.htaccess Getting started

What is .htaccess ?
Text file called .htaccess can be used to control web server (Apache) behavior for your web site. The other sections of this .htaccess tutorial deal with actual commands (called directives) which can be used.

Some exmaple of .htaccess usages

1. Enable/Disable Directory Listing

To have the web server produce a list of files for such directories, use the below line in your .htaccess.

Options +Indexes

To have an error (403) returned instead, use this line.

Options -Indexes

2. Listing Style

Either a basic list of files can be shown, or a 'fancy' list including icons, file size, modification date and more.

IndexOptions +FancyIndexing

Add this to your .htaccess file to use the 'fancy' style.

IndexOptions -FancyIndexing

Use the above line if you prefer a more basic file list.

3. Ignore Files

Let's say you have a directory with .jpg, .gif and .png image files. You only want the .png files to show in the directory listings. Add this line to your .htaccess.

IndexIgnore *.gif *.jpg

The web server now ignores the .gif and .jpg files.

4. Modify Index File

Maybe you don't want a list of the files, you want a specific file to be shown instead. You could upload an index.html file in this directory. There is another way.

DirectoryIndex myfile.html

Instead of listing the files, web page myfile.html will now be shown for this directory and its subdirectories.

5. Custom Error Messages

The ErrorDocument is used for this purpose, followed by a 3 digit errorcode and the action to perform.

ErrorDocument 404 /notfound.html

This example will display web page notfound.html in cases where the requested document is not found.

If you remove a web page from your site and someone tries to view it, they would see notfound.html instead.

ErrorDocument 404 http://www.other_site.com/notfound.html

This redirects such requests to the URL you specify.

You can also tell .htaccess to display a text message.

ErrorDocument 404 "No such document here

Here, the text 'No such document here' is shown.

Replace the action parts shown in red in the above examples to customize the web server behavior.

6. Other Error Numbers

Other comonly used 3 digit codes are listed below.

401 : Authorization Required

Someones tried to access a password protected area but did not provide correct user/pass info.

403 : Forbidden

This person is blocked from requesting the document.

500 : Internal Server Error

Usually, this means the cgi script being used crashed.

7. Create the .htaccess file

Let's say you remove file old.html and want to send people looking for it to web page new.html.

Redirect /old.html http://your_domain.html/new.html

All it takes is one simple line, quick and easy.

An additional option is available. This is said to be the best way from a search engine point of view.

Redirect permanent /old.html http://your_domain.html/new.html

The only difference is the error code generated while redirecting the request. It indicates the requested document has moved for good and will not be back.

8. Other uses

This .htaccess feature can be used for any file type.

Redirect /old.pdf http://your_domain.html/new.pdf

This will redirect requests for old.pdf to file new.pdf.

9. Hotlink Protection

Add the below lines to your .htaccess file to stop people from hotlinking to your .gif and .jpg files.

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?your_domain.com/.*$ [NC] RewriteRule \.(gif|jpg)$ - [F]

Replace your_domain.com with your domain name.

This starts by turning on the rewrite engine. Next, it checks the referer (where the request comes from).

If it did not come from your domain name and it is a request for a .gif or .jpg file, it will output an error message. Otherwise it will display the image as usual.

The rewrite engine is very powerful and can be used for many other purposes. This tutorial is for beginners.

10. Other Uses

This .htaccess trick can be used to protect other file types, such as .mp3, .ogg, .mpg and other files.

RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?your_domain.com/.*$ [NC] RewriteRule \.(mp3|ogg|mpg)$ - [F]

The only changes in this .htaccess file are on the last line. Enter the file extensions in the brackets, do not include the dot (.). Separated them with a pipe (|).

.htaccess Tutorial - Block An IP Address

There may be times where you want to refuse access to certain robots or human visitors to your web site.

11. Basic .htaccess file

order allow,deny deny from 127.0.0.1 allow from all

This will refuse all GET and POST requests made by IP address 127.0.0.1, an error message is shown instead.

12. More options

To block multiple IP addresses, list them one per line.

order allow,deny deny from 127.0.0.1 deny from 127.0.0.2 deny from 127.0.0.3 allow from all

You can also block an entire IP block/range. Here we will not specify the last octet in the .htaccess file.

deny from 127.0.0

This will refuse access for any user with an address in the 127.0.0.0 to 127.0.0.255 range.

Instead of using numeric addresses, domain names (and subdomain names) can be used to ban users.

deny from isp_name.com

It bans users with a remote hostname ending in isp_name.com. This would stop all users connected to the internet via isp_name.com from viewing your site.

Using .htaccess to block an entire range or name is likely to lock out innocent users. Use with caution.

I will add some more uses...later..

Copyright Ayon Baidya