Difference between revisions of "HTACCESS"


 
Line 87: Line 87:
  
 
  AddType application/x-java-jnlp-file JNLP
 
  AddType application/x-java-jnlp-file JNLP
 +
 +
 +
If users want to enable the 'compress everything including .php' we used to have they will now have to add the following to a .htaccess file in their foo.com/ directory:
 +
 +
# enable compression for everything
 +
SetOutputFilter DEFLATE

Revision as of 18:07, 20 December 2007

An .htaccess file can be used to customize some of the settings on your website, in the directory the file is located. The file is in basic text, and the filename must be exactly ".htaccess". Here are some of the more common, useful .htaccess functions you can add to your site.

  • Any rules you set by .htacess will apply to all files in the directory you have placed the .htaccess file, and any of it's subdirectories. The .htaccess rules in the current directory will override any .htaccess rules set in a parent directory.
  • Any typos or mistakes in a .htaccess file will may result in a http 500 server error being returned when you try to visit that directory, and may render your entire site offline.

.htaccess files are very picky about what you put in them so please be careful.


  • Do not attempt to turn safe mode off in a .htaccess file, this will not work and will cause your site to no longer load.


  • Blocking another website linking to yours

Add the following to a .htaccess file in the directory containing the files you want to protect:

# go away!
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://badsite.com(.*)$ [NC] RewriteRule ^.* - [F,L]


Entry should have a link to the apache url rewriting guide
http://httpd.apache.org/docs/2.3/misc/rewriteguide.html


  • Enabling or disabling error reporting in PHP

Add the following lines to your .htaccess file to enable error reporting.

Options +FollowSymlinks
RewriteEngine on
php_flag display_errors on
php_value error_reporting 7

We have display_errors set to on by default for all users, this is to help inform you of problems when you are working on your site.

If you would rather suppress this warnings to yourself and visitors you can add the following to a .htaccess file in the same directory with your php.

php_value display_errors 0

Note that with display_errors off you will simply get a blank page if php encounters an error on your site.


  • If you require register_globals to be on for older php scripts you can enable it by adding
php_value register_globals 1

to a .htaccess file. Although we strongly caution against it due to security implications for your site.


  • Limiting access to your website based on ip with .htaccess.

Create a .htaccess file in the directory you want to protected and add something similar to the following:

# allow access to just me!
order allow,deny
# my home ip, my work ip
allow from 168.55.55.11 58.66.12.79

but be careful as you may lock yourself out of your own site. Of course you can always go in via ftp and remove that.


  • If you want to hide .php extensions to make your site appear more 'clean' you can do so with a .htaccess file with the following
Options +MultiViews

in the same directory as the php file.

Now you can hit

http://yoursite.com/dem?forum=1

instead of

http://yoursite.com/dem.php?forum=1

be careful with this though, as it can lead to unexpected results.


  • Mime Types - Java webstart

Creating an .htaccess file with the following line will enable java webstart jnlp Mime type.

AddType application/x-java-jnlp-file JNLP


If users want to enable the 'compress everything including .php' we used to have they will now have to add the following to a .htaccess file in their foo.com/ directory:

# enable compression for everything 
SetOutputFilter DEFLATE