Sunday, May 17, 2009

Most useful htaccess tips and tricks

An .htaccess is a simple file which is being detected and executed by Apache Web Server. You may need to CHMOD the .htaccess file to 644. This makes the file usable by the server, but prevents it from being read by a browser, which can seriously compromise your security. Always you have to place .htaccess file to the root directory from where you want apply any tricks. It is widely known to use improve access control, implementing custom error page, hide actual URL, password protection and URL redirection etc. Below are some .htaccess tricks:

Change URL:
Sometimes you may need to hide actual URL from visitors. Say you have a page index.php which takes a parameter category_id but you want access it by category1.html, category2.html and category3.html etc where 1, 2 and 3 is the value of category_id. Below is the some sample code for this type of things.
RewriteEngine on
RewriteRule ^category(.*).html$ index.php?category_id=$1 [L]
RewriteRule ^page_(.*).html$ index.php?pagedb=$1 [L]
RewriteRule ^index.html$ index.php

Show user friendly error page for different types of errors:
A web application may occurred different types of error such as 404 – File Not Found’ etc. It is very easy and useful way to show user friendly error page for different types of error. Below is the example code to show custom page for error:
RewriteEngine on
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 401 /errors/unauthorized.html
ErrorDocument 403 /errors/forbidden.html
ErrorDocument 404 /errors/pagenotfound.html
ErrorDocument 500 /errors/internalservererror.html

Change Directory Index:
When any user request an URL or directory apache serve default directory index(which is loaded as your default page whenever a directory or url requested) page which is configured in httpd.conf but you can specify it easily. You can also specify multiple files. Apache will look from first to last file if found then will run that file:
DirectoryIndex myfile.php main.php
In this case when a user request an URL/Directory then your site first look for myfile.php in your root directory if not found then look for main.php

Redirects
Sometimes you may need to redirect from old location to new one. You can do it in many ways but by .htaccess you can do it easily by following way:
Redirect /oldloccation/index.html http://morshed-alam.blogspot.com

Deny/Allow IP
Sometimes you may need prevent access your site from IP of allow only for specific IP address. You can do it easily by .htaccess. Below is the sample code to deny an IP address:
order allow,deny
deny from 192.168.0.1
allow from all
Below is the sample code to access for specific IP address:
order allow, deny
deny from all
allow from 192.168.0.1

Control Directory Access:
If any DirectoryIndex file is not define in any directory and user request that directory browser shows all files of that directory. So sometimes you may need to restrict to access those file directly. You can restrict it easily by following sample code:
IndexIgnore *
You can also restrict direct file access by extension. Below is the sample code to restrict all gif, pdf file from a directory
IndexIgnore *.gif *.pdf

Enabling SSI:
You can esily enable and use SSI by htaccess. Sometimes hosting provider not support for SSI so before using this ask for permission to hosting provider. Below is the sample code to enable and use SSI:
AddType text/html .shtml
AddHandler server-parsed .shtml
Options Indexes FollowSymLinks Includes
To use SSI no need to rename all of your pages to .shtml, just add below line between first and seconfd line which will force the server to parse every page names .html for SSI, even if they have no SSI commands:
AddHandler server-parsed .html

Prevent viewing of .htaccess
Below is the sample code to prevent viewing of .htaccess file:
<Files .htaccess>
order allow,deny
deny from all
</Files>

Prevent Delete
Below is the sample code to prevent to delete:
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
You can do lots of other things by using .htaccess such as Login, Adding Mime Type etc.

5 comments:

  1. Thanks for shearing.
    Really a must know topic.

    ReplyDelete
  2. Very much helpful tips.we often stuck with some tricky thing here is all together..

    ReplyDelete
  3. Thank you for your posting

    ReplyDelete
  4. but can you put a .htaccess file in blogspot?????

    ReplyDelete
  5. It is not possible to put .htaccess file in blogspot because blogger not provided this facility.

    ReplyDelete