WordPress url rewrite hack plugin

There is a simple way to push your rewrite rules to wordpress using a simple filter. To do this you need use rewrite_rules_array filter. Before starting with that let me explain the basic rewrite structure of wordpress 2.0 and above.

# BEGIN WordPress
< IfModule mod_rewrite.c >
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
< /IfModule >
# END WordPress

The rules above are the default rules in wordpress when you enable permalink option. The rules checks if the incoming request URI is a physical files or a physical directory. If both the conditions are false it directs the control to index.php. So that ends there. If you type any random url on permalink enabled wordpress blog you will get a 404 error page. This is because wordpress tries to decode the incoming url with series of rules and detects if the request is of some pattern. And if there is a pattern match it loads the needed stuff else it load a 404 page.

Basically the default pattern is generated based on what you set on permalink option page. And it has standard pattern rules for loading page, rss, author, category etc etc… The next thing you need to do it is to insert your pattern into wordpress rules array. This is achieved with the help of rewrite_rules_array filter. I will show how you can load your rewrite rules into wordpress.

function insertMyRewriteRules($rules){
$newrules = array();
return $newrules+$rules;

Using the above function I have added a pattern /redirect/url/(anything) to rewrite rules. If request URI has this pattern then it will pass two variables namely is_page_redirect and redirect_url to index.php. Variable redirect_url will hold the pattern match of string followed after /redirect/url/ in the request uri.
Example if I requested a url imthi.com/redirect/url/http://www.example.com/ redirect_url will hold ‘http://www.example.com’. Now pattern is matched and parsed into index.php as query variables. Now the next is to tell url query parser to use these variables. To do so you have apply a filter query_vars.

function insertMyRewriteQueryVars($vars){
array_push($vars, ‘is_page_redirect’, ‘redirect_url’);
return $vars;

The above function will add the two variables into the query vars and by which you instruct wordpress not to loose if these variables found in the request query. Okay that is done and the variables are retained. Next step is tell the query parser to use this. That is done with the help of action parse_query.

function insertMyRewriteParseQuery($query){

The above fuction will check if there is variable is named is_page_redirect in query vars. If present it redirects to location present in variable redirect_url. :-D.. Lets wrap this up and make it a plugin which will apply redirect to comment author website urls.

Download comment url redirect plugin. Dont be surprised it is really simple.. 😉

By Imthiaz

Programmer, SAAS, CMS & CRM framework designer, Love Linux & Apple products, Currently addicted to mobile development & working @bluebeetle


  1. Hi Imthiaz

    Tried to activate this plugin and got the following error

    Fatal error: Call to a member function on a non-object in /home/fr15cool/public_html/wp-content/plugins/url-redirect-plugin.php on line 14

    Tried it on another blog and had the same message.

    Any ideas?

  2. Fantastic! Thank you for a luvly tutorial (found it googling “rewrite_rules_array”). Finally somebody could explain this to me in a simple way.

  3. Great example! But please be aware that this is not totally safe.

    First of all, any external call to /redirect/url/blah will work, not only from your site, also from email. This makes your site interesting as a relay for spammers.

    Second: i’m not sure about this one, as I couldn’t reproduce it on your site… but if it’s possible to send enters or LFs (%0D / %0A), it’d be possible to XSS/HRS “hack” your site as well. For example: http://imthi.com/redirect/url/%3Cscript%3Ealert%28%27this%20could%20be%20xss%27%29%3B%

    Third: while testing I found that trying http://imthi.com/redirect/url/a makes it a great way to send the browser into a loop, and the webserver is DoS’ed

  4. Thanks for this! You should join the WP documentation team, a very good explanation for something I was struggling with for hours! Cheers!

  5. Hi,

    How and where do you install/place this plugin? I put it into my /plugins dir but it does not show up in my plugin list so can not activate it??

    I use WP 2.5.1. Anybody please.

  6. Hi, i have placed this plugin and active from admin panel, but now i have question that from where i have to change my page name,
    i have cms based application with wordpress in this i have five pages, Home,Contact,about,porfolio,career.
    now when i run this page from example about page is shows me this is “http://localhost/wordpress/?page_id=183” now insted on this link i want “http://localhost/wordpress/ABOUT” so for this functionality this plugin will work or not and if it will work then inform me how?


  7. hi,
    does this work with 2.9?

    Also is there a hack to rewrite the default /search/ folder to /what-ever/



Comments are closed.