. htaccess Settings Guide Classic description _linux

Source: Internet
Author: User



If your server directory structure is this:

/usr/corsak/www/maindir

If the allowoverride support. htaccess file is turned on in the Apache directive, each access is searched sequentially:

/usr/corsak/www/maindir/.htaccess
/usr/corsak/www/.htaccess
/usr/corsak/.htaccess

The following is a detailed document, do not know where to find the year.
Because in a foreign space under the root folder to see this. htaccess, do not know what is doing, in the outdated forum to find an article, first turn to put, and then slowly study, hey.
Apache guide:. htaccess files

The. htaccess file provides a way to change the configuration for a directory.

*. htaccess file
* Working principle and use method
* Use of. htaccess files
* The effective of the instruction
* Examples of Certification
* Server side contains examples
* CGI Examples
* Troubleshoot

Top
. htaccess file
Related Modules related instructions

* Core
* Mod_auth
* mod_cgi
* Mod_include
* Mod_mime



* Accessfilename
* allowoverride
* Options
* AddHandler
* SetHandler
* AuthType
* AuthName
* AuthUserFile
* AuthGroupFile
* Require

Top
Working principle and use method

The. htaccess file (or distributed configuration file) provides a way to configure changes to the directory, that is, to place a file containing one or more directives in a specific document directory to function in this directory and all its subdirectories.

Note: If you need to use a filename other than. htaccess, you can use the Accessfilename directive to change it. For example, if you need to use. config, you can configure it in the server configuration file in the following ways:

Accessfilename. config

The instructions that are allowed to be placed in these files depend on the allowoverride instruction, which is determined by category. Which instructions in the htaccess file are valid. If an instruction is allowed to be placed in a. htaccess file, in the description of this manual, this directive will have an overlay that describes the value that must be set in the allowoverride directive for this instruction to take effect.

For example, the instructions in this manual for the Adddefaultcharset directive indicate that this directive can be used with the. htaccess file (see the context Line), while the override row is "FileInfo", So in order to make this directive valid in. htaccess, you must set at least "allowoverride FileInfo".
Example:
Context:server config, virtual host, directory,. htaccess
Override:fileinfo

If you are unsure whether a particular directive is allowed for a. htaccess file, you can refer to the instructions in the manual to see if there is a ". htaccess." In the context ("contextual") line.
Top
Use of. htaccess files

In general, the. htaccess file should not be used unless you have no access to the primary server configuration file. There is a common misconception that user authentication can only be achieved through the. htaccess file, but it is not so, it is completely feasible to write user authentication in the master server configuration, and it is a good method.

You should use the. htaccess file when the content provider needs to change the configuration of the server for the directory and does not have root permissions on the server system. If the server administrator does not want to modify the configuration frequently, you can allow users to modify the configuration themselves through the. htaccess file, especially if the ISP hosts multiple user sites on one machine and wants users to change their configuration.

However, you should generally avoid using. htaccess files as much as possible. Any configuration you want to put in the. htaccess file can be placed in the <Directory> section of the primary server, and is more efficient.

There are two main reasons to avoid using. htaccess files.

The first is performance. If allowoverride allows the. htaccess file to be used, Apache needs to find the. htaccess file in each directory, so allowing the use of. htaccess files, regardless of whether they are actually used, can cause performance degradation. In addition, you need to read the. htaccess file each time you request a page.

Also, Apache must find the. htaccess file in all the more advanced directories so that all valid directives work (see how directives are applied.), so if there is a request for a page in the/www/htdocs/example, Apache must look for the following files:

/.htaccess
/www/.htaccess
/www/htdocs/.htaccess
/www/htdocs/example/.htaccess

Also, there are 4 additional file system accesses to each file outside this directory, even if none of the files exist. (Note that this may only occur when the. htaccess file is allowed to be used, although this is not a lot.) )

The second is security. This allows users to modify the configuration of the server, which may result in unrestricted modification, and carefully consider whether to give the user such privileges. However, if you give the user less privileges and do not meet their needs, there will be additional technical support requests, so you must explicitly tell the user the permissions that have been given to them, explain the values of the allowoverride settings, and guide them through the appropriate instructions to avoid a lot of trouble in the future.

