16 great .htaccess Tricks and Hacks

The .htaccess files (Hypertext Access file) is a very powerful configuration tool on Apache web server. The Apache web server has a number of configuration options that are available to the server administrator. The .htaccess is a simple ASCII text file placed in your website root directory. You can create and edit an .htaccess file using a text editor like notepad.

Here in this post I have come up with useful 16 tips and hacks to configure your web server. As a configuration file .htaccess if a very powerful and a slight syntax error can result in a severe malfunction of your server. So to avoid that always try to keep a backup copies of all your files from the server before working with the .htaccess file.

1. Creating a custom error page with .htaccess on a linux apache is a very simple task. Using you a text editor like notepad you create an .htaccess files. Custom error pages give your website an professional look and catch those visitors who reach your website following a back link.

ErrorDocument 401 /error/401.php
ErrorDocument 403 /error/403.php
ErrorDocument 404 /error/404.php
ErrorDocument 500 /error/500.php

2. How to set the timezone on your server

SetEnv TZ America/Houston

3. Block IPs Using htaccess
Sometime you need to block certain IPs from accessing your entire site or directory. Its pretty simple task. All you have to do is inside the .htaccess file is put the following code.

allow from all
deny from 145.186.14.122
deny from 124.15

If you use the whole IP or a part of the IP to block and add the new ones in a new line. When someone trying to access your site from the banned ip they will get a 403 error access forbidden message.

4. SEO Friendly 301 permanent redirects for bad/old links and moved links

Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html

5. Set the Email Address for the Server Administrator – Using this code you can specifying the default email address for the server administrator.

ServerSignature EMail
SetEnv SERVER_ADMIN
default@domain.com

6. Hotlinking protection with .htaccess is very important because anyone can hot link to your images and eat up all your bandwith of your server. The following code will help you to prevent that.

Options +FollowSymlinks
# Protect Hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(
www.)?domainname.com/ [nc]
RewriteRule .*.(gif|jpg|png)$
http://domainname.com/img/hotlink_f_o.png [nc]

7. Block all requests from user agent – by creating a perfect .htaccess ban list, you can block all of unwanted user agents that will keep your server load down. Also Check out this interesting thread on webmaster world about the 228 user agents ban list.

## .htaccess Code :: BEGIN
## Block Bad Bots by user-Agent
SetEnvIfNoCase user-Agent ^FrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Java.* [NC,OR]
SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR]
SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR]
SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR]
SetEnvIfNoCase user-Agent ^Zeus [NC]

Order Allow,Deny
Allow from all
Deny from env=bad_bot

## .htaccess Code :: END

8. Redirect everyone to different site except few IP -If you want to redirect all the visitors to a different IP. Also give access to certain few IPs. You can use the code below

ErrorDocument 403 http://www.youdomain.com
Order deny,allow
Deny from all
Allow from 124.34.48.165
Allow from 102.54.68.123

9. Don’t want to display download request – Usually when you try to download something from a web server you get a request asking whether you want to save the file or open it. To avoid that you can use the below code on your .htaccess file.

AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mov

10. Change the file type – Make any file be a certain kind of file type Makes image.jpg, index.html, default.cgi all act as php

ForceType application/x-httpd-php
SetHandler application/x-httpd-php

11. Block access to your .htaccess file – By adding he following code to your htaccess file will prevent attempts to access your htaccess file. This extra layer of security protects your htaccess file by displaying a 403 error message on the browser.

# secure htaccess file

 order allow,deny
 deny from all

12. Protect access to certain specific file on your server – this can be done by adding the below mentioned code. For example you want to block with the file name default.jpg This will prevent the viewing of this file.

# prevent access of a certain file order allow,deny
 deny from all

13. Prevent access to unauthorized browsing – Protecting specific directory browsing can be done by intructing the server to serve a Forbidden and Authorization required message while anyone requests to view that particular directory. Usually if you site doesn’t have a default index page any files within that directory is accessible to the visitors. To avoid that use the following code in the .htaccess file.

