. Several examples of htaccess redirection and URL rewriting

Source: Internet
Author: User
Tags php and require save file valid password protection root directory

. htaccess is a feature in the Apache virtual directory that can be used in place of the Apache Conf, like redirection and URL rewriting or security configuration, which can be used to take a look at some of the. htaccess examples below.

# This is a note
# Specify default Home lookup order

DirectoryIndex index.htm. index.php

ErrorDocument 404/error/404.html
#比较下面2句: The default is 302, the user is accessing ABC, but the actual display is a Def page, and the Address bar also shows ABC
#redirect 301/abc/def

Rewriteengine on
#访问old. html actually shows index.php, and the address bar still shows old.html, contrasting with the brackets [] in the following notation
Rewriterule ^old.html$ index.php
#RewriteRule ^old.html$/index.php [r=301]

#访问index. PHP needs to verify the account password, if it is entered into the directory to verify, just remove the <Files> tag and put the. htaccess file into the corresponding directory can be
<files "index.php" >
AuthName "Username and passwordsss required"
#. htpasswd that is, verify account password save file, name can be customized, but the path must be absolute path, otherwise will be reported to the internal server error error
AuthUserFile d:/kuaipan/.htpasswd
Require Valid-user
AuthType Basic

Sponsored Links

#访问111cn. NET jump to Www.111cn.net
Rewriteengine on
Rewritecond%{http_host} ^111cn.net [NC]
Rewriterule ^ (. *) $ http://www.111cn.net/$1 [l,r=301]

#图片防盗链: Outbound reference, direct jump to google.com

Rewritecond%{http_referer}!^http://www.111cn.net/.*$ [NC]
Rewritecond%{http_referer}!^http://www.111cn.net$ [NC]
Rewritecond%{http_referer}!^http://111cn.net/.*$ [NC]
Rewritecond%{http_referer}!^http://111cn.net$ [NC]
Rewriterule. *. (jpg|jpeg|gif|png|bmp|js|css|swf) $ http://www.google.com [R,NC]

htaccess strengthen the security settings of the website

Ways to customize error pages with. htaccess

System default error page is too ugly, you design a bar, can be PHP and other dynamic file format Oh.

Make the custom page by adding the following text to the. htaccess file:

ErrorDocument 404/err/404.php
ErrorDocument 503/err/503.php
Whether it is 404/403/400/503 and other errors can be designed to specify a page oh.

Use. htaccess to disable display of directory listings

Sometimes, your directory does not have the default index file, when someone in the browser address bar access to the directory, the directory all the files will be displayed, which will leave your site a security risk.

To avoid this situation (without having to create a bunch of new index files), you can block the display of directory listings by adding the following code to your. htaccess:

Use. htaccess to block specific IP addresses

You want to allow certain IP-specific users access to your site (for example, only users of a particular ISP are allowed to enter a directory), or you want to block specific IP addresses (for example, isolating low-level users from your information layout).

Most users on the Web now use dynamic IP addresses, a method that is generally rarely used.

Use the following command to block an IP address:

Deny from
The here is the banned IP address.

If you ban the address of the entire network segment, you can write

Deny from 210.10.56.
All IP addresses of will be banned.

Use. htaccess to only allow an IP address to access a Web site:

Allow from
Of course, you can also want to run an IP segment access as above.

Use. htaccess to prevent everyone from accessing the directory

Deny from all
This command does not affect the Scripting program's use of documents in this directory.

Replace the default home page index file with. htaccess

If you want to change the default home file (index.htm, etc.). Use the. htaccess to specify any page as the default homepage!

The following code setting index.php/index.php3/messagebrd.pl/index.html/index.htm also specifies these pages as the default home page, from left to right, if there is access.

DirectoryIndex index.php index.php3 messagebrd.pl index.html index.htm
Use. htaccess redirection

Examples of redirected files:


Haccess redirect the entire Web site's directory

If you have a directory named/olddirectory on your site, and you have created a new/newdirectory document, you can redirect all files in the old directory without one by one statements:


Use. htaccess to protect passwords

Htaccess has the perfect security (that is, visitors must know the password to access the directory, and there is no "backdoor" to go).

1. Password-protected. htaccess file

Use. htaccess to add a directory password protection two steps.

Add a few lines of code to your. htaccess document and put the. htaccess document in the directory you want to protect:

AuthName "section Name"
AuthType Basic
Require Valid-user
Modify the above content according to your website, such as the name "section name" with the protected part. /FULL/PARTH/TO/.HTPASSWD should be replaced with a full server path that points to the. htpasswd file (later detailing the document). If you don't know the full path to your site's space, ask your system administrator.

2. Password-protected. htpasswd file

The password protection of the directory is more cumbersome than the other features of the. htaccess because you have to create a document that contains a username and password to access your site, and the information (default) is in a document named. htpasswd. Like. htaccess,. HTPASSWD is also a document without a filename and has a 8-bit extension that can be placed anywhere on your site (the password should be encrypted), but it is recommended that you save it in the Web root directory of your Web site so that you cannot access it through the network.

3. Enter user name and password

After you create the. htpasswd document (which you can create from a text editor), the next step is to enter a username and password for accessing the Web site, which should be:

The location of "password" should be a password that has been encrypted. There are several ways you can get encrypted passwords: One is to use an online Permade script or write one yourself; another good Username/password encryption service is through the KXS Web site, which allows you to enter your username and password, and then generate the password in the correct format.

For multiple users, you only need to add a single line of the same format to the. htpasswd document. There are also a number of free scripting programs that can easily manage. htpasswd documents, which automatically add/remove users, and so on.

4. Visit the website

When you try to access a directory protected by the. htaccess password, your browser pops up the standard Username/password dialog window. If you don't like this, some scripts can allow you to embed the Username/password input box inside the page for authentication, and you can enter the username and password (unencrypted) in the browser's URL box as follows:


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.