htaccess talk
TRANSCRIPT
-
8/13/2019 Htaccess Talk
1/20
What can you do w i th .h taccess?
Lots!
-
8/13/2019 Htaccess Talk
2/20
-
8/13/2019 Htaccess Talk
3/20
When to use?
#nly if you do not have access to mainapache config file
$f possible place configuration in a
%&irectory' section of main config file erformance *ecurity issues
llows configuration changes without a
server restart What you can put in these files is
determined by the llow#verride
directive.
-
8/13/2019 Htaccess Talk
4/20
+ow they a re app l ied?
pplies to current , all subdirectories
-ultiple .htaccess file are mergedincluding with main config
pplied from top to bottom
&eeper files have predecence
-
8/13/2019 Htaccess Talk
5/20
What can you do?
-ost configuration directivesheck http/00httpd.apache.org0docs01.10mod02uickreference.html
Look at onte3t line in manual
http://httpd.apache.org/docs/2.2/mod/quickreference.htmlhttp://httpd.apache.org/docs/2.2/mod/quickreference.html -
8/13/2019 Htaccess Talk
6/20
ommon 4ses
5estict ccess
based on password
bassed on $ and0or domain
ustom 6rror ages
6nable **$
dd additional -$-6 types
7orce download
45L 5ewriting
-
8/13/2019 Htaccess Talk
7/20
5est r i c t !ccess by $( 0&omain
# deny all except those indicatedorder deny,allowdeny from allallow from !"$%"&'"()*
allow from "+domain"com"+
-
8/13/2019 Htaccess Talk
8/20
5e2u i re (assword
# password.protect the directory in which
# this htaccess r/le resides0/thType 1asic0/th2ame 3This directory is protected30/thUser4ile -home-path-"htpasswd
5e6/ire 7alid./ser
-
8/13/2019 Htaccess Talk
9/20
5e2u i re (assword o r ! l l ow $(
# password.protect directory for e7ery 8P# except the one specified
0/thType 1asic0/th2ame 3This directory is protected30/thUser4ile -home-path-"htpasswd5e6/ire 7alid./ser
0llow from ))"(("''"&&Satisfy 0ny
-
8/13/2019 Htaccess Talk
10/20
(assword f i l e h in ts
4se an #nline generatorhttp/00www.the8ackol.com0scripts0htpasswdgen.php
lace password file outside of documentroot or hide with configuraton
http://www.thejackol.com/scripts/htpasswdgen.phphttp://www.thejackol.com/scripts/htpasswdgen.php -
8/13/2019 Htaccess Talk
11/20
(revent access to a spec i f i c f i l e
# pre7ent 7iewin9 of a specific file
-
8/13/2019 Htaccess Talk
12/20
(revent access to mu l t ip le f i l etypes
-
8/13/2019 Htaccess Talk
13/20
ustom 6r ro r (ages
# ser7e c/stom error pa9esError?oc/ment %** http@--foo"example"com-c9i.1in-testerError?oc/ment $*$ -c9i.1in-1adA/rls"plError?oc/ment $* -s/1scriptionAinfo"htmlError?oc/ment $* 3Sorry canBt allow yo/ access today3
-
8/13/2019 Htaccess Talk
14/20
6nab le ** $
0ddType text-html "html0ddType text-html "shtml0ddCandler ser7er.parsed "html0ddCandler ser7er.parsed "shtml
-
8/13/2019 Htaccess Talk
15/20
!dd add i t i ona l - $-6 types
# add 7ario/s mime types0ddType application-x.shocDwa7e.flash "swf0ddType 7ideo-x.fl7 "fl70ddType ima9e-x.icon "ico
-
8/13/2019 Htaccess Talk
16/20
7orce down load
# instr/ct 1rowser to download m/ltimedia0ddType application-octet.stream "a7i0ddType application-octet.stream "mp90ddType application-octet.stream "wm70ddType application-octet.stream "mp
-
8/13/2019 Htaccess Talk
17/20
5ewr i t ing 45Ls w i th mod9rewr i te
7irstly a warning about mod9rewrite/
Despite the tons of examples and docs, mod_rewrite
is voodoo. Damned cool voodoo, but still voodoo.--Brian Moore
:his module uses a rulebased rewriting engine(based on a regulare3pression parser) to
rewrite re2uested 45Ls on the fly.
-
8/13/2019 Htaccess Talk
18/20
#ld domia in to new domain
# redirect from old domain to new domain5ewriteEn9ine On5ewrite5/le ;"+= http@--www"new.domain"com- F5*,LH
-
8/13/2019 Htaccess Talk
19/20
;rowser sn i f f i ng
# 1roswer sniffin9 7ia htaccess en7ironmental 7aria1les
5ewriteEn9ine On5ewriteIond JKCTTPAUSE5A0GE2T :oMilla"+5ewrite5/le - -index.for.moMilla"html FLH5ewriteIond JKCTTPAUSE5A0GE2T Lynx"+5ewrite5/le - -index.for.lynx"html FLH5ewrite5/le - -index.for.all.others"html FLH
-
8/13/2019 Htaccess Talk
20/20
5efe rences
pache onfigurationhttp/00httpd.apache.org0docs00mod0directives.htmlhttp/00httpd.apache.org0docs01.10mod0directives.html
pache .htaccess tutorialhttp/00httpd.apache.org0docs0>?0>