Learn .htaccess in 10 minutes

Mode rewrite

A list of htaccess code snippets and examples.
Any web designer MUST know them.

Any htaccess rewrite examples should always begin with:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /

This lets google crawl the page, lets me access the whole site (24.205.23.222) without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org):

AuthName “SiteName Administration”
AuthUserFile /home/sitename.com/.htpasswd
AuthType basic
Require valid-user
Order deny,allow
Deny from all
Allow from 24\\.205\\.23\\.222
Allow from w3.org htmlhelp.com
Allow from googlebot.com
Satisfy Any

Make any file be a certain filetype (regardless of name or extension)
#Makes image.gif, blah.html, index.cgi all act as php
ForceType application/x-httpd-php:

Redirect non-https requests to https server fixing double-login problem and ensuring that htpasswd authorization can only be entered using HTTPS

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq “google.com”
ErrorDocument 403 https://google.com

SEO Friendly redirects for bad/old links and moved links

For single moved file:

Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html

For multiple files like a blog/this.php?gh:

RedirectMatch 301 /blog(.*) http://www.askapache.com/$1

different domain name:

Redirect 301 / http://www.newdomain.com

Require the www:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$
RewriteCond %{HTTP_HOST} !^www\\.example\\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]

Require the www without hardcoding:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$ [NC]
RewriteCond %{HTTP_HOST} !^www\\.[a-z-]+\\.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+\\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]

Require no subdomain:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$
RewriteCond %{HTTP_HOST} \\.([a-z-]+\\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]

Require no subdomain:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} \\.([^\\.]+\\.[^\\.0-9]+)$
RewriteCond %{REQUEST_URI} !^/robots\\.txt$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

Redirect everyone to different site except 1 IP address (useful for web-development):

ErrorDocument 403 http://www.someothersite.com
Order deny,allow
Deny from all
Allow from 24.33.65.6

Add a “en-US” language tag and “text/html; UTF-8” headers without meta tags:

AddDefaultCharset UTF-8
# Or AddType ‘text/html; charset=UTF-8’ html
DefaultLanguage en-US

Using the Files Directive:

AddDefaultCharset UTF-8
DefaultLanguage en-US

Using the FilesMatch Directive (preferred):

AddDefaultCharset UTF-8
DefaultLanguage en-US

Securing directories: Remove the ability to execute scripts:

AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options –ExecCGI
Only allow GET and PUT request methods to your server.
Options -ExecCGI -Indexes -All +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} !^(GET|PUT)
RewriteRule .* – [F]

Processing All gif files to be processed through a cgi script:

Action image/gif /cgi-bin/filter.cgi

Process request/file depending on the request method:

Script PUT /cgi-bin/upload.cgi

Force Files to download, not be displayed in browser:

AddType application/octet-stream .avi
AddType application/octet-stream .mpg

Dramatically Speed up your site by implementing Caching!:

# MONTH
Header set Cache-Control “max-age=2592000”
# WEEK
Header set Cache-Control “max-age=604800”
# DAY
Header set Cache-Control “max-age=43200”

Prevent Files image/file hotlinking and bandwidth stealing:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?askapache.com/.*$ [NC]
RewriteRule \\.(gif|jpg|swf|flv|png)$ http://www.askapache.com/evil-hotlinker.gif [R=302,L]

ErrorDocuments:

ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php

Authentication Magic

Require password for 1 file:

AuthName “Prompt”
AuthType Basic
AuthUserFile /home/askapache.com/.htpasswd
Require valid-user

Protect multiple files:

AuthName “Development”
AuthUserFile /.htpasswd
AuthType basic
Require valid-user

Example uses of the Allow Directive:

# A (partial) domain-name
Allow from 10.1.0.0/255.255.0.0

# Full IP address
Allow from 10.1.2.3

# More than 1 full IP address
Allow from 192.168.1.104 192.168.1.205

# Partial IP addresses
# first 1 to 3 bytes of IP, for subnet restriction.
Allow from 10.1
Allow from 10 172.20 192.168.2

# network/netmask pair
Allow from 10.1.0.0/255.255.0.0

# network/nnn CIDR specification
Allow from 10.1.0.0/16

# IPv6 addresses and subnets
Allow from 2001:db8::a00:20ff:fea7:ccea
Allow from 2001:db8::a00:20ff:fea7:ccea/10

Using visitor dependent environment variables:

SetEnvIf User-Agent ^KnockKnock/2\\.0 let_me_in
Order Deny,Allow
Deny from all
Allow from env=let_me_in

block access to files during certain hours of the day:

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
# If the hour is 16 (4 PM) Then deny all access
RewriteCond %{TIME_HOUR} ^16$
RewriteRule ^.*$ – [F,L]

Advertisements

13 Responses to “Learn .htaccess in 10 minutes”

  1. asdf Says:

    what is this? i am not understanding anything.. why dont u prefer explaining it?

  2. Cixtian Trybe Says:

    Ok, I’m trying to learn .htaccess, and your tite is misleading, and the site is pretty useless for the purpose that you’ve advertised here.

    DON’T Get me wrong, the stuff here is usefull, and very cool. My only grip is I’m expecting to learn .htaccess use, not be provided with a bunch of hacks, and recipes. I’m bookmarking the site for when I actually learn what I’m doing, so I can com e back and play, but if I may suggest changing the title of this page.

    Just my 2 cents. Good work on the content though.

    Cix

  3. Vasim Says:

    do you thing any can learn this in 10 minites who are not familier with htaccess. you have not put explaination about each line. i am a php web developer yet i don’t understand any thing from above.

  4. Tom Cruise Says:

    what the hell are you posting without any information, do you think its a magic to learn things in 10 minutes, it takes months to complete a project and this gentelman is telling its possible in 10 minutes to learn and react how funny. keep it up lolzzzzzzzzzz

  5. RNT Solutions Says:

    Thanks for sharing. However you need to explain it more clearly.

    Thanks,
    R&T Solutions

  6. Kellan Says:

    The stuff in bold is Htaccess code…
    The stuff not in bold is what it does
    Simple

  7. James Says:

    Make it clear

  8. Sohail Says:

    Nice contents but explanation required.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: