10 htaccess usefull tips

The “.htaccess” is a configuration file that works at directory level on the web servers (on Apache, not on Microsoft…

Maggio 2, 2010

The “.htaccess” is a configuration file that works at directory level on the web servers (on Apache, not on Microsoft IIS). The “ht” letters of “htaccess” stand for “hypertext”. Like the “ht” letters of the “http” protocol.

With the htaccess file you can do many usefull things, such as redirecting users to different pages and modify the urls. When you do these things you are “rewriting” the urls and you are using a module (a program) of the web server which is called “mod_rewrite”.

You can also set the error pages, specify passwords and much more. Here are a list of 10 usefull things I do with htaccess file on my works:

1) This script redirects all the calls to mp3 files to a php file, a mini proxy, that can do something usefull as tracking stats on a db:

# the +FollowSymlinks should be already setted, but if it isnt' this
# setting will turn it on. FollowSymlinks must be on to use the rewrite engine.
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^(.*)\.mp3$ /proxy.php?z=$1.mp3 [QSA]

2) Suppose you want to automatically add www (if there isn’t) at the beginning of the url:

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.domain\.com [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]

3) If you don’t like the wasting of the 4 bytes of the “www.” string, you can use this htaccess configuration to sistematically remove the www from any url:

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [L,R=301]

4) This is a simple way to make urls readable: simply redefine them:

# from http://www.domain.com/article/18/readable-string
# to http://www.domain.com/article.php?id=18
# the [L] letter at the end means that if this rule match than it's the last and no more rules must be applied
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^article/([0-9]*)/(.*)$ /article.php?x=$1 [L]

5) redirect everything that isn’t a call to an existing page to a file and pass the querystring as a parameter. So you can do something like changing this http://www.domain.com/bradpitt to http://www.domain.com/proxy.php?user=bradpitt

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /proxy.php?user=$1 [QSA]

6) Make a basic authentication inside a directory by putting this .htaccess file in that directory.

# basic authentication
AuthType Basic
AuthName "Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

In the .htpasswd file you have to specify user and password, the password must be md5 encoded, like this for user “jack”:

jack:$apr1$ZVsMp...$I4UkebuYwg5QQ0cs7s921/

7) Define custom error documents, this do not require mod_rewrite.

ErrorDocument 401 /401.html
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html

8 ) simple redirect to map old links to new ones when you re-style everything. This will help you not loosing traffic from google.

Redirect 301 /oldfile.html http://www.domain.com/newfile.html

9) When you have a big update to your site you can redirect every user to a “work in progress” page, than – when you finish – remember to remove this blocking htaccess file!

order deny,allow
deny from all
allow from 81.81.81.81
ErrorDocument 403 /wip.htm
<Files wip.htm>
allow from all
</Files>

Put your IP address where there is “81.81.81.81”, and put your wip.htm page.

10) prevent directory browsing by placing this line in your htaccess file:

Options All -Indexes

Author

PHP expert. Wordpress plugin and theme developer. Father, Maker, Arduino and ESP8266 enthusiast.

Comments on “10 htaccess usefull tips”

6 thoughts

  1. Iraiscoming223 ha detto:

    This is great and useful!! :) Thank you!! :D

  2. Abhilash Hebbar ha detto:

    Good tips. Thanks for the great tutorialqqq

  3. Simone ha detto:

    Deny access to a certain type of files within a directory (i.e. within ‘include’ directory, if you don’t want people to directly load you pages’ chunks.

    Order Allow,Deny
    Deny from all

    This one blocks all requests for .htaccess, *.php, *.xml, *.cache, *.log, *.sh. It only works for http requests, so any include() or require() or fopen() from you php scripts will work correctly.

  4. Simone ha detto:

    [FilesMatch “\.(htaccess|php|xml|cache|log|sh)$”]
    Order Allow,Deny
    Deny from all
    [/FilesMatch]

  5. Simone ha detto:

    Replace [ and ] with < and >

  6. Arun ha detto:

    I want to redirect all http://mysite.com request to http://www.mysite.com. I find the htaccess code for that in this blog. But I want to add one more rule in the htaccess file. I dont know how compare these two. The second rule is

    RewriteCond $1 !^(index\.php|images|css|uploads|editor|albums|js|robots\.txt)
    RewriteRule ^(.*)$ index.php/$1 [L]

    -Arun

Comments are closed

Recommended

Come realizzare in PHP un bot per il controllo di accesso ad un gruppo Telegram

Ho raccolto in questo post una serie di appunti per la realizzazione di un bot di controllo di un gruppo Telegram, non è un vero e proprio tutorial, ma è sicuramente utile per ripercorrere il progetto.

Dicembre 9, 2022

W3tc plugin feed problem

When your WordPress site has a great number of requests it could happen that your server can’t handle all the…

Ottobre 22, 2012

How many times a web link has been shared on Twitter

Twitter share button and Facebook share button are the most used buttons to share links on Internet. You can read…

Ottobre 19, 2012

get MySpace events with a PHP function

Here is a function to read the concerts for a myspace band page. This code retrieves the “shows page” for…

Febbraio 21, 2011

Get URL parameter in javascript

Sometimes in javascript you have the variable that you need to use in the url, as a parameter passed in…

Novembre 25, 2010

How to change twitter status with php and curl without oAuth

Twitter api authentication Since the 31 of august 2010, twitter made its API more secure, stopping basic authentication calls. So,…

Settembre 9, 2010