 

# disable directory browsing
Options All -Indexes

14. Setting the default page – You can set the default page of a directory to any page you like. For example in this code the default page is set as about.html instead of index.html

# serve alternate default index page
DirectoryIndex about.html

15. Password protect your directories and files – You can create authentication for certain files and directories from being access. The code has examples of both password protection for a single file and password protection for a entire directory.

# to protect a file

AuthType Basic
AuthName “Prompt”
AuthUserFile /home/path/.htpasswd
Require valid-user

# password-protect a directory
resides
AuthType basic
AuthName “This directory is protected”
AuthUserFile /home/path/.htpasswd
AuthGroupFile /dev/null
Require valid-user

16. Redirect an old domain to a new domain – Using htaccess file you can redirect a old domain name to a new domain by adding the following code into the htaccess file. Basically what it does is it will remap the old domain to the new one.

# redirect from old domain to new domain
RewriteEngine On
RewriteRule ^(.*)$
http://www.yourdomain.com/$1 [R=301,L]

About these ads

41 Comments

  1. pato said,

    June 11, 2009 at 5:54 pm

    I beleive you should use RewriteRule .*\.(gif|jpg|png)$ http://domainname.com/img/hotlink_f_o.png [nc].

    • rafeekphp said,

      June 16, 2009 at 11:13 am

      Hi pato,
      Thanks for more information on .htacess.

      Rafeek :)

  2. Gabriel said,

    June 12, 2009 at 2:02 pm

    This is great! very useful.
    In addition check this: Creating clean urls with .htaccess:

    http://wettone.com/code/clean-urls

    • rafeekphp said,

      June 16, 2009 at 11:13 am

      Hi Gabriel,
      Thanks sharing more information on .htaccess.

      Rafeek :)

  3. Wogan said,

    June 12, 2009 at 2:10 pm

    Fantastic list – thanks!

    (I hate leaving spam-like comments like that, but that’s all I have to say, lol)

  4. June 12, 2009 at 2:49 pm

    [...] 16 great .htaccess Tricks and Hacks « PHP Twitterrafeekphp.wordpress.com [...]

  5. June 12, 2009 at 4:09 pm

    [...] This post was Twitted by paulo_saavedra – Real-url.org [...]

  6. Hostimal said,

    June 12, 2009 at 6:04 pm

    Removing file extension

    From

    http://www.example.com/about-us.html
    http://www.example.com/services.html
    http://www.example.com/contact-us.html

    To

    http://www.example.com/about-us
    http://www.example.com/services
    http://www.example.com/contact-us

    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME}\.html -f
    RewriteRule ^(.*)$ $1.html
    # Replace html with your file extension, eg: php, htm, asp

    • rafeekphp said,

      June 16, 2009 at 11:12 am

      Hi Hostimal,
      Thanks for the valuable comment and more information.

      Rafeek :)

  7. June 12, 2009 at 6:40 pm

    [...] General – 16 great .htaccess Tricks and Hacks – PHP Twitter (Suggested by Smashing Magazine) [...]

  8. June 12, 2009 at 7:24 pm

    [...] : Delicious-IT | Date : Jun 12 2009 | Views : 1 views | Total Word : 9 | Print this Page! | Permalink! [...]

  9. June 12, 2009 at 9:15 pm

    [...] 16 great .htaccess Tricks and Hacks � PHP Twitter (htaccess,Tip,Hack,List) [...]

  10. Razib Miah said,

    June 12, 2009 at 10:50 pm

    nice article ! Thanks for sharing. It will help so much

    • rafeekphp said,

      June 16, 2009 at 11:09 am

      Hi Razib,
      Thanks for your comment :).

      Rafeek

  11. June 13, 2009 at 4:08 am

    [...] 16 great .htaccess Tricks and Hacks (tags: htaccess tutorial server) [...]

  12. June 13, 2009 at 6:13 am

    [...] 16 great .htaccess Tricks and Hacks « PHP Twitter The .htaccess files (Hypertext Access file) is a very powerful configuration tool on Apache web server. The Apache web server has a number of configuration options that are available to the server administrator. The .htaccess is a simple ASCII text file placed in your website root directory. You can create and edit an .htaccess file using a text editor like notepad. [...]

  13. June 13, 2009 at 7:03 am

    [...] 16 great .htaccess Tricks and Hacks (tags: apache web security sysadmin) Comments (0) [...]

