Common. htaccess skills

Source: Internet
Author: User
Tags set cookie website performance

The Apache Web server can operate on various information through the. htaccess file, which is the default name of a directory-level configuration file and allows decentralized Web server configuration management. It can be used to override the global configuration of the server. The purpose of this file is to allow access control configurations in a separate directory, such as password and content access.

1. Customize the index file of the Directory

1 Directoryindex index.html index. php index.htm

You can use the above configuration to change the default page of the directory. For example, if you put this script in the foo directory, the user will access/Foo/index.html when requesting/Foo.

2. custom error page

1 Errordocument 404 errors/404.html

When a user reports an error when accessing the page, for example, the page cannot find the page you want to display a custom error page, you can do so. Or a dynamic page:

1 Errordocument 404/psych/cgi-bin/error? 404

3. Control the access file and directory levels

. Htaccess is often used to restrict and deny access to a certain file and directory. For example, we have a folder named des, which stores some scripts. We do not want users to directly access this folder, the following script can be used:

12 # No one gets in here! Deny from all

The preceding script rejects all access requests. You can also reject requests based on the IP address segment:

123456 # No nasty crackers in here! Order deny, allowdeny from allallow from 192.168.0.0/24 # This wocould do the same thing .. # Allow from 192.168.0

These methods are generally handled through the firewall, but such adjustments are very convenient for servers in a production environment.

Sometimes you just want to disable access from an IP address:

1234 # Someone Else giving the Ruskies a bad name .. order allow, denydeny from 83.222.23.219allow from all

4. Modify Environment Variables

Environment variables include some extension information of CGI on the server. You can use setenv and unsetenv to set and cancel the settings.

1234 Setenv site_webmaster "Jack Sprat" setenv site_webmaster_uri mailto: Jack.Sprat@characterology.com unsetenv remote_addr

301 redirection

If you want a page to jump to a new page:

1 Redirect 301/old/file.html http://yourdomain.com/new/file.html

You can redirect the entire path as follows:

1 Redirectmatch 301/blog (. *) http://yourdomain.com/#1

6. Implement cache policies through. htaccess

By setting static files cached in the browser, you can improve the website performance:

1234567891011121314 # Year <filesmatch "\. (ICO | PDF | FLV | JPG | JPEG | PNG | GIF | SWF | MP3 | MP4) $ "> header set cache-control" public "header set expires" Thu, 15 APR 2010 20:00:00 GMT "header unset last-modified </filesmatch> #2 hours <filesmatch "\. (HTML | HTM | XML | TXT | XSL) $ "> header set cache-control" Max-age = 7200, must-revalidate "</filesmatch> <filesmatch "\. (JS | CSS) $ "> setoutputfilter deflateheader set expires" Thu, 15 APR 2010 20:00:00 GMT "</filesmatch>

7. Use gzip to compress the output

Add the followingCodeGzip can be used for all CSS, JS, and HTMLAlgorithmCompression:

12345678910 <Ifmodule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \. (html? | TXT | CSS | JS | PHP | PL) $ mod_gzip_item_include handler ^ CGI-script $ mod_gzip_item_include mime ^ text /. * mod_gzip_item_include mime ^ application/X-JavaScript. * mod_gzip_item_exclude mime ^ image /. * mod_gzip_item_exclude rspheader ^ content-encoding :. * gzip. * </ifmodule>

The premise of using the above Code is to enable the mod_gzip module. You can use the following script to determine whether the Web server provides mod_deflate support:

1234567 <Location> setoutputfilter deflate setenvifnocase request_uri \\.(? : GIF | jpe? G | PNG) $ no-gzip dont-vary setenvifnocase request_uri \\.(? : Exe | T? GZ | zip | gz2 | sit | RAR) $ no-gzip dont-vary </location>

If the Web server does not support mod_deflate, you can use the following method:

123 <Filesmatch "\. (txt | HTML | HTM | PHP)"> php_value output_handler ob_gzhandler </filesmatch>

8. HTTPS access is required.

Use the following script to force the entire website to be accessed through https:

123 Rewriteengine onrewritecond % {HTTPS }! Onrewriterule (. *) https: // % {http_host }%{ request_uri}

9. URL rewriting

For example? Id = 12 override to product-12.html

12 Rewriteengine onrewriterule ^ product-([0-9] +) \. html $ product. php? Id = $1

Add product. php? Id = 12 rewrite to product/iPod-nano/12.html

12 Rewriteengine onrewriterule ^ product/([a-zA-Z0-9 _-] +)/([0-9] +) \. html $ product. php? Id = $2

No URL from www to www is redirected:

123 Rewriteengine onrewritecond % {http_host} ^ viralpatel \. net $ rewriterule (. *) http://www.viralpatel.net/#1 [R = 301, l]

Rewrite yoursite.com/user.php? Username = xyz to yoursite.com/xyz

123 Rewriteengine onrewriterule ^ ([a-zA-Z0-9 _-] +) $ user. php? Username = $1 rewriterule ^ ([a-zA-Z0-9 _-] +)/$ user. php? Username = $1

Redirect a domain name to a new sub-folder in public_html:

12345 Rewriteengine onrewritecond % {http_host} ^ test \. com $ [or] rewritecond % {http_host} ^ www \. Test \. com $ rewritecond % {request_uri }! ^/New/rewriterule (. *)/New/$1

10. Block listing directory files

Use the following code to prevent all objects in the List Directory:

1 Options-Indexes

Or

1 Indexignore *

11. Add a new mime-types

Mime-types depends on the file extension. unrecognized file extensions are transmitted as text data.

123 Addtype application/X-endnote-connection enzaddtype application/X-endnote-filter enfaddtype application/X-SPSS-SaveFile Sav

12. Anti-leech

You do not want other websites to reference static files such as images and CSS files on your website, that is, the legendary anti-leech. You can use the following script:

1234 Rewritecond % {http_referer }! ^ $ Rewritecond % {request_uri }! ^/(Wp-login.php | WP-admin/| WP-content/plugins/| WP-supported des/). * [Nc] rewritecond % {http_referer }! ^ Http://www.askapache.com. * $ [Nc] rewriterule \. (ICO | PDF | FLV | JPG | JPEG | MP3 | MPG | MP4 | mov | WAV | WMV | PNG | GIF | SWF | CSS | JS) $-[F, NS, l]

13. Specify the size limit of the uploaded file, applicable to PhP

1234 Php_value upload_max_filesize 20mphp_value post_max_size 20mphp_value max_execution_time 200php_value max_input_time 200

In the preceding script, four parameters are used to set the File Upload limit. The first parameter is the file size, and the second parameter is the post data size, the third is the transmission time (in seconds), and the last is the maximum time (in seconds) spent on parsing and uploading data)

14. Prohibit Script Execution

12 Options-execcgiaddhandler CGI-script. php. pl. py. jsp. asp. htm. shtml. Sh. cgi

15. Modify character sets and language Headers

12 Adddefacharcharset UTF-8DefaultLanguage en-US

16. Set the server time zone (GMT)

1 Setenv TZ America/indianapois

17. Force "File Save as" prompt

1 Addtype application/octet-stream. Avi. mpg. mov. pdf. xls. MP4

18. Protect a single file

Under normal circumstances,. htaccess can be used to restrict access to the entire directory, but it can also restrict only a file:

1234567891011 <Files quiz.html> order deny, allowdeny from allauthtype basicauthname "characterology student authcate" authldap onauthldapserver LDAP: // users "ou = student, O = characterology University, C = au "require valid-usersatisfy any </Files>

19. Set cookie

Set cookie through environment variables

1 Header set-cookie "Language = % {Lang} e; Path =/;" Env = Lang

This code sends the set-Cookie header to set the cookie value to the matching item in the second bracket based on the request setting cookie.

123 Rewriteengine onrewritebase/rewriterule ^ (. *) (de | es | fr | it | ja | Ru | En)/$-[CO = Lang :2 2: .yourserver.com: 7200:/]

20. Set custom Response Headers

1234 Header set p3p "policyref = \" http://www.askapache.com/w3c/p3p.xml\ "" header set X-pingback "http://www.askapache.com/xmlrpc.php" header set content-language "En-us" header set vary "Accept-encoding"

21. User-Agent is used to block requests

123 setenvifnocase ^ User-Agent $. * (craftbot | download | extract | stripper | sucker | ninja | clshttp | webspider | Leacher | collector | grabber | webpictures) http_safe_badbotsetenvifnocase ^ User-Agent $. * (libwww-perl | aesop_com_spiderman) http_safe_badbotdeny from Env = http_safe_badbot

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.