A list of htaccess code snippets and examples.
Any web designer MUST know them.
Any htaccess rewrite examples should always begin with:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
This lets google crawl the page, lets me access the whole site (24.205.23.222) without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org):
AuthName “SiteName Administration”
AuthUserFile /home/sitename.com/.htpasswd
AuthType basic
Require valid-user
Order deny,allow
Deny from all
Allow from 24\\.205\\.23\\.222
Allow from w3.org htmlhelp.com
Allow from googlebot.com
Satisfy Any
Make any file be a certain filetype (regardless of name or extension)
#Makes image.gif, blah.html, index.cgi all act as php
ForceType application/x-httpd-php:
Redirect non-https requests to https server fixing double-login problem and ensuring that htpasswd authorization can only be entered using HTTPS
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq “google.com”
ErrorDocument 403 https://google.com
SEO Friendly redirects for bad/old links and moved links
For single moved file:
Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html
For multiple files like a blog/this.php?gh:
RedirectMatch 301 /blog(.*) http://www.askapache.com/$1
different domain name:
Redirect 301 / http://www.newdomain.com
Require the www:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$
RewriteCond %{HTTP_HOST} !^www\\.example\\.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L]
Require the www without hardcoding:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$ [NC]
RewriteCond %{HTTP_HOST} !^www\\.[a-z-]+\\.[a-z]{2,6} [NC]
RewriteCond %{HTTP_HOST} ([a-z-]+\\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]
Require no subdomain:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/robots\\.txt$
RewriteCond %{HTTP_HOST} \\.([a-z-]+\\.[a-z]{2,6})$ [NC]
RewriteRule ^/(.*)$ http://%1/$1 [R=301,L]
Require no subdomain:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} \\.([^\\.]+\\.[^\\.0-9]+)$
RewriteCond %{REQUEST_URI} !^/robots\\.txt$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
Redirect everyone to different site except 1 IP address (useful for web-development):
ErrorDocument 403 http://www.someothersite.com
Order deny,allow
Deny from all
Allow from 24.33.65.6
Add a “en-US” language tag and “text/html; UTF-8” headers without meta tags:
AddDefaultCharset UTF-8
# Or AddType ‘text/html; charset=UTF-8’ html
DefaultLanguage en-US
Using the Files Directive:
AddDefaultCharset UTF-8
DefaultLanguage en-US
Using the FilesMatch Directive (preferred):
AddDefaultCharset UTF-8
DefaultLanguage en-US
Securing directories: Remove the ability to execute scripts:
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options –ExecCGI
Only allow GET and PUT request methods to your server.
Options -ExecCGI -Indexes -All +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} !^(GET|PUT)
RewriteRule .* – [F]
Processing All gif files to be processed through a cgi script:
Action image/gif /cgi-bin/filter.cgi
Process request/file depending on the request method:
Script PUT /cgi-bin/upload.cgi
Force Files to download, not be displayed in browser:
AddType application/octet-stream .avi
AddType application/octet-stream .mpg
Dramatically Speed up your site by implementing Caching!:
# MONTH
Header set Cache-Control “max-age=2592000”
# WEEK
Header set Cache-Control “max-age=604800”
# DAY
Header set Cache-Control “max-age=43200”
Prevent Files image/file hotlinking and bandwidth stealing:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\\.)?askapache.com/.*$ [NC]
RewriteRule \\.(gif|jpg|swf|flv|png)$ http://www.askapache.com/evil-hotlinker.gif [R=302,L]
ErrorDocuments:
ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php
Authentication Magic
Require password for 1 file:
AuthName “Prompt”
AuthType Basic
AuthUserFile /home/askapache.com/.htpasswd
Require valid-user
Protect multiple files:
AuthName “Development”
AuthUserFile /.htpasswd
AuthType basic
Require valid-user
Example uses of the Allow Directive:
# A (partial) domain-name
Allow from 10.1.0.0/255.255.0.0
# Full IP address
Allow from 10.1.2.3
# More than 1 full IP address
Allow from 192.168.1.104 192.168.1.205
# Partial IP addresses
# first 1 to 3 bytes of IP, for subnet restriction.
Allow from 10.1
Allow from 10 172.20 192.168.2
# network/netmask pair
Allow from 10.1.0.0/255.255.0.0
# network/nnn CIDR specification
Allow from 10.1.0.0/16
# IPv6 addresses and subnets
Allow from 2001:db8::a00:20ff:fea7:ccea
Allow from 2001:db8::a00:20ff:fea7:ccea/10
Using visitor dependent environment variables:
SetEnvIf User-Agent ^KnockKnock/2\\.0 let_me_in
Order Deny,Allow
Deny from all
Allow from env=let_me_in
block access to files during certain hours of the day:
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
# If the hour is 16 (4 PM) Then deny all access
RewriteCond %{TIME_HOUR} ^16$
RewriteRule ^.*$ – [F,L]
Softexpert Moldova - A Blog for IT Professionals 
October 15, 2007 at 3:57 pm
Updated Original src at http://www.askapache.com/apache/apache-htaccess.html
December 7, 2007 at 2:40 pm
what is this? i am not understanding anything.. why dont u prefer explaining it?
January 26, 2010 at 12:45 pm
I agree! Useless article for beginners!
April 23, 2010 at 12:10 am
Follow AskApache link and you’ll learn more…
April 16, 2011 at 12:10 am
This is PERL magic with mod_write APACHE processes!!
September 6, 2008 at 2:26 pm
Ok, I’m trying to learn .htaccess, and your tite is misleading, and the site is pretty useless for the purpose that you’ve advertised here.
DON’T Get me wrong, the stuff here is usefull, and very cool. My only grip is I’m expecting to learn .htaccess use, not be provided with a bunch of hacks, and recipes. I’m bookmarking the site for when I actually learn what I’m doing, so I can com e back and play, but if I may suggest changing the title of this page.
Just my 2 cents. Good work on the content though.
Cix
January 9, 2009 at 9:54 am
do you thing any can learn this in 10 minites who are not familier with htaccess. you have not put explaination about each line. i am a php web developer yet i don’t understand any thing from above.
February 28, 2009 at 1:25 pm
what the hell are you posting without any information, do you think its a magic to learn things in 10 minutes, it takes months to complete a project and this gentelman is telling its possible in 10 minutes to learn and react how funny. keep it up lolzzzzzzzzzz
March 18, 2009 at 6:59 pm
Thanks for sharing. However you need to explain it more clearly.
Thanks,
R&T Solutions
April 19, 2009 at 4:46 pm
The stuff in bold is Htaccess code…
The stuff not in bold is what it does
Simple
January 1, 2010 at 10:40 pm
[…] Learn .HTACCESS in 10 minutes […]
February 2, 2010 at 7:25 am
Make it clear
June 22, 2011 at 4:50 am
Nice contents but explanation required.