The .htaccess files (Hypertext Access file) is a very powerful configuration tool on Apache web server. The Apache web server has a number of configuration options that are available to the server administrator. The .htaccess is a simple ASCII text file placed in your website root directory. You can create and edit an .htaccess file using a text editor like notepad.
Here in this blog post I have come up with useful 16 tips and hacks to configure your web server.
  As a configuration file .htaccess if a very powerful and a slight  syntax error can result in a severe malfunction of your server. So to  avoid that always try to keep a backup copies of all your files from  the server before working with the .htaccess file.
1. Creating a custom error page with .htaccess on a  linux apache is a very simple task. Using you a text editor like  notepad you create an .htaccess files. Custom error pages give your  website an professional look and catch those visitors who reach your  website following a back link.
    
  ErrorDocument 401 /error/401.php
  ErrorDocument 403 /error/403.php
  ErrorDocument 404 /error/404.php
  ErrorDocument 500 /error/500.php
  
    2. How to set the timezone on your server
    
  SetEnv TZ America/Houston
3. Block IPs Using htaccess
  Sometime you need to block certain IPs from accessing your entire site  or directory. Its pretty simple task. All you have to do is inside the  .htaccess file is put the following code.
allow from all
  deny from 145.186.14.122
  deny from 124.15
If you use the whole IP or a part of the IP to block and add the new ones in a new line.
  When someone trying to access your site from the banned ip they will get a 403 error access forbidden message.
4. SEO Friendly 301 permanent redirects for bad/old links and moved links
  
  Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html
5. Set the Email Address for the Server Administrator - Using this code you can specifying the default email address for the server administrator.
    
  ServerSignature EMail
  SetEnv SERVER_ADMIN default@domain.com
  
    6. Hotlinking protection with .htaccess is very  important because anyone can hot link to your images and eat up all  your bandwith of your server. The following code will help you to  prevent that.
Options +FollowSymlinks
  # Protect Hotlinking
  RewriteEngine On
  RewriteCond %{HTTP_REFERER} !^$
  RewriteCond %{HTTP_REFERER} !^http://(www\.)?domainname\.com/ [nc]
  RewriteRule .*\.(gif|jpg|png)$ http://domainname.com/img/hotlink_f_o.png [nc]
7. Block all requests from user agent - by creating a perfect .htaccess ban list, you can block all of unwanted user agents that will keep your server load down. Also Check out this interesting thread on webmaster world about the 228 user agents ban list.
## .htaccess Code :: BEGIN
  ## Block Bad Bots by user-Agent 
  SetEnvIfNoCase user-Agent ^FrontPage [NC,OR]
  SetEnvIfNoCase user-Agent ^Java.* [NC,OR]
  SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR]
  SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR]
  SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR]
  SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR]
  SetEnvIfNoCase user-Agent ^Zeus [NC]
  <Limit GET POST HEAD>
  Order Allow,Deny
  Allow from all
  Deny from env=bad_bot
  </Limit>
  ## .htaccess Code :: END 
  
    8. Redirect everyone to different site except few IP -If you want to redirect all the visitors to a different IP. Also give access to certain  few IPs. You can use the code below
ErrorDocument 403 http://www.youdomain.com
  Order deny,allow
  Deny from all
  Allow from 124.34.48.165
  Allow from 102.54.68.123
9. Don’t want to display download request - Usually  when you try to download something from a web server you get a request  asking whether you want to save the file or open it.
  To avoid that you can use the below code on your .htaccess file.
AddType application/octet-stream .pdf
  AddType application/octet-stream .zip
  AddType application/octet-stream .mov
10. Change the file type - Make any file be a certain kind of file type Makes image.jpg, index.html, default.cgi all act as php
<Files test>
  ForceType application/x-httpd-php
  SetHandler application/x-httpd-php
  </Files> 
11. Block access to your .htaccess file - By adding he following code to your htaccess file will prevent attempts to access your htaccess file. This extra layer of security protects your htaccess file by displaying a 403 error message on the browser.
# secure htaccess file
  <Files .htaccess>
   order allow,deny
   deny from all
  </Files>
  
  12. Protect access to certain specific file on your server -  this can be done by adding the below mentioned code. For example you  want to block with the file name default.jpg This will prevent the  viewing of this file.
# prevent access of a certain file
  <files default.jpg>
   order allow,deny
   deny from all
  </files>
  
  13. Prevent access to unauthorized browsing -  Protecting specific directory browsing can be done by intructing the  server to serve a Forbidden and Authorization required message while  anyone requests to view that particular directory. Usually if you site  doesn’t have a default index page any files within that directory is  accessible to the visitors. To avoid that use the following code in the  .htaccess file.
# disable directory browsing
  Options All -Indexes
  
    14. Setting the default page - You can set the default page of a directory to any page you like. For  example in this code the default page is set as about.html instead of  index.html
# serve alternate default index page
  DirectoryIndex about.html
  
    15. Password protect your directories and files -  You can create authentication for certain files and directories from  being access. The code has examples of both password protection for a  single file and password protection for a entire directory.
# to protect a file
  <Files secure.php>
  AuthType Basic
  AuthName “Prompt”
  AuthUserFile /home/path/.htpasswd
  Require valid-user
  </Files>
# password-protect a directory
  resides
  AuthType basic
  AuthName “This directory is protected”
  AuthUserFile /home/path/.htpasswd
  AuthGroupFile /dev/null
  Require valid-user
  
    16. Redirect an old domain to a new domain -  Using htaccess file you can redirect a old domain name to a new domain  by adding the following code into the htaccess file. Basically what it  does is it will remap the old domain to the new one.
# redirect from old domain to new domain
  RewriteEngine On
  RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]
As htaccess files are very powerful, even a slightest syntax error can cause sever malfunction of your server. So it is crucial to take the backup copies of everything before you try the hacks and tricks on your hypertext access files.
 
 
No comments:
Post a Comment