htaccess Elite

.htaccess tutorial


Board index » .htaccess file Help » Main

All times are UTC [ DST ]




Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 
  Print view |  
Author Message
produke
 Post subject: Ultimate htaccess examples
PostPosted: 19 Nov 2006 08:02 
Offline
User avatar

Joined: 25 Sep 2006 04:48
Posts: 242
Heres my list of the ultimate htaccess code snippets and examples that I use all the time. I tried to keep them extremely minimalistic.

Each code snippet has been copied from htaccesselite. Additional and detailed info on each htaccess code snippet can be found at htaccessElite

Most of these snippets can be used with a Files or Filesmatch directive to only apply to certain files.





Make any file be a certain filetype (regardless of name or extension)
Code:
#Makes image.gif, blah.html, index.cgi all act as php
ForceType application/x-httpd-php






Authentication Magic

Require password for 1 file:
Code:
<Files login.php>
AuthName "Prompt"
AuthType Basic
AuthUserFile /home/askapache.com/.htpasswd
Require valid-user
</Files>


Protect multiple files:
Code:
<FilesMatch "^(exec|env|doit|phpinfo|w)*$">
AuthName "Development"
AuthUserFile /.htpasswd
AuthType basic
Require valid-user
</FilesMatch>


Example uses of the Allow Directive:
Code:
# A (partial) domain-name
Allow from 10.1.0.0/255.255.0.0

# Full IP address
Allow from 10.1.2.3

# More than 1 full IP address
Allow from 192.168.1.104 192.168.1.205

# Partial IP addresses
# first 1 to 3 bytes of IP, for subnet restriction.
Allow from 10.1
Allow from 10 172.20 192.168.2

# network/netmask pair
Allow from 10.1.0.0/255.255.0.0

# network/nnn CIDR specification
Allow from 10.1.0.0/16

# IPv6 addresses and subnets
Allow from 2001:db8::a00:20ff:fea7:ccea
Allow from 2001:db8::a00:20ff:fea7:ccea/10


Using visitor dependent environment variables:
Code:
SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
Order Deny,Allow
Deny from all
Allow from env=let_me_in



Allow from apache.org but deny from foo.apache.org
Code:
Order Allow,Deny
Allow from apache.org
Deny from foo.apache.org


Allow from IP address with no password prompt, and also allow from non-Ip address with password prompt:
Code:
AuthUserFile /home/www/site1-passwd
AuthType Basic
AuthName MySite
Require valid-user
Allow from 172.17.10
Satisfy Any


block access to files during certain hours of the day
Code:
# If the hour is 16 (4 PM) Then deny all access
RewriteCond %{TIME_HOUR} ^16$   
RewriteRule ^.*$ - [F,L]






Redirect non-https requests to https server fixing double-login problem and ensuring that htpasswd authorization can only be entered using HTTPS
Code:
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com






SEO Friendly redirects for bad/old links and moved links
For single moved file
Code:
Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html


For multiple files like a blog/this.php?gh
Code:
RedirectMatch 301 /blog(.*) http://www.askapache.com/$1


different domain name
Code:
Redirect 301 / http://www.newdomain.com






Require the www
Code:
RewriteCond %{HTTP_HOST} !^www\.example\.com$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]






Redirect everyone to different site except 1 IP address (useful for web-development)
Code:
ErrorDocument 403 http://www.someothersite.com
Order deny,allow
Deny from all
Allow from 24.33.65.6






CHMOD your files
chmod .htpasswd files 640
chmod .htaccess files 644
chmod php files 600
chmod files that you really don't want people to see as 400
NEVER chmod 777, if something requires write access use 766





Variable (mod_env) Magic
Set the Timezone of the server:
Code:
SetEnv TZ America/Indianapolis


Set the Server Administrator Email:
SetEnv SERVER_ADMIN webmaster@htaccesselite.com





Turn off the ServerSignature
Code:
ServerSignature Off






Add a "en" language tag and "text/html; UTF-8" headers without meta tags
Code:
AddDefaultCharset UTF-8
# Or AddType 'text/html; charset=UTF-8' html
DefaultLanguage en-US






Use a custom php.ini

Detailed instructions for doing this whether you are using php as a cgi or the apache module mod_php





Securing directories: Remove the ability to execute scripts

Heres a couple different ways I do it
Code:
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI


This is cool, you are basically categorizing all those files that end in those extensions so that they fall under the jurisdiction of the -ExecCGI command, which also means -FollowSymLinks (and the opposite is also true, +ExecCGI also turns on +FollowSymLinks)





Only allow GET and PUT request methods to your server.

Code:
Options -ExecCGI -Indexes -All
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD) RewriteRule .* - [F]






Processing All gif files to be processed through a cgi script
Code:
Action image/gif /cgi-bin/filter.cgi






Process request/file depending on the request method
Code:
Script PUT /cgi-bin/upload.cgi






Force Files to download, not be displayed in browser

Code:
AddType application/octet-stream .avi
AddType application/octet-stream .mpg

Then in your HTML you could just link directly to the file..
Code:
<a href="/movies/mov1.avi">Download Movie1</a>

And then you will get a pop-up box asking whether you want to save the file or open it.





Show the source of dynamic files

If you'd rather have .pl, .py, or .cgi files displayed in the browser as source rather than be executed as scripts, simply create a .htaccess file in the relevant directory with the following:

Code:
RemoveHandler cgi-script .pl .py .cgi






Dramatically Speed up your site by implementing Caching!

Code:
# MONTH
<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|swf)$">
Header set Cache-Control "max-age=2592000"
</FilesMatch>

# WEEK
<FilesMatch "\.(js|css|pdf|txt)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>

# DAY
<FilesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=43200"
</FilesMatch>






Prevent Files image/file hotlinking and bandwidth stealing

Code:
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?askapache.com/.*$ [NC]
RewriteRule \.(gif|jpg|swf|flv|png)$ http://www.askapache.com/legal.gif [R=302,L]






ErrorDocuments

Code:
ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com

Code:
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php


Note: You can also do an external link, but don't do an external link to your site or you will cause a loop that will hurt your SEO.
Top
 Profile  
 
produke
 Post subject:
PostPosted: 14 Mar 2007 07:09 
Offline
User avatar

Joined: 25 Sep 2006 04:48
Posts: 242
  1. Page 1: For Webmasters
  2. Page 2: Custom HTTP Headers
  3. Page 3: PHP htaccess tips
  4. Page 4: SEO Search Engine Friendly Redirects without mod_rewrite
  5. Page 5: mod_rewrite tips and tricks
  6. Page 6: Speed up your site with Caching and cache-control
  7. Page 7: Apache Authentication in htaccess
  8. Page 8: Security with Apache htaccess
  9. Page 9: SSL example usage in htaccess
  10. Page 10: Apache Variable fun (mod_env)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 

Board index » .htaccess file Help » Main

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 5 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB