htaccess
htaccess

Control

Htaccess is just the file we need in today’s world of Content Management Systems (CMS), CPanels, plug-ins, applications and the like. Yet many people rarely encounter this old-world text file.

In general, .htaccess works on servers with the Apache Web Server set-up, but there are work-around tools etc. for others. With that said, let’s dive in to the nitty-gritty.

.htaccess – what is it?

To see if you already have an .htaccess file, open up your website in your favorite ftp program, file manager, etc. and look at the root folder; you should see it there.

This powerful control mechanism is simply a text file, placed at the root directory (you can place it elsewhere, but root directory is highly recommended, and has server directives within.

For example, with .htaccess, you can redirect users, put in URL re-writes, provide password-protected directories and more.

If you’d like to create your own – just open Notepad or a similarly text-based application, turn off the word-wrap and save the file as htaccess.txt or some such. Then and this is important, rename the file as simply .htaccess. Upload it to your root directory with file permission settings at 644 and you’re ready to go.

Useful .htaccess Snippets

Now that we know what the .htaccess is, let’s look at how we can use it.

Directory Index
Specify the index file of your directory
DirectoryIndex welcome.html welcome.php

Custom Error Pages
Redirect users to your very own customized Error Page, whether it be for 404, 500, etc.:
ErrorDocument 400 /400.html
ErrorDocument 401 /401.html
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 504 /504.html

Remove www
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.yourdomain.com [NC]
RewriteRule ^(.*)$ http://yourdomain.com/$1 [L,R=301]

Set Server’s Timezone
Set your server’s timezone with:
SetEnv TZ Europe/London (obviously change the timezone to what you desire)

Control Access
Deny access from specific IP Addresses:
order allow,deny
deny from XXX.XXX.XXX.XXX
allow from all

301 Redirects
Redirect 301 /olddirectory/file.html

Detect and Redirect Tablet-based users

RewriteCond %{HTTP_USER_AGENT} ^.*iPad.*$
RewriteRule ^(.*)$ http://yourdomain.com/folderfortablets [R=301]
RewriteCond %{HTTP_USER_AGENT} ^.*Android.*$
RewriteRule ^(.*)$ http://yourdomain.com/folderfortablets [R=301]

Hotlink Protection

Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domainname.com/ [nc]
RewriteRule .*.(gif|jpg|png)$ ^http://domainname.com/img/hotlink_f_o.png [nc]

Force Save As
Want to force users to download files instead of viewing them in the browser?
AddType application/octet-stream .avi .mpg .mov .pdf .xls .mp4

Disable Directory browsing

# disable directory browsing
Options All -Indexes
# enable directory browsing
Options All +Indexes

Blocking Specific User Agents

<IfModule mod_rewrite.c>
SetEnvIfNoCase ^User-Agent$ .*(bot1|bot2|bot3|bot4|bot5|bot6|) HTTP_SAFE_BADBOT
SetEnvIfNoCase ^User-Agent$ .*(bot1|bot2|bot3|bot4|bot5|bot6|) HTTP_SAFE_BADBOT
Deny from env=HTTP_SAFE_BADBOT
</ifModule>

What’s Next?

This is just a quick glance into the .htaccess file, but I hope it gives you some idea of the power at your fingertips. Good luck and let me know if you have any questions!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.