Note that placing instructions in the. htaccess file in the/www/htdocs/example directory is equivalent to placing the same instructions in the <Directory/www/htdocs/example> section of the primary server configuration file. :

In/www/htdocs/example. htaccess:
Contents of the. htaccess file in/www/htdocs/example

AddType text/example. EXM
Segments in httpd.conf files

<Directory/www/htdocs/example>
AddType text/example. EXM
</Directory>

However, it is more efficient to place this configuration in the server configuration file because it only needs to be read once at the time of Apache startup, not every time a file request is made.

Setting allowoverride to none can completely prohibit the use of. htaccess files.

AllowOverride None
Top
The entry into force of the directive

The configuration directive in the. htaccess file acts on the directory where the. htaccess file resides and all of its subdirectories, but it is important to remember that the more advanced directory may also have a. htaccess file, and the instructions are in the order of lookup, so The instructions in the. htaccess file in a particular directory may overwrite the instructions for the. htaccess file in its more advanced directory, that is, the instructions in the subdirectory will overwrite the instructions in the higher-level directory or the primary server configuration file.

For example:

The. htaccess file in the directory/www/htdocs/example1 has the following contents:

Options +execcgi

(Note: "allowoverride options" must be set to allow the "options" directive to be used in. htaccess files.) )

The. htaccess file in the directory/www/htdocs/example1/example2 has the following contents:

Options Includes

Because of the existence of the second. htaccess file, CGI execution in/www/htdocs/example1/example2 is not allowed, and only options Includes are allowed, which completely overwrites the previous settings.
Top
Certification examples

If you want to know how to authenticate, directly from here to see, there is a very important point to note, there is a common misconception that the implementation of password authentication must use the. htaccess file, in fact, is not the case. It is a better approach to place the authentication instructions in the <Directory> section of the primary server configuration file, and the. htaccess file should only be used when the primary server configuration file is not accessible. Refer to the occasion for using. htaccess files above.

Have this statement first, if you still need to use the. htaccess file, see the following instructions.

"AllowOverride authconfig" must be set to allow these instructions to take effect

The contents of the. htaccess file:

AuthType Basic
AuthName "Password Required"
Authuserfile/www/passwords/password.file
Authgroupfile/www/passwords/group.file
Require Group Admins

Note that the allowoverride authconfig must be set to allow these instructions to take effect

For more detailed descriptions of identification and authentication, see Authentication tutorial.
Top
Server-side contains examples

Another common use of. htaccess files is to allow the server side of a particular directory to contain (server Side Includes), where you can place the. htaccess file in the directory you want, and configure the following:

Options +includes
AddType text/html shtml
AddHandler server-parsed shtml

Note that the allowoverride options and allowoverride FileInfo must be set at the same time to make these instructions effective.

For more detailed instructions on server-side inclusion, see SSI Tutorial.
Top
CGI examples

Finally, you can use the. htaccess file to allow CGI programs to be executed in a specific directory, which is configured as follows:

Options +execcgi
AddHandler cgi-script CGI Pl

In addition, you can make all files in a given directory as CGI programs, as follows:

Options +execcgi
SetHandler Cgi-script

Note that you must set the allowoverride options to make these instructions effective.

For more detailed instructions on CGI programming and configuration, see the CGI tutorial.
Top
Troubleshoot

If you write a configuration directive in the. htaccess file but it does not work, there may be several reasons.

The most common reason is that the allowoverride directive is not set correctly, and you must ensure that the allowoverride none is set for this file locale. There is a good test method, that is, in the. htaccess file to add a bit of useless content, if the server did not return an error message, it is almost certain that the set allowoverride none.

If you receive an error message from the server when you access the document, you should check the Apache error log to see which instructions are not allowed in the. htaccess file, or you may find syntax errors that need to be corrected.


. htaccess File Usage Manual

-The. htaccess file (or distributed configuration file) provides a way to configure changes to the directory, that is, to place a file containing one or more directives in a specific document directory to function in this directory and all its subdirectories. As a user, the commands you can use are limited. The administrator can set it through the Apache allowoverride directive.

-directives in subdirectories overwrite instructions in higher-level directories or primary server configuration files.

-. htaccess must be uploaded in ASCII mode, preferably with the permissions set to 644.

