If you want to prevent people from browsing your directory, you can add this code to your .htaccess file :
Option -Indexes
The Options directive controls which server features are available in a particular directory. Using -Indexes disables listing of the directory.
No Comments
Prevent file viewing with htaccess
Posted by Wil in htaccess tutorials on February 12, 2010
If you have a directory which contains passwords or files that you don’t want anybody to be able to view or to download, you might add the following to your .htaccess file :
- If you want to prevent people from viewing all the files :
Код: Выделить всё
<Files *>
Order allow,deny
Deny from All
</Files>
- If you don’t want anybody to be able to view only the files with a specific extension :
<Files ~ “\.(sql)$”>
Order allow,deny
Deny from All
</Files>
In that example, all files except those with sql extension will be available for web visitors.
- if you want to prevent people from viewing files with more than one extension :
<Files ~ “\.(tpl|sql|other-extension…)$”>
Order allow,deny
Deny from All
</Files>
In that case, all files except those with tpl, or sql or other-extension will be accessible.
Another example : if you want to prevent .htaccess and .htpasswd files from viewing by web clients, you can place the following :
<Files ~ “^\.ht”>
Order allow,deny
Deny from All
</Files>
To replace a wild-card string, you can use ‘?’ to match any single character, and ‘*’ to match any sequences of characters.
If you use extended regular expressions, don’t forget to add the ~ character.
<Files ~ “\.(gif|bmp|jpe?g)$”>
Order allow,deny
Deny from All
</Files>
- If you want to be more selective and forbid a single file within a particular directory, place the following in your .htaccess file :
<Files config.php>
Order allow,deny
Deny from All
</Files>
The <Files> directive allows you to control access to your own files. You can include various <Files> directives in your htaccess file.
Remember that <Files> directive applies to subdirectories, so it will also protect files in subdirectories, unless specifically overridden.
In Apache 1.3 and later, another directive provides for access control by filename : <FilesMatch>. The <FilesMatch> directive accepts a regular expression.
An example, using the <FilesMatch> directive (preferred with Apache 1.3 and later) :
<FilesMatch “\.(gif|bmp|jpe?g)$”>
Order allow,deny
Deny from All
</FilesMatch>
access control, directives, server config
No Comments
htaccess block access by referer
Posted by Wil in htaccess tutorials on June 27, 2009
If your server is over – spammed, this .htaccess configuration will help you. By blocking website access by referrer you are disabling any impressions that come from “wrong” referrer. It could be “bad” bot that uses your website resources in it’s needs. You can block “bad” bots or urls from visiting your website by editing .htaccess file :
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_REFERER} botsite\.com [NC,OR]
RewriteCond %{HTTP_REFERER} othersite\.com [NC,OR]
RewriteRule .* – [F]
</ifModule>
Domains marked in bold are wrong referrer domains, and we don’t want any traffic from.
Modify your .htaccess file and add “wrong” bots or referrers to disable resources stealing.
mod_rewrite, referer, rewrite
No Comments
htaccess rewrite rule
Posted by Wil in htaccess tutorials on June 27, 2009
To enable rewrite rule and rewrite commands you will need to enable apache rewrite engine.
Add this code to your .htaccess to enable rewrite commands of your server :
RewriteEngine on
htaccess rewrite rule, mod_rewrite, rewrite
No Comments
htaccess Redirect File Or Directory
Posted by Wil in htaccess tutorials on June 27, 2009
If you moved files from one directory or changed directory location, you will find it useful to redirect all your visitors to the true directory that contains all the files in it . Apache server was designed to allow manually redirection of all your traffic from “wrong” directory to the true directory, this method is also excellent for SEO practice, wrong pages will not been cached by search engines.
Here is .htaccess code for this task :
redirect 301 /oldfiles/mypage.html http://www.example.com/newfiles/mypage.html
We used 301 redirect command to redirect one file from one directory to another , and you should specify your “wrong” path (/oldfiles/mypage.html) and “true” path
(http://www.example.com/newfiles/mypage.html)
Sometimes we will throw our traffic to the new directory permanently , and here is .htaccess code
Redirect permanent /oldfiles/ http://www.example.com/newfiles/
You can modify your .htaccess file in your free time.
htaccess redirect, redirect
No Comments
htaccess redirect site
Posted by Wil in htaccess tutorials on June 27, 2009
There are a lot of reasons to redirect website from one to another, for example when you changed your main domain name and want all traffic to be redirected to your new website domain name.
Instead of using slow html meta redirect function, it is a good idea to send command to your server directly.
Here is the code for .htaccess file to send your visitors to another domain name:
RewriteEngine On
RewriteRule ^(.*)$ http://www.htaccessfile.com/$1 [R=301,L]
Where http://www.htaccessfile.com is desired url you want to send traffic to.
If you want redirect to be permanent, you can use this command :
Redirect permanent / http://www.domain.com/
redirect
No Comments
htaccess Allow Override
Posted by Wil in htaccess tutorials on June 27, 2009
Htaccess allow override is a perfect solution to increase your website performance. Allow Override enables searching of .htaccess file in all website directories, to specify which directory contains allow override and which directory doesn’t we will use allow override command.
We will disable allow override in our root folder and enable allow override in other website directories.
AllowOverride None
Our each directory will contain allow override enabled
<Directory /public_html/foldername>
AllowOverride Options
</Directory>
/public_html/foldername is a directory contains .htaccess file.
Well, this method increases your website load times and improves your website webs appearance in search engines.
allow override
No Comments
htaccess protect website from content ripping
Posted by Wil in htaccess tutorials on June 27, 2009
It’s really sad to realize that your website is not unique anymore, someone ripped all the content, mysql database and even your name mentioned in it and built his scam website with your content.
It is a good idea to protect your blog or website from ripping software, here is the sollution, you can tell your apache server via .htaccess to block unwanted bots. You can add additional bots in this list.
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ^Anarchie [OR]
RewriteCond %{HTTP_USER_AGENT} ^ASPSeek [OR]
RewriteCond %{HTTP_USER_AGENT} ^attach [OR]
RewriteCond %{HTTP_USER_AGENT} ^autoemailspider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xenu [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus.*Webster [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* – [F,L]
If you know additional ripping software, please leave comments.
htaccess content protection
No Comments
htaccess allow IP addresses
Posted by Wil in htaccess tutorials on June 27, 2009
There are lot’s of programs that allow ripping website content and mysql databases. All the ripped content transferred to another websites, thanks god we have google that figures out plagiarism by caching dates. Anyway sometimes there are many unnecessary bots of authomatic websites that steal our traffic. Sometimes there is any unwanted spammer or proxy website user that visits our website frequently. htaccess file allows to block unwanted visits by IP.
If your website under construction, you can simply edit .htaccess file to disallow visits to your website.
Here is the code :
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 12.345.67.890
</Limit>
allow from 12.345.67.890 command allows access to your server only from 12.345.67.890 IP address.
You can allow more IP’s to access your website :
<Limit GET POST PUT>
order deny,allow
deny from all
allow from 12.345.67.890
allow from 890.67.345.12
</Limit>
This practice is good in case you are modifying your website and don’t want others to see the process, other reason to use it when you have some webpage visible only to allowed IP’s – your customers.
No Comments
htaccess admin email address
Posted by Wil in htaccess tutorials on June 27, 2009
Sometimes it is necessarry to define admin email address for the server, if our website hosted somewhere and we are not able to configure Apache configuration files, we will use .htaccess file to configure default admin email address of our website. The code is shown below, you can test this code with your .htaccess file.
SetEnv SERVER_ADMIN yourname@example.com
( yourname@example.com is your email address. )