What is .htaccess for?<\/p>\n
By typing the address into your browser, you get the files that the browser displays on your computer. The web server controls which files are shown to you and how they are shown (forwarded). The most popular servers are two: IIS and Apache.
\nLike any program, a web server has certain settings. But, you, as an Apache user can (and most likely won’t, as far as shared hosting is concerned) have rights to change Apache configuration through its main files, which apply to all users of that server. But you can change some configuration files, which apply only to your site. One of these files is .htaccess
\nThis is the Apache web server flexible configuration file. “Flexible” means that as soon as you change something in this file, the changes take effect immediately. With it you can override many directives from the httpd.conf file (this file is the main configuration file of the Apache server and its actions apply completely to all users of a given copy of Apache). In cases where you do not have access to the Apache configuration file (the same shared hosting), this file will help you.
\nThis file is not accessible to the web user from the browser. If the .htaccess file is located in the root directory of the server, it applies to the entire server, except for those folders where another .htaccess file is located (and except for all folders “below” that folder with the second .htaccess file).
\nExample:
\nThe structure of your directories on the server is as follows:<\/p>\n
|-user |-data The directories user1 and user2 will be nested under the user directory. If we put a .htaccess file in the www directory, it will automatically apply to user1 and user2 as well. Syntax .htaccess<\/p>\n Here is the obligatory syntax, non-compliance with which leads to server errors: The file is named exactly “point” htaccess How can I prevent web visitors from reading files in a directory?<\/p>\n Ban all files: Allow access from a certain ip: In this case, <your ip> denotes a specific address. Deny access from a certain ip: Using <your ip> is similar to the example above.<\/p>\n Prohibit a group of files by mask: Determines access to a file by its extension. In this example, the Apache web server itself can access files with these extensions.<\/p>\n A ban on a specific file: In this example, the config.inc.php file is banned.<\/p>\n Password for the directory: The AuthName value will be displayed to the visitor and can be used to explain the authorization request. The AuthUserFile value points to the location where the file with passwords for access to this directory is stored. This file is created by a special utility htpasswd.exe.<\/p>\n For example, in the directory that we protect with a password, we create such a .htaccess: In this example, the visitor when requesting the directory, will read the phrase “For Registered Users Only”, the file with passwords for access must be in the directory \/pub\/site.ua\/ and called .htapasswd. The directory is specified from the root of the server, if you specify the wrong directory, then Apache will not be able to read the .htapasswd file and no one will have access to this directory.<\/p>\n The password is only for 1 file: Password for a group of files: Checking access rights<\/p>\n Problem: there is directory a1 and in it two subdirectories a2, a3, introduced two levels of users. Group 1 has access only to a1 and a2, group 2 has access to all three directories. It is necessary to authenticate only once – when accessing a1, but still respect the rights to access a2 and a3. www.site.ua\/a1 .htaccess file for directory a1: .htaccess file for directory a2: .htaccess file for the a3 directory: How do I redirect a visitor?<\/p>\n Redirect any page of the site to an index file: Display different pages, depending on the IP address of the visitor: For example, redirecting visitors with ip address 192.12.131.1 to the about_my_sity.html page: Redirect the visitor when requesting certain pages: redirect \/_vti_bin http:\/\/www.microsoft.com How do I make a different page my start page?<\/p>\n To change the page that will be displayed when the directory is accessed, write: You can specify more than one page.<\/p>\n DirectoryIndex index.shtml index.php index.php3 index.html index.htm<\/p>\n How can I get Apache to process SSI directives?<\/p>\n SSI allows you to “assemble” a page from pieces. You have the menu code in one piece, the code for the top of the page in another, and the code for the bottom of the page in a third. And the visitor sees an ordinary page, which consists of the code that is included in your pieces. After that, in the .htaccess file we write:<\/p>\n AddHandler server-parsed .shtml .shtm .html .htm<\/p>\n How do I get Apache to execute php code in html documents?<\/p>\n Sometimes it is useful to “cheat” the visitor, giving him his php-scripts or other files as html files. Really used for indexing by the search engine Rambler php-scripts. Some do little tricks, like giving files extensions that coincide with some “iconic” names.<\/p>\n RemoveHandler .html .htm With high server traffic can cause slowdowns. Ask the administrator.<\/p>\n For cloudlinux servers, the design would look like this:<\/p>\n <FilesMatch “.(php|htm|html)$”> How do I handle Apache errors myself?<\/p>\n The most interesting and useful Apache errors are: 403-404, 500. ErrorDocument 403 \/errors\/403.html In this case, when a 404 error occurs, the file errors\/403.html will be loaded to the user.