htaccess methods

Write your "How To" regarding anything you are comfortable with and you feel it will help the forum members.

NOTE :: All threads started here will appear only after the approval from Administrator
Post Reply
mfrna
Posts: 57
Joined: Mon Jan 08, 2007 12:54 pm

htaccess methods

Post by mfrna »

what's htaccess?

htaccess are files that allow you change some settings on your servers locally ,one of its popular usages is providing custom error pages.

do all hosts support htaccess?

actually no,some hosts don't support it at all, some other hosts support it but disable it .. the best judge is trying for yourself.

what do I get by using htaccess?

well, alot
you get the ability to protect certain folders(using passwords), redirection, custom error pages .. and many more functions

how do I create a htaccess file?

just open your favourite text editor (notepad can do), write your lines and save the file as ".htaccess" without the quotes and including the dot.

can I use htaccess with frontpage extensions installed?

yes,but beware that fp extensions use htaccess files as well, so you are not advised to change those files created by FP.
if you need to change those files, you should back up the htaccess files first and then add your code to the beginning of file.

Lets get to it...

as mentioned before,htaccess can do some of the coolest stuff ever

1- custom error pages

error pages are pages that appear to the user in case of an error (obviously :D)
e.g. when a user tries to access a page that doesn't exist

errors on a web server are given a few codes or numbers,so when an error occurs ,apache returns an error code, which is also translated by apache to an error page
apache returns the default error page unless,it finds a htaccess directive that provides another page

here we need to understand the "chain of command" of apache

apache uses the following priority levels on managing your site
a-apache defaults
b-root folder ".htaccess" file
c-child folder ".htaccess" file

where the latter has the highest priority

now the most common error codes are
400 - Bad request
401 - Authorization Required
403 - Forbidden
404 - Wrong page
500 - Internal Server Error
and to deal with those errors using your htaccess file you can write the following codes

Code: Select all

**** 404 /notfound.html
**** 500 /errorpages/500.html
or generally

Code: Select all

**** errornumber PathFromRootTo/file.html
note that ,the error page can be plain text , html or php, e.g. you can make the php error page report the error to your email or report a possible hacker for code 401 for a protected folder

2-stop or allow directory listing

another useful function of htaccess is controlling the directory listing of directories that don't have an index page (if you have a script with subfolders you may need to hide your files)

this can be done using the simple "options" directive

e.g.
if you want to disable indexes

Code: Select all

Options -Indexes
if you want to enable indexes

Code: Select all

Options +Indexes
3-Deny or allow access to your folder based on ip address

you can use htaccess to deny a certain ip from accessing your folder or even a range of ip's

to deny a certain ip

Code: Select all

allow from all
deny from 254.254.254.254
to deny a range of ip's

Code: Select all

allow from all
deny from 254.

Code: Select all

allow from all
deny from 254.254.

Code: Select all

allow from all
deny from 254.254.254.
or you can allow a certain ip to access the folder or a range of ip's

to allow a certain ip

Code: Select all

deny from all
allow from 254.254.254.254
to allow a range of ip's

Code: Select all

deny from all
allow from 254.

Code: Select all

deny from all
allow from 254.254.

Code: Select all

deny from all
allow from 254.254.254.
4-Custom index page

if your host gives you pain with a strange index page name (some hosts require page name to be main.html or something or you may use a script that uses a main page with a certain name that's hard to change)

Code: Select all

DirectoryIndex index.php index.php3 index.html index.htm main.html
you can see that, there are many pages defined n the same directive, these are checked by the server from left to right,the first page that exists will be used as the index page of your directory

notice :: it occurred to me that you might don't know what is index page !

well,index page is the page that appears when you call the domain (subdomain) or a directory name

e.g. http://www.google.com , or http://www.google.com/adsense/ ,or http://video.google.com/

here you haven't specified a page's name, hence the site gives you the index page

5-Redirection

htaccess can redirect requests from a certain file or folder to another file or folder respectively

this is useful if you move a file or a folder from its original location to another location on the same server or a totally different server

to redirect from old file to a new file

Code: Select all

Redirect /path/from/root/to/file.ext http://www.othersite.com/new/path/newfile.name

Code: Select all

Redirect /path/from/root/to/file.ext /newpath/from/root/to/the/newfile.name
to redirect from old directory to a new directory

Code: Select all

Redirect /path/to/olddirectory http://www.newsite.com/newpath/for/newdirectory

Code: Select all

Redirect /path/to/olddirectory /newpath/for/newdirectory
6- Password protection

you can secure a folder by using a htaccess files in addition to .htpasswd

the htpasswd file contains the usernames and passwrords of all the users that are allowed to access protected folder(s) on your server

to protect a folder you should put the .htaccess file in that folder with the following code in it

Code: Select all

AuthName "Section Name"
AuthType Basic
AuthUserFile /full/path/to/.htpasswd
Require valid-user
you can change the section name to anything you want e.g. "Members area", you should also change the path to htpasswd file on third line

note that you should place the htpasswd file somewhere inaccessible by a web browser (for cpanel hosts .. anywhere except public_html and www is fine but it should be chmoded to rw-r--r--)

last line defines which user is allowed to access the protected folder, it can be either one user or any user in the htpasswd file

to allow any user in htpasswd file

Code: Select all

Require valid-user
to allow only a specified user

Code: Select all

require user username
the .htpasswd file looks like that

Code: Select all

username:fjdskfhk
another:3kij4k
user:lcds8f6y
where username,another and user are usernames of your site members and fjdskfhk , 3kij4k and lcds8f6y are their respective encrypted passwords

to encrypt passwords you can use a tool like this one
or this one

now any "valid user" can access your protected area by simply going to http://www.yoursite.com/directory and typing their user name and password or

going to http://username:%20password@www.yoursite.com/directory/

note:: the url shouldn't contain spaces but the forum turns : p into a smiley if not separated by a space


hope it helps and hope you like it
any questions are welcome


SHAdmin
Posts: 2089
Joined: Sat Dec 18, 2004 11:28 am
Contact:

Post by SHAdmin »

30 points have been credited into your account for sharing this usefull "How To" with the community members.
mfrna
Posts: 57
Joined: Mon Jan 08, 2007 12:54 pm

Post by mfrna »

thank you

just hope it helps someone :)
monk
Posts: 114
Joined: Thu Mar 31, 2005 1:56 am

Post by monk »

nice dude... thanks! i havent used it yet, or perhaps anytime soon but its good to know exactly and i will use this as a reference for when i am working on my .htaccess file. thanks again...

peace.
m
http://monk.thesmokylounge.com ... might be a bit too psychedelic for you.
delivi
Posts: 454
Joined: Sun Mar 26, 2006 1:24 pm
Contact:

Post by delivi »

that is a great collection of htaccess codes. Thanx for sharing.

this will be helpful for toher and act as a reference.
Post Reply