Basic usage and introduction of. htaccess

Source: Internet
Author: User
Tags error code

1. Modify the Apache configuration file

1. Open the httpd. conf file in the conf directory under the apache installation directory on your server and change AllowOverride None to AllowOverride All.


● Custom error page
. One application of htaccess is a custom error page, which enables you to have your own personalized error page (for example, when a file cannot be found ), instead of the error pages provided by your service provider or without any pages. This will make your website look more professional when an error occurs. You can also use the script program to notify you when an error occurs (for example, automatically Email you when the page cannot be found ).
You can add the following text to the. htaccess file to convert any page error code you know (such as page 404 cannot be found) to a custom page:
ErrorDocument errornumber/file.html
For example, if my root directory contains a notfound.html file, I want to use it as the 404 error page:
ErrorDocument 404/notfound.html
If the file is not in the root directory of the website, you only need to set the path:
ErrorDocument 500/errorpages/500.html
The following are some of the most common errors:
401-Authorization Required needs verification
400-Bad request error request
403-Forbidden prohibited
500-Internal Server Error
404-Wrong page cannot find the page
Next, you only need to create a file displayed when an error occurs, and then upload them together with. htaccess.

●. Htaccess command
? Disable Directory List Display
Sometimes, for some reason, there is no index file in your Directory, which means that when someone typed the directory path in the address bar of the browser, all the files in the directory will be displayed, this will leave security risks to your website.
To avoid this situation (instead of creating a bunch of new index files), you can type the following command in your. htaccess document to prevent

Display the directory list:
Options-Indexes

? Block/allow specific IP addresses
In some cases, you may only want to allow users of certain IP addresses to access your website (for example, only users of specific ISPs can access a directory ), or you want to block some specific IP addresses (for example, isolate low-level users from outside your information layout ). Of course, this is only useful when you know the IP address you want to intercept. However, most users on the Internet use dynamic IP addresses, so this is not a common method to restrict the use of dynamic IP addresses.
You can use the following command to block an IP address:
Deny from 000.000.000.000
Here, 000.000.000.000 is the banned IP address. If you specify only a few of them, you can block the IP address of the entire network segment. If you enter 210.10.56., 210.10.56.0 ~ All IP addresses of 210.10.56.255.
You can use the following command to allow an IP address to access a website:
Allow from 000.000.000.000
The allowed IP address is 000.000.000.000. You can allow the entire network segment like the banned IP address.
If you want to prevent everyone from accessing this directory, you can use:
Deny from all
However, this does not affect the use of the files in this directory by the script program.

? Replace the index file
You may not want to use index.htmor index.html as the index file of the Directory. For example, if your site uses the php file, you may want to use index. php as the index document for this directory. Of course, you don't have to be limited to the "index" document. If you want to use. htaccess, you can even set foofoo. balh as your index document!
These replace index files can be arranged in a list, and the server will search from left to right to check which document exists in the real directory. If one cannot be found, it will display the directory list (unless you have disabled the display directory file list ).
DirectoryIndex index. php index. php3 messagebrd. pl index.html index.htm
? Redirection (rewrite)
One of the most useful features of. htaccess is to redirect requests to different documents within or outside the same site. This is extremely useful when you change the name of a file but still want users to access it with an old address. Another application (which I found useful) is redirected to a long URL. For example, in my newsletters, I can use a very short URL to point to my member link. The following is an example of a redirection file:
Redirect/location/from/root/file. ext http: // minidx.com/new/file/location.xyz
In the previous example, if the name of "maid" in the rootdirectory is "oldfile.html", you can type:
/Oldfile.html
To access a file in an old sub-directory, enter:
/Old/oldfile.html
You can also use. htaccess to redirect the entire website directory. Assume that you have a directory named olddirectory on your website, and you are already in the http: // website of a new website:
Redirect/olddirectory http: // minidx.com/newdirectory
In this way, any request directed to the/olddirectory directory at the site will be directed again to the new site, including additional URL information. For example, someone typed:
Http: // minidx.com/olddirecotry/oldfiles/images/image.gif
The request will be redirected:
Http: // minidx.com/newdirectory/oldfiles/images/image.gif
This feature is extremely powerful if used correctly.

