Highlights of htaccess File Usage

Source: Internet
Author: User
Tags time zones
Document directory
  • 1. Time Zone settings
  • 2. Search Engine-friendly 301 permanent redirection Method
  • 3. Download blocking dialog box
  • 4. the WWW prefix is omitted.
  • 5. Personalized error page
  • 6. compressed files
  • 7. cache files
  • 8. Disable caching for certain file types
  • Security Questions
  • 1. Put leeching through. htaccess
  • 2. Anti-hacker
  • 3. block access to your. htaccess File
  • 4. Rename the htaccess File
  • 5. Disable directory browsing
  • 6. Change the default index page
  • 7. Block some undesirable viewers by referencing information
  • 8. Some requests are blocked by judging the browser header information
  • 9. Prohibit script execution to enhance your Directory Security
1. Time Zone settings

Sometimes, when you use the date or mktime function in PHP, it will display some strange information due to different time zones. The following is one of the solutions to this problem. Is to set the time zone of your server. You canHereFind the list of all supported time zones.

  1. Setenv TZ Australia/Melbourne

2. Search Engine-friendly 301 permanent redirection Method

Why is this search engine friendly? Because many modern search engines now have the ability to update their existing records permanently based on check 301.

  1. Redirect 301 http://www.aqee.net/home http://www.aqee.net/
3. Download blocking dialog box

Generally, when you download a file, you will see a dialog box asking whether you want to keep the file or open it directly. If you don't want to see this, you can put the following code in your. htaccess file.

  1. Addtype application/octet-stream. PDF
  2. Addtype application/octet-stream. Zip
  3. Addtype application/octet-stream. mov
4. the WWW prefix is omitted.

One principle of Seo is to ensure that your website has only one URL. Therefore, you need to turn all the access via www to non-WWW, or reverse this.

  1. Rewriteengine on
  2. Rewritebase/
  3. Rewritecond % {http_host} ^ www.aqee.net [Nc]
  4. Rewriterule ^ (. *) $ http://aqee.net/#1 [L, r = 301]
5. Personalized error page

Customize custom error pages for each error code.

  1. Errordocument 401/error/401.php
  2. Errordocument 403/error/403.php
  3. Errordocument 404/error/404.php
  4. Errordocument 500/error/500.php
6. compressed files

By compressing your file volume, you can optimize the Website access speed.

  1. # Compressing text, HTML, JavaScript, CSS, and XML:
  2. Addoutputfilterbytype deflate text/plain
  3. Addoutputfilterbytype deflate text/html
  4. Addoutputfilterbytype deflate text/XML
  5. Addoutputfilterbytype deflate text/CSS
  6. Addoutputfilterbytype deflate application/XML
  7. Addoutputfilterbytype deflate application/XHTML + XML
  8. Addoutputfilterbytype deflate application/RSS + XML
  9. Addoutputfilterbytype deflate application/JavaScript
  10. Addoutputfilterbytype deflate application/X-Javascript
7. cache files

Caching files is another good way to speed up your website access.

  1. <Filesmatch ". (FLV | GIF | JPG | JPEG | PNG | ICO | SWF | JS | CSS | PDF) $">
  2. Header set cache-control "Max-age = 2592000 ″
  3. </Filesmatch>
8. Disable caching for certain file types

On the other hand, you can also disable caching for certain file types.

  1. # Explicitly prohibit the use of cache for scripts and other dynamic files
  2. <Filesmatch ". (PL | PHP | CGI | SPL | scgi | fcgi) $">
  3. Header unset cache-control
  4. </Filesmatch>
Security Questions

The following htaccess code can improve the security level of your Web server. Image link theft protection is very useful, it can prevent others from using the image resources on your server.

1. Put leeching through. htaccess

Hate the image resources on your web server that steal links and consume your bandwidth? You can try this to prevent this from happening.

