What is a .htaccess files?
According to Wikipedia a .htaccess file is a "hypertext access" and "is placed in a particular directory, and the directives in the .htaccess file apply to that directory." It also "provides the ability to customize configuration for requests to the particular directory," which is key in maintaining a successful website and to limit which users can enter where.
Source: http://en.wikipedia.org/wiki/.htaccess
How to start a .htaccess file?!?
In order to start a .htaccess file you need to create a new file in your cPanel File Manager and make sure to place the .htaccess file in the appropriate folder. However, after you make the file, the cPanel File Manager does not display the file so what you need to do is edit another file and then when you have the option to change the file location at the top change that to the location of your .htaccess file. Here is an example:
Then hit, open. From there you can edit your .htaccess file./home/username/public_html/admins/.htaccess
Restricting Access
With .htaccess files you can restrict access globally, allow access globally, or even allow/restrict per ip address. This means that you have a lot of flexibility when it comes to this matter. Firstly, you need to declare the order that the file will be read.
You need to either choose:
Code: Select all
Order allow,deny
Code: Select all
Order deny, allow
Next, you have lots of options from here.
Now, the allow a certain ip is only necessary whenever you have deny from all set up and vice versa. (Basically, you do not have to allow or deny each ip if you have already allowed/denied all.)Your Options
-Allow from all
-Deny from all
-Allow a certain ip
-Deny a certain ip
So next, let's put these in our .htaccess file. If we want to allow from all or deny from all then just put that in there. However, when allowing/denying a certain ip you need to do it in this format:
Code: Select all
Allow from ****.****.****.****
Deny from ****.****.****.****
Now, back to what the order does. If you do the order allow, deny then the allow's will be looked at first then the deny's and vice versa with the other way. So for example:
Code: Select all
Order allow,deny
Deny from all
Allow from all
Code: Select all
Order deny, allow
Deny from all
Allow from all
So what does this denying do to the user?
Simple, it gives the user a 403 error; hence the outcome of the error: (Forbidden: You don't have permission to.....)
And what about the allowing; what does that do?
Once again, simple, it allows the user to have access to any of the files in that directory.
Setting Error ****
With a .htaccess file you can also set a link to an error ****. This means that you can create your own error page or just send the user to a different link whenever they receive the error. This is a pretty handy tool that I use on my website since I don't want to have an external error page, but want it to be incorporated with my site's design/content management system. Here are some examples of how to do this:
Code: Select all
**** 404 http://www.domain.com/index.php?page=error&c=404
**** 403 http://www.google.com
I have an images folder and want the users to be able to access the images, but don't want to show the directory list!!!
Here is another really neat trick that .htaccess files allow you to do. You can do just what was asked for in the bold.
Code: Select all
Options -Indexes
And of course there is always an opposite to that:
Code: Select all
Options +Indexes
How great is this really?
All in all, a .htaccess file should be placed as needed, which is most of the time, and it is very good at keeping out users, but remember it only limits users by ip address and people can easily bypass that so therefore a .htaccess file shouldn't be used as a banning system on a website. Instead you should ban that username and then use the .htaccess file for ip bans and just like on all other websites the ip bans will not always work due to work-arounds on the user's end.
What should my .htaccess file look like now?
Well you beat me to it....I was just going to give an example. Here is an example of a .htaccess file from what was discussed today:
Code: Select all
Order allow, deny
Allow from all
Deny from ****.****.****.****
Deny from ****.****.****.****
**** 404 http://www.mywebsite.com/index.php?page=error&c=404
**** 403 http://www.mywebsite.com/index.php?page=error&c=403
What's coming in the next part?
-How to redirect all http://domain.com traffic to http://www.domain.com.
-Some code to stop the bad bots that eat up bandwidth for no reason.
-Whatever you want! Just give me requests by sending me a personal message containing some information you want clarified, something that you heard about but don't know how to do, or whatever else you want to know about .htaccess files!