.htaccess Mod Rewrite Tutorial
Htaccess files are used in apache using the .htaccess extension, it has no file name, and if you can't see it, you may need to play with your Folder Options in windows or your FTP client. These config files for apache are extremely useful to prevent access and to rewrite urls using mod_rewrite so that they are more search engine friendly and optimized. Some tips and tricks for designing the right .htaccess file for your website can make wonders.
Error Documents
Instead of the standard 404 error or 500 internal error displayed by browsers, you can present your users with a customized error page, with perhaps a feedback form using .htaccess:
ErrorDocument 403 /error403.php
ErrorDocument 404 /error404.php
ErrorDocument 500 /error500.php
Options for htaccess
The following code can be used if you want to display directory listings on pages with no index, this can be useful if you want your friends to see a list of files in your server. However, it can also be useful for hackers who want to see some of your files or codes:
However if you want to block access to file directory listings, so that if someone just types a folder in your server and tries to see it they get a blank page:
Options +FollowSymLinks
You can also set Directory Index for your directories, usually it's a php file:
DirectoryIndex index.php
Mod_rewrite
Mod_rewrite is a module for apache that allows you to code the urls being received and how they should be generated to look for your visitors.
The following code in your htaccess file, converts anyone who types http://yourwebsite.com to be redirected using Redirect 301 protocol to http://www.yourwebsite.com that way you have a standard of how your website should always look. It can also be used for redirecting users anywhere in your server.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^yourwebsite\.com$ [NC]
RewriteRule ^(.*)$ http://www.yourwebsite.com/$1 [L,R=301]
#use the following if you have your website in a subfolder of your
#web server and rewrite rules are not working properly.
RewriteBase /
</IfModule>
You can also use this code to redirect php to have clean urls using mod_rewrite, such as index.php?query=X where X will now be website.com/X, this would also hide from people that you are using PHP files.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?query=$1 [L,QSA]
</IfModule>
In other words, if someone types yourwebsite.com/files/b/a/2008/ in their browser, mod_rewrite will add a GET request to your variable "query" in this form:
yourwebsite.com/index.php?query=files/b/a/2008/ which you can then use your php code to alter and redirect the user yourself.
Force PHP to parse other file extensions
You can force PHP to parse other file extensions and types, that are not necessarily ending in .php:
That will make PHP 5 interpret PHP on htm, html, php, and cool pages with those extensions.
With PHP 4 it's a bit different:
You can also set PHP settings in htaccess:
Saving Bandwidth with Zlib Compression
You can use the following to compress your pages, and gain performance boost in your website using zlib php compression and save some bandwidth.
php_value zlib.output_compression 23431
</ifModule>
The 23,431 is the KB of the output buffer that is allowed. By default you can type "On" and it will be 4KB.
Restrict Files and Folders
Restrict access to a certain IP address:
deny from 33.22.12.55
allow from all
Restricting certain files from being accessed:
Order allow,deny
Deny from all
Satisfy All
</Files>
This will restrict files ending with .log or .py from being accessed.
Remember to use htaccess carefully as it can be dangerous but it can also save your web server some extra work.
Post new comment