  1. Rewritebase/
  2. Rewritecond % {http_referer }! ^ $
  3. Rewritecond % {http_referer }! ^ Http: // (www .)? Aqee.net/.*$ [Nc]
  4. Rewriterule. (GIF | JPG | SWF | FLV | PNG) $/feed/[R = 302, l]
2. Anti-hacker

If you want to improve the security level of your website, you can remove the following lines of code to prevent hacker attack techniques that match common malicious URLs.

  1. Rewriteengine on
  2. # Proc/self/environ? No!
  3. Rewritecond % {QUERY_STRING} proc/self/environ [or]
  4. # Prevent the script from attempting to modify the mosconfig value through URL
  5. Rewritecond % {QUERY_STRING} mosconfig _ [A-Za-Z _] {} (=|\% 3d) [or]
  6. # Block base64_encode junk information transmitted by a script through a URL
  7. Rewritecond % {QUERY_STRING} base64_encode. * (. *) [or]
  8. # Block scripts with the <SCRIPT> flag in the URL
  9. Rewritecond % {QUERY_STRING} (<| % 3C). * script. * (>|% 3e) [NC, or]
  10. # Block scripts that attempt to set the globals variable of PHP through URL
  11. Rewritecond % {QUERY_STRING} globals (= | [| \ % [0-9a-z] {0, 2}) [or]
  12. # Block scripts that attempt to set the PHP _ Request variable through URL
  13. Rewritecond % {QUERY_STRING} _ Request (= | [|\% [0-9a-z] {0, 2 })
  14. # Redirect all blocked requests to the 403 Forbidden prompt page!
  15. Rewriterule ^ (. *) $ index. php [F, L]
3. block access to your. htaccess File

The following code prevents others from accessing your. htaccess file. You can also block multiple file types.

  1. # Protect Your htaccess files
  2. <Files. htaccess>
  3. Order allow, deny
  4. Deny from all
  5. </Files>
  6. # Block viewing of specified files
  7. <Files secretfile.jpg>
  8. Order allow, deny
  9. Deny from all
  10. </Files>
  11. # Multiple File Types
  12. <Filesmatch ". (htaccess | htpasswd | ini | PHPs | FLA | PSD | log | SH) $">
  13. Order allow, deny
  14. Deny from all
  15. </Filesmatch>
4. Rename the htaccess File

You can rename the htaccess file to protect it.

  1. Accessfilename htacc. Ess
5. Disable directory browsing

Disable the server from displaying the directory structure externally, and vice versa.

  1. # Prohibit directory browsing
  2. Options all-Indexes
  3. # Open Directory Browsing
  4. Options all + Indexes
6. Change the default index page

You can change the default index.html, index. php, or index.htm to another page.

  1. Directoryindex business.html
7. Block some undesirable viewers by referencing information
  1. # Blocking users from a website
  2. <Ifmodule mod_rewrite.c>
  3. Rewriteengine on
  4. Rewritecond % {http_referer} scumbag.com [NC, or]
  5. Rewritecond % {http_referer} wormhole.com [NC, or]
  6. Rewriterule. *-[F]
  7. </Ifmodule>
8. Some requests are blocked by judging the browser header information

This method can save your bandwidth traffic by preventing some robots or spider crawlers from crawling your website.

  1. # Blocking users from certain websites
  2. <Ifmodule mod_rewrite.c>
  3. Setenvifnocase ^ User-Agent $. * (craftbot | download | extract | stripper | sucker | ninja | clshttp | webspider
    | Leacher | collector | grabber | webpictures) http_safe_badbot
  4. Setenvifnocase ^ User-Agent $. * (libwww-perl | aesop_com_spiderman) http_safe_badbot
  5. Deny from Env = http_safe_badbot
  6. </Ifmodule>
9. Prohibit script execution to enhance your Directory Security
  1. # Prohibit script execution permissions in some Directories
  2. Addhandler CGI-script. php. pl. py. jsp. asp. htm. shtml. Sh. cgi
  3. Options-execcgi

Http://www.aqee.net/htaccess-usage/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.