Locating the wrong document

Common Client Request error return code:
401 Authorization Required
403 Forbidden
404 Not Found
405 Method Not allowed
408 Request Timed out
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
Common Server error return code:
Internal Server Error

Users can use. htaccess to specify their own prepared Error alert page. In general, people can set up a directory specifically, such as errors to place these pages. And then again. htaccess, add the following instructions:

ErrorDocument 404/errors/notfound.html
ErrorDocument 500/errors/internalerror.html

A single line of instructions. The first instruction above means that the page is displayed as a notfound.html page in the/errors directory for 404, which is when the required document is not found. It is not difficult to see that the syntax format is:

ErrorDocument error code/directory name/filename. extension

If you need to be prompted with very little information, you don't have to create a page to use the HTML number directly in the instruction, such as the following example:

ErrorDocument 401 "<body bgcolor= #ffffff ><h1> You do not have access to this page, please give up! </h1></body> "

Password protection for document access

To use. htaccess to set access to the user and corresponding password for a document in a directory, the first thing to do is to generate a. htpasswd text document, such as:

Zheng:y4e7ep8e7eyv

The password is encrypted, and the user can find some tools to encrypt the password into a. htaccess supported encoding. This document is best not to be placed in the WWW directory, it is recommended to be placed outside the WWW root document, which is more secure.

With the authorized user documentation, you can add the following directive to the. htaccess:

Server directory for AuthUserFile. htpasswd
Authgroupfile/dev/null (directories that require authorization to access)
AuthName Enterpassword
AuthType Basic (Authorization type)

Require user wsabstract (users who are allowed to access, you can use require valid-user if you want all users in the table to allow it)

Note, brackets part for the time of learning to add their own notes

Deny access from an IP

If I don't want a government department to access the content of my site, I can reject it by joining the department's IP in the. htaccess.

For example:


Order Allow,deny
Deny from 210.10.56.32
Deny from 219.5.45.
Allow from all

The second line rejects an IP, and the third line rejects an IP segment, which is 219.5.45.0~219.2.45.255

Want to reject everyone? With the Deny from all. Not only with IP, you can also use domain name to set.

Protect. htaccess Documents

When you use. htaccess to set the password protection for a directory, it contains the path to the password file. From a security point of view, it is necessary to protect the htaccess, and not let others see the content. Although this can be done in other ways, such as the permissions of the document. However, htaccess itself can do so by simply adding the following instructions:

<files .htaccess>
Order Allow,deny
Deny from all
</Files>

URL Steering

We may be planning the site, migrating the document, or changing the directory. At this point, access from the search engine or other web links may be wrong. In this case, the old URL can be automatically shifted to the new address by using the following instructions:

Redirect/old directory/old document name new document address

or the entire directory of the steering:

Redirect Old Directory New directory

Change the default home file

Under normal circumstances, the default home page name has default, index and so on. However, there are times when there are no default files in the directory, but a specific file name, such as pmwiki.php in PmWiki. In this case, it is troublesome for the user to remember the filename to access. You can easily set a new default filename in. htaccess:

DirectoryIndex the new default filename

You can also list multiple, sequentially indicating the priority level between them, for example:

DirectoryIndex filename.html index.cgi index.pl default.htm

Prevent hotlinking

If you do not like others to connect their own pictures and documents on their Web pages, you can also do so by htaccess instructions.

The required directives are as follows:

Rewriteengine on
Rewritecond%!^$
Rewritecond%!^http://(www/.)? mydomain.com/.*$ [NC]
Rewriterule \. (gif|jpg) $-[F]

If you feel that letting someone else's page open a skylight doesn't look good, you can use a picture instead:

Rewriteengine on
Rewritecond%!^$
Rewritecond%!^http://(www/.)? mydomain.com/.*$ [NC]
Rewriterule \. (gif|jpg) $ http://www.mydomain.com/Alternative picture file name [r,l]


-The. htaccess file (or distributed configuration file) provides a way to configure changes to the directory, that is, to place a file containing one or more directives in a specific document directory to function in this directory and all its subdirectories. As a user, the commands you can use are limited. The administrator can set it through the Apache allowoverride directive.

-directives in subdirectories overwrite instructions in higher-level directories or primary server configuration files.

-. htaccess must be uploaded in ASCII mode, preferably with the permissions set to 644.

