.htaccess Tricks
ErrorDocument 401 /error/401.php
ErrorDocument 403 /error/403.php
ErrorDocument 404 /error/404.php
ErrorDocument 500 /error/500.php
————————————————–
Custom Directory Index Files
DirectoryIndex index.html index.php index.htm
You can change a default index file of directory by using above snippet in your htaccess file. If a user request /foo/, Apache will serve up /foo/index.html, or whatever file you specify.
————————————————–
How to set the timezone on your server
SetEnv TZ America/Houston
————————————————–
Block IPs Using htaccess
Sometime you need to block certain IPs from accessing your entire site or directory. It’s very simple task. All you have to do is inside the .htaccess file is put the following code.
allow from all
deny from 77.77.77.70
deny from 177.17
If you use the whole IP or a part of the IP to block and add the new ones in a new line.
When someone trying to access your site from the banned ip they will get a 403 error access forbidden message.
————————————————–
Hotlinking protection with .htaccess
It is very important because anyone can hot link to your images and eat up all your bandwith of your server. The following code will help you to prevent that.
Options +FollowSymlinks
# Protect Hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domainname.com/ [nc]
RewriteRule .*.(gif|jpg|png)$ http://domainname.com/img/hotlink_f_o.png [nc]
————————————————–
Redirect everyone to different site except few IP
If you want to redirect all the visitors to a different IP. Also give access to certain few IPs. You can use the code below.
ErrorDocument 403 http://www.youdomain.com
Order deny,allow
Deny from all
Allow from 77.77.77.70
Allow from 12.57.28.143
————————————————–
Block all requests from user agent
Block all requests from user agent by creating a perfect .htaccess ban list, you can block all of unwanted user agents that will keep your server load down. Also Check out this interesting thread on webmaster world about the 228 user agents ban list.
## .htaccess Code :: BEGIN
## Block Bad Bots by user-Agent
SetEnvIfNoCase user-Agent ^FrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Java.* [NC,OR]
SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR]
SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR]
SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR]
SetEnvIfNoCase user-Agent ^Zeus [NC]
Order Allow,Deny
Allow from all
Deny from env=bad_bot
## .htaccess Code :: END
————————————————–
Don’t want to display download request
Usually when you try to download something from a web server you get a request asking whether you want to save the file or open it.
To avoid that you can use the below code on your .htaccess file.
AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mov
————————————————–
Change the file type
Make any file be a certain kind of file type Makes image.jpg, index.html, default.cgi all act as php.
ForceType application/x-httpd-php
SetHandler application/x-httpd-php
————————————————–
Block access to your .htaccess file
By adding he following code to your htaccess file will prevent attempts to access your htaccess file. This extra layer of security protects your htaccess file by displaying a 403 error message on the browser.
# secure htaccess file
 order allow,deny
 deny from all
————————————————–
Setting the default page
You can set the default page of a directory to any page you like. For example in this code the default page is set as about.html instead of index.html
# serve alternate default index page
DirectoryIndex about.html
————————————————–
Password protect your directories and files
You can create authentication for certain files and directories from being access. The code has examples of both password protection for a single file and password protection for a entire directory.
# to protect a file
AuthType Basic
AuthName “Prompt”
AuthUserFile /home/path/.htpasswd
Require valid-user
# password-protect a directory
resides
AuthType basic
AuthName “This directory is protected”
AuthUserFile /home/path/.htpasswd
AuthGroupFile /dev/null
Require valid-user
————————————————
Redirect an old domain to a new domain
Using htaccess file you can redirect a old domain name to a new domain by adding the following code into the htaccess file. Basically what it does is it will remap the old domain to the new one.
# redirect from old domain to new domain
RewriteEngine On
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]
As htaccess files are very powerful, even a slightest syntax error can cause sever malfunction of your server. So it is crucial to take the backup copies of everything before you try the hacks and tricks on your hypertext access files. Post your thoughts with a comment.
————————————————-
Send Custom Headers
Header set P3P “policyref=”http://www.askapache.com/w3c/p3p.xml””
Header set X-Pingback “http://www.askapache.com/xmlrpc.php”
Header set Content-Language “en-US”
Header set Vary “Accept-Encoding”
————————————————–
Change Charset and Language headers
AddDefaultCharset UTF-8
DefaultLanguage en-US
————————————————–
Specify Upload file limit for PHP in htaccess
php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200
In the above .htaccess file, uploading capability is increased by the four parameter first one is maximum file size for uploading, second one is maximum size of the post data , third one is maximum time in seconds a script is allowed to run before it is terminated by the parser and last one is maximum time in seconds a script is allowed to parse input data such as like file uploads, POST and GET data.
————————————————–
Force “File Save As” Prompt
AddType application/octet-stream .avi .mpg .mov .pdf .xls .mp4
————————————————–