In this post i am going to give examples of commonly used examples of .htaccess basics.
1) HTTP Authentication for Password protected directories
AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins
2) Change default directory page ( index page ) using htaccess
This directory indexing is useful when ever you wish to change the order of parsing file. example if you want to change the default parsing orders to index.php not index.html,, you can keep the following code in your .htaccess file.
DirectoryIndex index.php index.html index.shtml index.txt
If tou browser your site http://www.yourdomain.com/, then it will search for index.php, if index.php not exists then it will searches for index.html.
Note: If no files(index.php index.html index.shtml index.txt) are existed then it will display the directory and its contents. In order to prevent this we can write a code as below.
DirectoryIndex index.html index.txt /cgi-bin/index.pl
Would cause the CGI script /cgi-bin/index.pl to be executed if neither index.html or index.txt existed in a directory.
3) Allow/Deny Directory Browsing
When directory browsing is on, people accessing a URL from your site with no index page or no pages at all, will see a list of files and folders. To prevent such directory access, just place the following line in your .htaccess file.
IndexIgnore */*
OR
Options -Indexes
Many hosting companies, by default deny directory browsing and having said that, just in case you need to enable directory browsing, place the following line in your .htaccess file.
Options +Indexes
4) Redirect visitors from one page or directory to another
It’s quite simple. Look at the example lines below and place similar lines in your .htaccess file of the root folder and it will do the rest. [Remember to use permanent keyword in the line to tell the search engines that the old link has moved to the new link]. You can also setup multiple redirects using htaccess.
Syntax: Redirect permanent [old directory/file name][space][new directory/file name]
Redirect permanent /olddirectory /newdirectory
Redirect permanent /olddirectory /somedirectory/newdirectory
Redirect permanent /oldhtmlfile.htm /newhtmlfile.htm
Redirect permanent /oldhtmlfile.htm http://your-domain.com/newhtmlfile.htm
All the above lines are valid. Just remember to replace the file/directory names with actual ones.
301 Redirection
This example will redirects you from non-www to www
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.mydomain\.com$
RewriteRule (.*) http://www.mydomain/$1 [R=301,L]
5) Change the default index page of a directory or site
Almost every hosting company will have index.htm, index.html, index.php, index.asp, default.asp, default.html as the default index page names in their web server settings. So, in case your site or directory does not has a file name which matches a name from the list above, chances are that your visitors will either see a list of all the files and folders [through directory browsing] or will not see anything at all. To change the default index page’s name for a directory or the site, place the following line in the .htaccess file of the root folder or the particular directory for which you want to change the index page’s name.
DirectoryIndex homepage.htm
DirectoryIndex somepage.htm
To have more names, put a space between file names and it will take into considerations all those file names as possible index page names. Which means, if it finds a filename matching a list of names you supplied [in the given order] in .htaccess, then it will open that page as the index page for the directory. The below line, with multiple names, is also a valid usage:
DirectoryIndex homapage.html somepage.html myindexpage.html anything.html
6) Preventing hot linking of images from your website
If your website contains images which people from other websites are linking to and you get charged for the extra bandwidth, then placing the following lines will prevent any such image hot linking. Most of the hosting companies provide this feature in their control panel itself, such as CPanel. This trick requires mod_rewrite engine to be on in Apache on your web server.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?your-domain.com/.*$ [NC]
RewriteRule .(gif|jpg)$ – [F]
In the above code, replace [your-domain] with your actual domain name [without www], and instead of (www.\), use your actual subdomain name (sub-domain.\)
7) Prevent access to your .htaccess file (.htaccess security)
To prevent visitors from viewing your .htaccess file, place the following lines in your file. Of course, by default most Apache installations will not show .htaccess file but just in case.
<files .htaccess>
order allow,deny
deny from all
</Files>
8) Custom Error Pages
The .htaccess file will cover custom error pages. These will allow you to have your own, personal error pages (for example when a file is not found) instead of using your host's error pages or having no page. This will make your site seem much more professional in the unlikely event of an error. It will also allow you to create scripts to notify you if there is an error (for example I use a PHP script on Free Webmaster Help to automatically e-mail me when a page is not found).
You can use custom error pages for any error as long as you know its number (like 404 for page not found) by adding the following to your .htaccess file:
ErrorDocument errornumber /file.html
For example if I had the file notfound.html in the root direct
ory of my site and I wanted to use it for a 404 error I would use:
ErrorDocument 404 /notfound.html
If the file is not in the root directory of your site, you just need to put the path to it:
ErrorDocument 500 /errorpages/500.html
These are some of the most common errors:
401 - Authorization Required
400 - Bad request
403 - Forbidden
500 - Internal Server Error
404 - Wrong page
Then, all you need to do is to create a file to display when the error happens and upload it and the .htaccess file.
9) Deny/Allow Certian IP Addresses
In some situations, you may want to only allow people with specific IP addresses to access your site (for example, only allowing people using a particular ISP to get into a certian directory) or you may want to ban certian IP addresses (for example, keeping disruptive memembers out of your message boards). Of course, this will only work if you know the IP addresses you want to ban and, as most people on the internet now have a dynamic IP address, so this is not always the best way to limit usage.
You can block an IP address by using:
deny from 000.000.000.000
where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will block a whole range.
You can allow an IP address by using:
allow from 000.000.000.000
where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will allow a whole range.
If you want to deny everyone from accessing a directory, you can use:
deny from all
but this will still allow scripts to use the files in the directory.
------ Contineous............
No comments:
Post a Comment