|
.htaccess (Hypertext Access) is the default name of Apache's directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions. To meet Wikipedias quality standards, this article or section may require cleanup. ...
Apache HTTP Server is a free software/open source web server for Unix-like systems, Microsoft Windows, Novell NetWare and other operating systems. ...
In computing, a directory, catalog, or folder, is an entity in a file system which can contain a group of files and/or other directories. ...
In computing, configuration files, or config files, are used to configure the initial settings for some computer programs. ...
This is a disambiguation page — a navigational aid which lists other pages that might otherwise share the same title. ...
Look up Context in Wiktionary, the free dictionary. ...
Most modern file systems have methods of administering permissions or access rights to specific users and groups of users. ...
Statements such as the following can be used to configure a server to send out customized documents in response to client errors such as "404: Not Found" or server errors such as "503: Service Unavailable" (see List of HTTP status codes): The following is a list of HTTP response status codes and standard associated phrases, intended to give a short textual description of the status. ...
ErrorDocument 404 /error-pages/not-found.html ErrorDocument 503 /error-pages/service-unavailable.html When setting up custom error pages, it is important to remember that these pages may be accessed from various different URLs, so the links in these error documents (including those to images, stylesheets and other documents) must be specified using URLs that are either absolute (e.g., starting with "http://") or relative to the document root (starting with "/"). Also, the error page for "403: Forbidden" errors must be placed in a directory that is accessible to users who are denied access to other parts of the site. This is typically done by making the directory containing the error pages accessible to everyone by creating another .htaccess file in the /error-pages directory containing these lines: A Uniform Resource Locator, URL (spelled out as an acronym, not pronounced as earl), or Web address, is a standardized address name layout for resources (such as documents or images) on the Internet (or elsewhere). ...
Order allow,deny Allow from all
Password protection Make the user enter a name and password before viewing a directory. AuthUserFile /home/newuser/www/stash/.htpasswd AuthGroupFile /dev/null AuthName "Protected Directory" AuthType Basic <Limit GET POST> require user newuser </Limit> The same behavior can be applied to specific files inside a directory. <Files protected_file.php> AuthUserFile /home/newuser/www/stash/.htpasswd AuthName "Protected File" AuthType Basic Require valid-user </Files> Now run this command to create a new password for the user 'newuser'. htpasswd /home/newuser/www/stash/.htpasswd newuser
Password unprotection Unprotect a directory inside an otherwise protected structure: Satisfy any
Extra secure method to force a domain to only use SSL and fix double login problem If you really want to be sure that your server is only serving documents over an encrypted SSL channel (you wouldn't want visitors to submit a htaccess password prompt on an unencrypted connection) then you need to use the SSLRequireSSL directive with the +StrictRequire Option turned on. SSLOptions +StrictRequire SSLRequireSSL SSLRequire %{HTTP_HOST} eq "site.com" #or www.site.com ErrorDocument 403 https://site.com An interesting thing when using the mod_ssl instead of mod_rewrite to force SSL is that apache give mod_ssl priority ABOVE mod_rewrite so it will always require SSL. (may be able to get around first method using http://example.com:443 or https://example.com:80) - An in-depth article about what this is doing can be found in the SSL Forum
Enable SSI AddType text/html .shtml AddHandler server-parsed .shtml Options Indexes FollowSymLinks Includes Server Side Includes or SSI is an easy server-side scripting language used almost exclusively for the web. ...
Order allow,deny Deny from 123.45.67.8 Deny from 203 Allow from all - This would ban anyone with an IP address of 123.45.67.8 and would also ban anyone with an IP address starting in 123.123.7: for example, 123.123.74.42 would not gain access.
An IP address (Internet Protocol address) is a unique address that devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address. ...
Change the default directory page DirectoryIndex homepage.html - Here, anyone visiting http://www.example.org/ would see the homepage.html page, rather than the default index.html.
Redirects Redirect page1.html page2.html - If someone were to visit http://www.example.org/page1.html, he would be sent (with an HTTP status code of 302) to http://www.example.org/page2.html
HTTP (for HyperText Transfer Protocol) is the primary method used to convey information on the World Wide Web. ...
The following .htaccess rules use mod rewrite. Bandwidth theft is a label that some apply to the use of bandwidth in potentially unintended ways. ...
A rewrite engine is a piece of web server software used to modify URLs, for a variety of purposes. ...
From specific domains RewriteEngine on RewriteCond %{HTTP_REFERER} ^http://([^/]+.)?baddomain1.com [NC,OR] RewriteCond %{HTTP_REFERER} ^http://([^/]+.)?baddomain2.com [NC,OR] RewriteCond %{HTTP_REFERER} ^http://([^/]+.)?baddomain3.com [NC] RewriteRule .(gif|jpg)$ http://www.example.org/hotlink.gif [R,L]
Except from specific domains RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?example.org/.*$ [NC] RewriteRule .(gif|jpg)$ http://www.example.org/hotlink.gif [R,L] - Unless the image is displayed on example.org, browers would see the image hotlink.gif.
Note: Hotlink protection using .htaccess relies on the client sending the correct "Referer" value in the http GET request. Programs such as Windows Media Player send a blank referrer, so that attempts to use .htaccess to protect movie files for example are ineffective.
Standardise web address to require www with SEO-friendly 301 Redirect If an address without the "www." prefix is entered, this will redirect to the page with the "www." prefix. Options +FollowSymLinks RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} !^$ #check that HTTP_HOST field is present RewriteCond %{HTTP_HOST} !^www.sitename.com$ [NC] #case-insensitive RewriteRule ^(.*)$ http://www.sitename.com/$1 [R=301,L] #301 Redirect, very efficient
Directory rules
A .htaccess file controls the directory it is in, plus all subdirectories. However, by placing additional .htaccess files in the subdirectories, this can be overruled.
User permissions The user permissions for .htaccess are controlled on server level with the AllowOverride directive which is documented in the Apache Server Documentation.
Other uses Some web developers have modified .htaccess to perform custom tasks server-side before serving content to the browser. Developer Shaun Inman shows it is possible to edit .htaccess to allow for Server Side Constants within CSS. In computing, Cascading Style Sheets (CSS) is a stylesheet language used to describe the presentation of a document written in a markup language. ...
See also A rewrite engine is a piece of web server software used to modify URLs, for a variety of purposes. ...
Sun Javaâ„¢ System Web Server (formerly Sun ONE Web Server, before that iPlanet Web Server, and before that Netscape Enterprise Server) is a web server designed for medium and large business applications. ...
Apache HTTP Server is a free software/open source web server for Unix-like systems, Microsoft Windows, Novell NetWare and other operating systems. ...
In computing, configuration files, or config files, are used to configure the initial settings for some computer programs. ...
External links | 
Feeds |
Contact