Locating the wrong document

Common Client Request error return code:
401 Authorization Required
403 Forbidden
404 Not Found
405 Method Not allowed
408 Request Timed out
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
Common Server error return code:
Internal Server Error

Users can use. htaccess to specify their own prepared Error alert page. In general, people can set up a directory specifically, such as errors to place these pages. And then again. htaccess, add the following instructions:

ErrorDocument 404/errors/notfound.html
ErrorDocument 500/errors/internalerror.html

A single line of instructions. The first instruction above means that the page is displayed as a notfound.html page in the/errors directory for 404, which is when the required document is not found. It is not difficult to see that the syntax format is:

ErrorDocument error code/directory name/filename. extension

If you need to be prompted with very little information, you don't have to create a page to use the HTML number directly in the instruction, such as the following example:

ErrorDocument 401 "<body bgcolor= #ffffff ><h1> You do not have access to this page, please give up! </h1></body> "

Password protection for document access

To use. htaccess to set access to the user and corresponding password for a document in a directory, the first thing to do is to generate a. htpasswd text document, such as:

Zheng:y4e7ep8e7eyv

The password is encrypted, and the user can find some tools to encrypt the password into a. htaccess supported encoding. This document is best not to be placed in the WWW directory, it is recommended to be placed outside the WWW root document, which is more secure.

With the authorized user documentation, you can add the following directive to the. htaccess:

Server directory for AuthUserFile. htpasswd
Authgroupfile/dev/null (directories that require authorization to access)
AuthName Enterpassword
AuthType Basic (Authorization type)

Require user wsabstract (users who are allowed to access, you can use require valid-user if you want all users in the table to allow it)

Note, brackets part for the time of learning to add their own notes

Deny access from an IP

If I don't want a government department to access the content of my site, I can reject it by joining the department's IP in the. htaccess.

For example:


Order Allow,deny
Deny from 210.10.56.32
Deny from 219.5.45.
Allow from all

The second line rejects an IP, and the third line rejects an IP segment, which is 219.5.45.0~219.2.45.255

Want to reject everyone? With the Deny from all. Not only with IP, you can also use domain name to set.

Protect. htaccess Documents

When you use. htaccess to set the password protection for a directory, it contains the path to the password file. From a security point of view, it is necessary to protect the htaccess, and not let others see the content. Although this can be done in other ways, such as the permissions of the document. However, htaccess itself can do so by simply adding the following instructions:

<files .htaccess>
Order Allow,deny
Deny from all
</Files>

URL Steering

We may be planning the site, migrating the document, or changing the directory. At this point, access from the search engine or other web links may be wrong. In this case, the old URL can be automatically shifted to the new address by using the following instructions:

Redirect/old directory/old document name new document address

or the entire directory of the steering:

Redirect Old Directory New directory

Change the default home file

Under normal circumstances, the default home page name has default, index and so on. However, there are times when there are no default files in the directory, but a specific file name, such as pmwiki.php in PmWiki. In this case, it is troublesome for the user to remember the filename to access. You can easily set a new default filename in. htaccess:

DirectoryIndex the new default filename

You can also list multiple, sequentially indicating the priority level between them, for example:

DirectoryIndex filename.html index.cgi index.pl default.htm

Prevent hotlinking

If you do not like others to connect their own pictures and documents on their Web pages, you can also do so by htaccess instructions.

The required directives are as follows:

Rewriteengine on
Rewritecond%!^$
Rewritecond%!^http://(www/.)? mydomain.com/.*$ [NC]
Rewriterule \. (gif|jpg) $-[F]

If you feel that letting someone else's page open a skylight doesn't look good, you can use a picture instead:

Rewriteengine on
Rewritecond%!^$
Rewritecond%!^http://(www/.)? mydomain.com/.*$ [NC]
Rewriterule \. (gif|jpg) $ http://www.mydomain.com/Alternative picture file name [r,l]

A. Custom 404,401, etc error
1.
First create a name:. htaccess
Write the following content
ErrorDocument 401/err401.html
ErrorDocument 402/err402.html
ErrorDocument 403/err403.html
ErrorDocument 404/err404.html

Where 401,402,403,404 represents the type of error,
The err401.html on the back represents its corresponding page,

2.
The names were established as follows:
Err401.html,err402.html .....
File, when a corresponding error occurs,
It will point to the opposite page.

3.
To the root directory,
Which is the public_html directory.
Everything's OK.


Two. Remove advertising
Build a filename. htaccess file, the contents of the file are as follows:
Layoutignoreuri *.php
Layoutignoreuri *.cgi
Layoutignoreuri *.htm
Layoutignoreuri *.html

Upload the. htaccess to the space of the public_html directory, you can remove the ads!

Pay attention to *.* here. If you want to go to that extension file, write the file name extension!
This is the simplest way, as long as the root directory plus this file, then the entire site will not have ads!
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Tags Index: