.htaccess Cheat Sheet - SR

Hazem

Member
htaccess Cheatsheet

Here is a simple cheat sheet for the .htaccess file:

Enable Directory Browsing
Code:
Options +Indexes
## block a few types of files from showing
IndexIgnore *.wmv *.mp4 *.avi
Disable Directory Browsing
Code:
Options All -Indexes
Customize Error Messages
Code:
ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.html
Get SSI working with HTML/SHTML
Code:
AddType text/html .html
AddType text/html .shtml
AddHandler server-parsed .html
AddHandler server-parsed .shtml
# AddHandler server-parsed .htm
Change Default Page (order is followed!)
Code:
DirectoryIndex myhome.htm index.htm index.php
Block Users from accessing the site
Code:
<limit GET POST PUT>
order deny,allow
deny from 202.54.122.33
deny from 8.70.44.53
deny from .spammers.com
allow from all
</limit>
[code]
[b]Allow only LAN users[/b]
order deny,allow
deny from all
allow from 192.168.0.0/24
[/code]
Redirect Visitors to New Page/Directory
Code:
Redirect oldpage.html http://www.domainname.com/newpage.html
Redirect /olddir http://www.domainname.com/newdir/
Block site from specific referrers
Code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]
RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]
RewriteRule .* - [F]
Block Hot Linking/Bandwidth hogging
Code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]


Add this below the Hot Link Blocking code:
Code:
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/dontsteal.gif [R,L]
Stop .htaccess (or any other file) from being viewed
Code:
<files file-name>
order allow,deny
deny from all
</files>
Avoid the 500 Error
Code:
# Avoid 500 error by passing charset
AddDefaultCharset utf-8
Grant CGI Access in a directory
Code:
Options +ExecCGI
AddHandler cgi-script cgi pl
# To enable all scripts in a directory use the following
# SetHandler cgi-script
Password Protecting Directories

Use the .htaccess Password Generator and follow the brief instructions!

Change Script Extensions
Code:
AddType application/x-httpd-php .gne
gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc.

Use MD5 Digests

Performance may take a hit but if that's not a problem, this is a nice option to turn on.
Code:
ContentDigest On
The CheckSpelling Directive

From Jens Meiert: CheckSpelling corrects simple spelling errors (for example, if someone forgets a letter or if any character is just wrong). Just add
Code:
CheckSpelling On
to your htaccess file.

The ContentDigest Directive
Code:
ContentDigest On
.



Code:
# BEGIN GZIP
<ifmodule mod_deflate.c>
# Combine the below two lines - I've split it up for presentation
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css
  application/x-javascript application/javascript
</ifmodule>
# END GZIP

Turn off magic_quotes_gpc

Code:
# Only if you use PHP
<ifmodule mod_php4.c>
php_flag magic_quotes_gpc off
</ifmodule>
Set an Expires header and enable Cache-Control

Code:
<ifmodule mod_expires.c>
  ExpiresActive On
  ExpiresDefault "access plus 1 seconds"
  ExpiresByType text/html "access plus 7200 seconds"
  ExpiresByType image/gif "access plus 518400 seconds"
  ExpiresByType image/jpeg "access plus 518400 seconds"
  ExpiresByType image/png "access plus 518400 seconds"
  ExpiresByType text/css "access plus 518400 seconds"
  ExpiresByType text/javascript "access plus 216000 seconds"
  ExpiresByType application/x-javascript "access plus 216000 seconds"
</ifmodule>

<ifmodule mod_headers.c>
  # Cache specified files for 6 days
  <filesmatch "\.(ico|flv|jpg|jpeg|png|gif|css|swf)$">
  Header set Cache-Control "max-age=518400, public"
  </filesmatch>
  # Cache HTML files for a couple hours
  <filesmatch "\.(html|htm)$">
  Header set Cache-Control "max-age=7200, private, must-revalidate"
  </filesmatch>
  # Cache PDFs for a day
  <filesmatch "\.(pdf)$">
  Header set Cache-Control "max-age=86400, public"
  </filesmatch>
  # Cache Javascripts for 2.5 days
  <filesmatch "\.(js)$">
  Header set Cache-Control "max-age=216000, private"
  </filesmatch>
</ifmodule>

http://www.thejackol.com/htaccess-cheatsheet/
 

GigaGreg

Moderator
Staff member
Thanks, this will cover all my wonders for the htaccess, and will be very useful to add some of them to my website running on the Joomla CMS. Also it might be good to being sticked in this category? My suggestion, but thanks again Hazem.
 

hoenens

New member
Thnxxx mate! this is realy usefull information for all of us.
:clapping: Will come handy in the future maybe :D
 

Dekrypt

New member
I was looking for a cheat sheet yesterday and didn't find any as comprehensive as this so thank you :) Hopefully it will help others find that function they badly need.
 

human

New member
Nice .htaccess cheet sheet, specially the one to keep away spammers.
I am implementing those right away.
 

cjuday

New member
Thank you @hazem bro. Really need this .htaccess codes. Specially the block user access. Really a helpful topic for me.
 

slibinas

New member
Very big thanks!

But i need 1 small help, how use this, because i dont understand.

Redirect Visitors to New Page/Directory

Code:
Redirect oldpage.html http://www.domainname.com/newpage.html
Redirect /olddir http://www.domainname.com/newdir/

can i use from "oldpage.html" to my old website url, o i need write index file?
 

fargcbm

New member
Allow me to proceed

Redirect Visitors to www

PHP:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^mydomain\.com$
RewriteRule (.*) http://www.mydomain.com/$1 [R=301,L]
 

flatlinelabs

New member
This is great info to be able to use to better limit site and page access.

I'll be trying some of these commands and testing as well, will probably have a few questions
After implementing.

What about inheritance options? I've see that before and encoutered loops before.

Thanks