Apache .htaccess

From HaFrWiki
Revision as of 17:23, 2 October 2018 by Hjmf (talk | contribs) (Reference)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Access-rights violation
The requested action is not allowed by this wiki website.
See the description below for detailed information.

Detailed Access-rights violation
The requested action has been read access for ⧼wikirbac-title-page (history-access)⧽ Apache .htaccess.
The webmaster/administrator has restricted access to this information using the Role Based Access Control (RBAC).
An entry of this violation has been created in the Log-file with timestamp 20 June 2019 04:51:50.
Details access limitation.
  • No-Super-UserGroup 4 All Categories.
  • No-Super-UserGroup 4 All Categories.
  • Restriction for all usergroups's (*) found for cat Index.
  • No access credentials found for Access: History



RBAC-Documentation
See the the website documentation (HaFrWikiCommunity Portal) for more information.

Suggested continuation

Return to Main Page.

The Apache Webserver file .htaccess is a powerful tool for managing the access and navigation to your webserver.
Unfortunately, the working is not very intuitive and not very simple.

There are many websites that tell they do understand/know htaccess, but little is true.
I do not pretend to know/understand htaccess, but I have some useful tips tricks.
Please review them carefully and let me know what you think.

This website uses several references, such as

  • Queness.com useful htaccess tricks and tips [1],
  • the Apache Docs on htaccess [2].
  • and more ...

Examples[edit]

SEO Friendly 301[edit]

SEO content is any content created with the goal of attracting search engine traffic. [3]

  • SEO refers to search engine optimization, or the process of optimizing a website so that people can easily find it via search engines like Google.
  • By content, we mean any information that lives on the web and can be consumed on the web.

Nowadays, some modern search engine has the capability to detect 301 Permanent Redirects and update its existing record. <syntaxhighlight lang="bash" line start="1"> Redirect 301 https://www.harmfrielink.nl/home https://www.harmfrielink.nl </syntaxhighlight>

Block Access to htaccess[edit]

Do not let everybody have access to all your files, protect them! <syntaxhighlight lang="bash" line start="1">

  1. Secures htaccess file

<Files .htaccess> order allow,deny deny from all </Files>

  1. Prevents viewing of a specific file

<Files secretfile.jpg>

order allow,deny
deny from all

</Files>

  1. Prevents multiple file types

<FilesMatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">

Order Allow,Deny
Deny from all

</FilesMatch> </syntaxhighlight>

Prevent PHP-Directory Access[edit]

The usage of a special PHP-include directory is a common implementation paradigm.
But you don't want anyone to have access to that directory except the program/application. This snippet prevents the access to the directory file with extension php.

<syntaxhighlight lang="bash" line>

    1. Enable Mod Rewrite, this is only required once in each .htaccess file

RewriteEngine On RewriteBase /

    1. Test for access to the include directory

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /phpinclude/.*$ [NC]

    1. Test that file requested has php extension

RewriteCond %{REQUEST_FILENAME} ^.+\.php$

    1. Forbid Access

RewriteRule .* - [F,NS,L] </syntaxhighlight>

  • Line 01-03: Needs to be set once and enables the RewriteCond and RewriteRule.
  • Line 05-06: Tests case insensitive ([NC]=No Case) if the directory is ../phpinclude at the end ($).
  • Line 08-09: Tests if the file name has the extension .php at the end ($).
  • Line 11-12: Forbids access to the found file.
    • F: Returns a 403 FORBIDDEN response to the client browser.
    • NS: Causes a rule to be skipped if the current request is an internal sub-request.
    • L: Stop the rewriting process immediately and don't apply any more rules.

Source: https://httpd.apache.org/docs/current/mod/mod_rewrite.html [2].

See also[edit]

top

Reference[edit]

top

  1. Queness htaccess, Queness.com htaccess post Tips and Tricks.
  2. 2.0 2.1 Apache Docs, Description mod_rewrite module: Rewrite(s) condition and rules.
  3. WordStream, SEO Content Beginners Guide.