.htaccess

From Free net encyclopedia

.htaccess (Hypertext Access) is the default name of Apache's directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions.

Contents

[edit]

Common usage

[edit]

Custom Error Pages

ErrorDocument 404 my404page.html
This code can be used to create any custom page. Certain pages are more complicated to modify - if you create a custom 403 Forbidden page, then a viewer will not see the custom page. Here is a way to get around this: 
ErrorDocument 403 /all/my403page.html
In the /all directory, you would need another .htaccess file, ie: 
Order allow,deny
Allow from all
This would give access to Forbidden users to the /all directory, where the custom 403 page is kept in this example.
[edit]

Password protection

Make the user enter a name and password before viewing a directory. 

AuthUserFile /home/newuser/www/stash/.htpasswd
AuthGroupFile /dev/null
AuthName "Protected Directory"
AuthType Basic
<Limit GET POST>
require user newuser
</Limit>

Now run this command to create a new password for the user 'newuser'. 

htpasswd /home/newuser/www/stash/.htpasswd newuser
[edit]

Password unprotection

Unprotect a directory inside an otherwise protected structure: 

Satisfy any
[edit]

Enable SSI

AddType text/html .shtml
AddHandler server-parsed .shtml
Options Indexes FollowSymLinks Includes
[edit]

Deny users by IP address

Order allow,deny
Deny from 123.45.67.8
Deny from 123.123.7
Allow from all
This would ban anyone with an IP address of 123.45.67.8 and would also ban anyone with an IP address starting in 123.123.7: for example, 123.123.74.42 would not gain access.
[edit]

Change the default directory page

DirectoryIndex homepage.html
Here, anyone visiting http://www.example.com/ would see the homepage.html page, rather than the default index.html.
[edit]

Redirects

Redirect page1.html page2.html
If someone was to visit http://www.example.com/page1.html, they would be sent to http://www.example.com/page2.html
[edit]

Prevent hotlinking of images

The following .htaccess rules use mod rewrite.

[edit]

From specific domains

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://([^/]+\.)?baddomain1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://([^/]+\.)?baddomain2\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://([^/]+\.)?baddomain3\.com [NC]
RewriteRule \.(gif|jpg)$ http://www.example.com/hotlink.gif [R,L]
[edit]

Except from specific domains

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.example.com/hotlink.gif [R,L]
Unless the image is displayed on example.com, browers would see the image hotlink.gif.
[edit]

Directory rules

A .htaccess file controls the directory it is in, plus all subdirectories. However, by placing additional .htaccess files in the subdirectories, this can be overruled.

[edit]

User permissions

The user permissions for .htaccess are controlled on server level with the AllowOverride directive which is documented in the Apache Server Documentation.

[edit]

Other uses

Some web developers have modified .htaccess to perform custom tasks server-side before serving content to the browser. Here developer Shaun Inman shows it is possible to edit .htaccess to allow for Server Side Constants within CSS.

[edit]

See also

[edit]

External links

fr:.htaccess pl:.htaccess ru:.htaccess

Retrieved from "http://www.netipedia.com/index.php/.htaccess"