htaccess file will take effect in that directory and all sub-directories.

Drupal 7, as with previous versions, has a .htaccess file at its root.  At the beginning of the file, there is a section that protects files "from prying eyes" using:

This uses a regular expression to match various directory and file names within the Drupal directories.  The "Order allow, deny" part is beyong my understanding, but this page seems like it might provide helpful discussion.  Basically, Apache will deny access to important Drupal files that people should not be looking at.  The next directive tells Apache to deny access when a url matches a directory path:

For example, http://redleafmedia.com/sites will not display the contents of the sites directory to the user.  The next line of interest is:

This tells Apache to let Drupal's index.php file handle 404 errors.  Next up is:

DirectoryIndex index.php index.html index.htm

This tells Apache to first look for the index.php file for handling requests, which is what we want with Drupal.  Next up, Apache sets some PHP configuration values that can not be altered at run time:

These settings seem to focus on things like encoding and sessions, but I have not studied them in detail.  The next section deals with the mod_expires Apache module:

Essentially, caching is enabled and set to last for two weeks.  Then caching of php files is specifically disallowed.  The next section deals with the mod_rewrite Apache module, which allows urls to be "re-written":

First, rewriting is enabled.  Then any directory whose name starts with a period is blocked.  Then any url that is not specifically a file name or directory name is passed on to index.php, allowing Drupal to handle arbitrary URLs.  Within the mod_rewrite section, there is a section devoted to the mod_headers Apache module.  It deals with proper handling of gzipped CSS and Javascript files, which is beyond the scope of my understanding at this point.

That wraps up the root Drupal 7 .htaccess file.  It has both some basic and advanced settings within its code, and is quite fundamental to a properly functioning Drupal site.