<\/p>\n It is convenient to make your own handler for some errors. In .htaccess we write: In error.php use $HTTP_SERVER_VARS[‘REQUEST_URI’] to determine which document caused the error and then process it. If ErrorDocument in .htaccess has the full path (http:\/\/site.ua\/error.php), then $HTTP_SERVER_VARS[‘REQUEST_URI’] will contain this file, not the one that caused the error. How can I disable the display of directory contents if there is no index file?<\/p>\n Suppose you have all the graphics used on your site in the img directory. A visitor can type that directory into the browser address bar and see a list of all your graphic files. Of course, this won’t do you any damage, but you can prevent the visitor from seeing this. In .htaccess we write:<\/p>\n Options -Indexes<\/p>\n Can I specify the default encoding for all files that my browser receives documents in?<\/p>\n In the early days of the Internet and the birth of browsers, there was often a situation where the browser could not automatically determine which of the Russian encodings the document was written in, and the browser outputted some mush. To avoid this, specify that all output pages will be encoded windows-1251:<\/p>\n AddDefaultCharset windows-1251<\/p>\n Is it possible to specify the encoding on the downloaded files?<\/p>\n When a visitor uploads a file to the server, it is possible to recode it – specify that all received files will be encoded windows-1251:<\/p>\n CharsetSourceEnc windows-1251<\/p>\n I created a .htaccess file, but the server gives 500 error – Internal Erorr<\/p>\n Syntax error or the file is in the wrong format. What is .htaccess for? By typing the address into your browser, you get the files that the browser displays on your computer. The web server controls which files are shown to you and how they are shown (forwarded). The most popular servers are two: IIS and Apache. Like any program, a web server has certain…<\/p>\n","protected":false},"author":4,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"inline_featured_image":false,"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","ghostkit_customizer_options":"","ghostkit_custom_css":"","ghostkit_custom_js_head":"","ghostkit_custom_js_foot":"","ghostkit_typography":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"ht-kb-category":[10669],"ht-kb-tag":[],"class_list":["post-36844","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-hosting-en"],"taxonomy_info":{"ht_kb_category":[{"value":10669,"label":"Hosting"}]},"featured_image_src_large":[],"author_info":{"display_name":"\u041e\u043b\u0435\u0433 \u041f\u043e\u043a\u043e\u0442\u0438\u043b\u043e","author_link":"https:\/\/tuthost.ua\/en\/author\/oleg-tuthost-com\/"},"comment_info":0,"_links":{"self":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/36844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/comments?post=36844"}],"version-history":[{"count":1,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/36844\/revisions"}],"predecessor-version":[{"id":48828,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb\/36844\/revisions\/48828"}],"wp:attachment":[{"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/media?parent=36844"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb-category?post=36844"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/tuthost.ua\/en\/wp-json\/wp\/v2\/ht-kb-tag?post=36844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n| |
\n| -user1
\n| |
\n| -user2
\n|<\/span><\/span><\/p>\n
\n| |
\n| -data1
\n| |
\n| -data2
\n|<\/p>\n
\nIn the directory data we put another file .htaccess, in comparison with the one in the directory user. And for directories data1 and data2 will act .htaccess file, located in the data.
\nNow, in the directory user2 we put another .htaccess file, which is different from the one in the directory 2 levels above (this directory is user). As a result, the settings for user2 will be determined only by the .htaccess file in this directory.
\nSince most Apache is configured to always look for this file in the directory, .htaccess will help you quickly reconfigure it without stopping the server.<\/p>\n
\n– paths to files (directories) are specified from the root of the server. Example: \/opt\/home\/www.astanafoto.com\/htdocs\/config\/.htpasswords
\n– domains with a protocol indication
\nExample: Redirect \/ http:\/\/www.site.ua<\/p>\n
\nMust be written in UNIX format. For the FAR shell, reach F4 (edit file), Shift+F2 (select “save as UNIX-text”).<\/p>\n
\n
\nDeny from all
\nWhere all means “all.<\/p>\n
\n
\norder allow deny
\nDeny from all
\nallow from <your ip><\/p>\n
\nFor example:
\norder allow deny
\nDeny from all
\nallow from 192.126.12.199<\/p>\n
\n
\norder allow deny
\ndeny from <your ip><\/p>\n
\n
\n<Files “\\.(inc|sql|…other extensions…)$”>
\norder allow,deny
\nDeny from all
\n<\/Files><\/p>\n
\nFor example, banning web visitors from accessing files with the “inc” extension:
\n<Files “\\.(inc)$”>
\norder allow,deny
\nDeny from all
\n<\/Files><\/p>\n
\n
\nYou can ban a specific file by its name and extension.
\n<Files config.inc.php>
\norder allow,deny
\nDeny from all
\n<\/Files><\/p>\n
\n
\nAuthName “Private zone”
\nAuthType Basic
\nAuthUserFile \/pub\/home\/your_login\/.htpasswd
\nrequire valid-user
\n<\/Files><\/p>\n
\nAuthName “For Registered Users Only”
\nAuthType Basic
\nAuthUserFile \/pub\/site.ua\/.htpasswd
\nrequire valid-user
\n<\/Files><\/p>\n
\n
\nSimilar to the full directory password, you can put a password on only 1 file.