  14. June 13, 2009 at 7:41 am

    I’m new to the PHP and Apache Web Server environment so these tips for securing and administering your server through the .htaccess file will be very handy. Thank you for the post.

    • rafeekphp said,

      June 16, 2009 at 11:06 am

      Hi,
      Thanks for your comment. We will share thorugh the blog in future on new IT Twits :)

      Rafeek

  15. wpcodes.com said,

    June 13, 2009 at 7:59 am

    great post, just amazing friend :) keep up sharing your php stuff

    • rafeekphp said,

      June 16, 2009 at 11:05 am

      Thanks WPCODES.com :)
      Rafeek

  16. love sms said,

    June 13, 2009 at 8:00 am

    can i share it on my website :) ?

    • rafeekphp said,

      June 16, 2009 at 10:59 am

      Hi lovesms,
      Thanks :). We will continue twit on the new technologies in PHP.
      Rafeek

  17. syaiful said,

    June 13, 2009 at 3:08 pm

    hello from Indonesia

    • rafeekphp said,

      June 16, 2009 at 11:03 am

      Hi syaiful,
      Thanks visiting my blog.

      Rafeek :)

  18. Jack Warez said,

    June 13, 2009 at 3:13 pm

    Thank alot for your posts.

    • rafeekphp said,

      June 16, 2009 at 11:04 am

      Hi Jack,
      Thanks hope i will post more twit in future on PHP.
      Rafeek :)

  19. June 14, 2009 at 4:40 pm

    [...] General – 16 great .htaccess Tricks and Hacks – PHP Twitter (Suggested by Smashing Magazine) [...]

  20. June 19, 2009 at 3:37 pm

    [...] 16 great .htaccess Tricks and Hacks [...]

    • rafeekphp said,

      June 22, 2009 at 4:56 am

      Hi,
      Thanks adding my article in your blog. :)

      Rafeek

  21. June 23, 2009 at 6:54 am

    [...] 16 great .htaccess Tricks and Hacks [...]

  22. Lagon666 said,

    June 28, 2009 at 11:24 am

    Hi, I have a problem with my htaccess file. I wanna when i visit the “http://localhost/admin” (without slash at end), the page redirect to “http://localhost/user.php?user=admin”. Can you solve it?

    • rafeekphp said,

      June 29, 2009 at 5:57 am

      Hi Lagon666,

      I hop e this will useful to you as what you are expecting,

      Options +FollowSymlinks
      RewriteEngine on
      RewriteRule ^files/([^/]+)/admin /user.php?user=$1 [NC]

      Thanks
      Rafeek :)

  23. June 29, 2009 at 4:19 pm

    [...] 16 great .htaccess Tricks and Hacks « PHP Twitter [...]

  24. July 24, 2009 at 4:53 am

    [...] 文章:来源 喜欢本文,那就收藏到: 人家还要~做饭实用技巧 随机日志爱真的需要勇气 [...]

  25. ridwan said,

    August 11, 2009 at 1:28 am

    I like this.
    Thanks raf for your information

  26. September 3, 2009 at 12:43 pm

    I have one problem that is http://www.booty-call.mobi/osdate/public_html/
    I want to remove /osdate/public_html/ from my site’s URL i.e if i enter http://www.booty-call.mobi then it should display my site’s page. How to solve this. What i have to in the .htaccess file. Can any one help please?

  27. funny sms said,

    October 1, 2009 at 2:04 pm

    Thanks for these useful tips

  28. Leandro said,

    July 10, 2010 at 12:56 pm

    Well done, nice post!

    I still haven’t seen a solution to my problem if anyone has it?

    I am building a website which users will have a personal page. I would like to link their pages like http://www.mysite.com/john and the structure would be subfolders rather than the root folder.

    I don’t want public_html / john but public_html / profiles / john

    Hope that makes sense :-)

    Thanks in advance Leandro
    Peace…

  29. Kumar said,

    September 1, 2010 at 9:09 am

    Thanks for the awesome post. I like it.

  30. el_griffin said,

    October 26, 2010 at 11:57 pm

    this is how is made this days


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: