The .htaccess file can be a valuable ally for controlling access to your server resources or if you want the space you have rented on a server, as it allows you to secure your server with just a few lines of code bypassing any management applications which you usually have a lot of work to do and are basically overloaded.
Let's see how
If you need information about what a file is .htaccess, you can read related articles at Wikipedia which are quite illustrative.
Let's look at some useful ones tricks of .htaccess which surely some of all will be of interest to you….
Redirecting users to custom error pages
Instead of viewing the default Apache, Lightspeed, or Nginx bug pages, webmasters can redirect these requests into their own custom text.
This can be a text file, an HTML page, a Perl script, or whatever you want, as long as the server is able to read your text and send it to the user (in the following example we redirect them to our html pages).
ErrorDocument 401 /error_pages/401.html ErrorDocument 403 /error_pages/403.html ErrorDocument 404 /error_pages/404.html ErrorDocument 500 /error_pages/500.htmlMake sure pages with www and without www show the same thing
"Www" is no longer mandatory on URLs, but there are times when WWW and non-WWW versions of a website may lead to different locations. This could be due to a poor server setup, incorrect DNS settings, or faulty hosting accounts. To avoid this situation, save the following text to the .htaccess file and it will resolve the issue## RECONSTRUCTION WITHOUT -WWW to WWW RewriteEngine On RewriteCond% {HTTP_HOST} igur iguru \ .gr RewriteRule (. *) Https://iguru.gr/$1 [R = 301, L]To do this, mod_rewrite must first be enabled on your server, and you must also make sure that the "RewriteEngine On" bar is present somewhere in your .htaccess file. We have already included it in the code in case you have not already activated it.
The reverse process is the following (ie the redirection of:
## REDUCTION OF WWW WITHOUT-WWW RewriteEngine On RewriteCond% {HTTP_HOST} ^ www \ .iguru \ .grRewriteRule (. *) Https://iguru.gr/$1 [R = 301, L]Note: be sure to change the name of our isotope to yours otherwise you will see the clicks to your site decrease dramatically !!!!!!!! :)
Send users to a subdomain
Sometimes you may want to send your users to a custom subdomain. This can be done easily and quickly using .htaccess.RewriteEngine On RewriteCond% {HTTP_HOST}! ^ $ RewriteCond% {HTTP_HOST}! ^ Subdomain \ .domain \ .com $ [NC] RewriteRule ^ / (. *) $ Http://subdomain.domain.com/$1 [L, R = 301]HTTP to HTTPS redirects
It is not that simple. Redirecting users to the HTTPS version of your site does not automatically make it "safe". We need to look at the SSL application for this.RewriteEngine On RewriteCond% {HTTPS} off RewriteRule (. *) Https: //% {HTTP_HOST}% {REQUEST_URI}Multimedia power files to download to the user's browser
Some programs browsers (or almost all of them if you will) tend to force files to be opened with some internal application, rather than allowing users to simply download them. To make sure that the file is stored locally each time (ie on the user's computer), and not streamed to the user, which eats up bandwidth, this trick can help:AddType application/octet-stream .pdf AddType application/octet-stream .avi AddType application/octet-stream .mp3You can declare any type of file extension you like. The server will force the browser to download it to the user.
Protect your files from hotlinking
Yes, it's so simple to protect your files from the hotlinked Web. You may think that this protection requires complicated PHP solutions or JavaScript-based solutions, money to pay developers, a lot of time to add each file to various firewalls and tables, but no, they only need these three lines code.RewriteEngine On RewriteCond% {HTTP_REFERER}! ^ RewriteCond% {HTTP_REFERER}! ^ Http: // (www \.)? Iguru \ .gr / [nc] RewriteRule. * \. (Gif | jpg | png) $ https: / /iguru.gr/bullshit_hotlink_image.png [nc]Text compression, HTML, JavaScript, CSS, and XML code
The following snippet is for Apache servers and will automatically compress HTML, JavaScript, CSS, and XML files when it sends them to your users.AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/x-component AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/ javascript AddOutputFilterByType DEFLATE application/x-javascript Disable list browsing on any webpage
Ανεξάρτητα από το χρησιμοποιείτε το αρχείο .htaccess στο WordPress, Drupal, Joomla, ή με Java, Python, or in Ruby code, the following line of code in your .htaccess file will prevent any user from exploring your site's directories and publicly viewing the files stored inside them.Options-IndexesDisable PHP execution within a folder or for a specific file
Using the .htaccess file filtering capabilities, webmasters can target PHP files (HTML, JavaScript, images, etc.), and then "do something" about them. Because webmasters generally want to block access using .htaccess files, this short snippet can be quite useful.#ALL PHP FILESdeny from all #SOME SPECIFIC PHP FILEdeny from all Do not allow access to one or more IP addresses
If there are only a few users who tend to abuse your service, you do not need to apply a firewall rule just for them. This can be done in the .htaccess file like this:order allow,deny #BAN ONE IP deny from xxx.xxx.xxx.xxx #BAN ENTIRE CLASS FROM IPS deny from xxx.xxx.xxx.xxx/24 allow from all Note: where xxx corresponding numbers of IPS you want to throw out
Of course it is not necessary to use the .htaccess file so regularly and for all the above cases. All of these code snippets can also be used in your httpd.conf, as the .htaccess file should only be used in cases where directory permissions are required and access to httpd.conf is not allowed or is not possible.