\nAn example of setting a password on a private.zip file:
\n<Files private.zip>
\nAuthName “Users zone”
\nAuthType Basic
\nAuthUserFile \/pub\/home\/your_login\/.htpasswd
\n<\/Files><\/p>\n
\n
\nSimilarly, using <Files “\\.(inc|sql|…other extensions…)$”>, you can set passwords by file mask.
\nAn example of setting a password to access all files with the “sql” extension:
\n<Files “\\.(sql)$”>
\nAuthName “Users zone”
\nAuthType Basic
\nAuthUserFile \/pub\/home\/your_login\/.htpasswd
\n<\/Files><\/p>\n
\n
\nNickname and password are requested only when logging into A1 – if the user has access to a2 the password is no longer asked. If there is no access on a3, the “enter password” message will pop up.<\/p>\n
\nwww.site.ua\/a1\/\u04302
\nwww.site.ua\/a1\/a3
\na1 is general and at the same time closed. a2 and a3 only for individuals.<\/p>\n
\n
\nAuthName “Input password”
\nAuthType Basic
\nAuthUserFile “\/pub\/home\/login\/htdocs\/clousearea\/.htpasswd”
\n<Files *.*.>
\nrequire valid-user
\n<\/Files><\/p>\n
\nAuthName “Input password”
\nAuthType Basic
\nAuthUserFile “\/pub\/home\/login\/htdocs\/clousearea\/.htpasswd”
\n<Files *.*.>
\nrequire user user1 user2 user3
\n<\/Files *.*><\/p>\n
\nAuthName “Input password”
\nAuthType Basic
\nAuthUserFile “\/pub\/home\/abv\/htdocs\/clousearea\/.htpasswd”
\n<Files *.*.>
\nrequire user user1 user4 user5
\n<\/Files *.*><\/p>\n
\n
\n
\nRedirect to another url:
\nTo redirect a visitor to http:\/\/site.ua in .htaccess Redirect \/ http:\/\/www.site.ua<\/span><\/span><\/p>\n
\n
\nRewriteEngine on
\nRewriteRule !\\index.html$ \/index.html<\/p>\n
\n
\nSetEnvIf REMOTE_ADDR <desired ip address> REDIR=”redir”
\nRewriteCond %{REDIR} redir
\nRewriteRule ^\/$ \/another_page.html<\/p>\n
\nSetEnvIf REMOTE_ADDR 192.12.131.1 REDIR=”redir”
\nRewriteCond %{REDIR} redir
\nRewriteRule ^\/$ \/about_my_sity.html<\/p>\n
\n
\nThis is already for all network viruses and scanners. Now any request with the \/_vti_bin address will be automatically redirected to Microsoft:<\/p>\n
\nredirect \/scripts http:\/\/www.microsoft.com
\nredirect \/MSADC http:\/\/www.microsoft.com
\nredirect \/c http:\/\/www.microsoft.com
\nredirect \/d http:\/\/www.microsoft.com
\nredirect \/_mem_bin http:\/\/www.microsoft.com
\nredirect \/msadc http:\/\/www.microsoft.com
\nRedirectMatch (.*)\\cmd.exe$ http:\/\/www.microsoft.com$1<\/p>\n
\n
\nDirectoryIndex <the desired page><\/p>\n
\n
\nMandatory settings in httpd.conf are required:
\nIn the block starting with <Directory\/> and ending with <\/Directory>, add Includes to the Options Indexes line.<\/p>\n
\n
\nAddType application\/x-httpd-php .php .htm .html .phtml<\/p>\n
\nAddHandler application\/x-httpd-lsphp .php .htm .html
\n<\/FilesMatch><\/p>\n
\n
\n403 – user not authenticated, access denied (Forbidden).
\n404 – the requested document (file or directory) was not found.
\n500 – internal server error (for example, an error in the syntax of the .htaccess file).
\nIn order to display your own error messages to the user on these errors, we write in .htaccess:<\/p>\n
\nErrorDocument 404 \/errors\/404.html
\nErrorDocument 500 \/errors\/500.html<\/p>\n
\nErrorDocument 403 \/errors\/error.php?403
\nErrorDocument 404 \/errors\/error.php?404
\nErrorDocument 500 \/errors\/error.php?500<\/p>\n
\nInternet Explorer 5.0 does not correctly handle the file called by an error if its size is less than 1 kilobyte. The standard IE 404 page will be called.<\/p>\n
\n
\n
\n
\n
\nSee question #2.<\/p>\n","protected":false},"excerpt":{"rendered":"