I have always understood (unless im mistaken) that Apache’s modrewrite engine requires

Options +FollowSymLinks

in order to work.

We have used modrewrite to hide the .php extension in addresses on a particular system in order to not reveal the chosen technology – PHP. We understand that one can still learn the server technology but you’d at least need to know how web servers work etc.

The problem is, the server tech’s have brought up the risk in using +FollowSymLinks which i completely understand and agree with.

https://serverfault.com/questions/195570/htaccess-security

Aaron Copley: Symlinks aren’t necessarily bad but you have to have a clear understanding of your implementation of Apache. To a non-chrooted
Apache, symlinks certainly pose a significant risk to exposing files
outside of your document root.

At the moment the system parses REQUEST_URI as such:
All rewrite rules are written to index.php

URL domain.com/request
REQUEST_URI = /request (trimmed as "request")
Using PHP switch () we check case 'request' : inlclude xyz.php;
exit;

This is a fairly common technique, but how would i implement the same result without the need for +FollowSymLinks and without having to go through every script in the system and change navigation links?