 


II. Writing htaccess files

Create a file under the root directory of the website named. htaccess. The writing method is as follows:

The code is as follows: Copy code

RewriteEngine on # enable rewrite
RewriteRule ^/$ index. php # indicates that you can access index. php "/".
RewriteRule ^ about _ (d *)/$ about/about. php? Id = $1 # indicates that about_22/can be used to access about/about. php? Id = 22 page. Note: $ the previous "/"
RewriteRule ^ about _ (d * logs .html $ about/about. php? Id = $1 could users use about_22.html to access about/about. php? Id = 22 page RewriteRule ^ news _ (d *) _ (d * pai.html $ news/news. php? Id = $1 & page = $2 webpage users can use news_11_2.html to access news/news. php? Id = 11 & page = 2 page. $1 indicates the first parameter, and $2 indicates the second parameter.


We can see from the above that if we have the following link

<A href = "/about_22/"> About Us </a>

The page we visit is the same as the page we visit below.

<A href = "/about. php? Id = 22 "> About Us </a>

In fact, the previous access method will be implicitly converted to the latter method, but it is not displayed in the address bar.


(No) use of. htaccess files
Generally, the. htaccess file should not be used unless you have no access permission to the master configuration file. There is a common misunderstanding that user authentication can only pass. the htaccess file implementation is not like this. It is feasible to write user authentication in the main configuration file, and it is a good method.

The. htaccess file should be used when the content provider needs to change the server configuration for a specific directory without the root permission. If the server administrator is unwilling to modify the configuration frequently, the user can pass. the htaccess file modifies the configuration by itself, especially when the ISP runs multiple user sites on the same machine, and you want to change the configuration by yourself.

Even so, we should avoid using the. htaccess file as much as possible. Any configuration that you want to put in the. htaccess file can be placed in the <Directory> segment of the main configuration file, and it is more efficient.

There are two main reasons to avoid using the. htaccess file.

First, performance. If AllowOverride enables the. htaccess file, Apache needs to find the. htaccess file in each directory. Therefore, whether or not it is actually used, enabling. htaccess will lead to performance degradation. In addition, you must read the. htaccess file once for each request.

In addition, Apache must be located in the directory of all superiors. the htaccess file to make all valid commands take effect (see the command takes effect). Therefore, if you request a page in/www/htdocs/example, Apache must find the following file:

/. Htaccess
/Www/. htaccess
/Www/htdocs/. htaccess
/Www/htdocs/example/. htaccess

A total of four additional files are required to be accessed, even if none of these files exist. (Note that this may only be because the root directory "/" is allowed to use. htaccess, although this is not the case .)

Second, security. This will allow users to modify their own server configurations, which may lead to some unexpected modifications, so please carefully consider whether such privileges should be given to users. However, if users are given fewer privileges but cannot meet their needs, additional technical support requests will be generated. Therefore, users must be explicitly notified of their permissions, describe the value set by AllowOverride and guide them to the corresponding instructions to avoid a lot of trouble in the future.

Note: in the/www/htdocs/example Directory. placing commands in the htaccess file is equivalent to placing the same commands in the <Directory/www/htdocs/example> section of the main configuration file.

The. htaccess file in the/www/htdocs/example Directory:

The content of the. htaccess file in the/www/htdocs/example Directory:
AddType text/example. exm

Extracted content from the httpd. conf file:

The code is as follows: Copy code

<Directory/www/htdocs/example>

AddType text/example. exm

</Directory>

However, it is more efficient to put the configuration in the main configuration file, because it only needs to be read once at Apache startup, rather than every time the file is requested.

Setting AllowOverride to none completely disables the. htaccess file:

AllowOverride None

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.