.htaccess Tips & Tricks

In this article, we are going to explain in general the commands and the items that are available in .htaccess to get familiar with them

Updated: 14 Dec, 21 by Elizabet J 8 Min

List of content you will read in this article:

As you know, the .htaccess file is a hidden file in the main directory of the Web (Public_html), which specifies some general web server settings and the type of web server behavior with your site. .htaccess is a non-extension text file that has the ability to be placed in any directory of the web and adjusts the behavior of each directory individually to the web server.

In this article, we are going to explain in general the commands and the items that are available in Htaccess to get familiar with them. By the end of this article, you will have the know-how to make this file completely and custom for your website.

Note that there may be some configurations in the server's shared hosts in the PHP configuration files or the lack of some modules on the server which might make the codes to not work properly. The best solution is to put the codes into .htaccess one by one and after each function of the site, enter the other codes as desired.

Continue down below to get fully acquainted with .htaccess. 

The .htaccess file has many capabilities for controlling, handling the web server, and accessing websites and clients in different sections. We will continue to go through all the respective sections.

Sometimes sites face unrealistic hits and many requests from a specific IP address, which altogether reduces site loading times. To get this fixed you have the possibility to deny access to that IP address from the .htaccess file.

deny from 1.2.3.4
allow from all

Note: Be sure to enter the desired IP address instead of 1.2.3.4.

Some information, such as your dedicated template files that are hosted on your site or zipped files are stored on your web site. These files can easily be detected and stolen by others browsing your web pages. In order to prevent this from happening place the followin code on the .htaccess file.

Options All -Indexes

You can use this code to change the name and format of your site's original file.

DirectoryIndex file.php file.htm

You can use the following code in .htaccess to prevent visitors and profits from accessing some of your important site files, such as configuration files and configurations.

order allow, deny
deny from all

You can enter the file name you want instead of mono.php.

As you know, caching some of your static information on the browser will cause additional load on server resources such as CPU, RAM and the speed of your site and server will increase.

To do this, you can enter the following code at the end of the .htaccess file.

# Enables browser caching

ExpiresActive On
ExpiresByType image / jpg "access 1 year"
ExpiresByType image / jpeg "access 1 year"
ExpiresByType image / gif "access 1 year"
ExpiresByType image / png "access 1 year"
ExpiresByType text / css "access 1 month"
ExpiresByType application / pdf "access 1 month"
ExpiresByType text / x-javascript "access 1 month"
ExpiresByType application / x-shockwave-flash "access 1 month"
ExpiresByType image / x-icon "access 1 year"
ExpiresDefault "access 2 days"

Sometimes it's clicked on a site and the server asks you to open or download the file. In this situation, you can enter the following code so that wherever these extensions are viewed, submit the file without asking the user to download to the visitor.

AddType application / octet-stream .pdf
AddType application / octet-stream .zip
AddType application / octet-stream .mov

One of the problems that may occur for any site is to list all the directories and files uploaded to the site, whereby profitable individuals can download and use your files to your liking. You can enter the following code in the Htaccess file to close the status bar and prevent it from being viewed by the attendees.

Options -Indexes

To protect the security of your site's information and data, some of the extensions can be blocked on the site to prevent them from running. To do this, you can enter the following code in your Htaccess file.

Options + FollowSymlinks
RewriteEngine On
rewritecond% {REQUEST_FILENAME}! ^ (. +). css $
rewritecond% {REQUEST_FILENAME}! ^ (. +) .js $
rewritecond% {REQUEST_FILENAME}! file.php $
RewriteRule ^ (. +) $ / Deny / [nc]

You should be aware that when you work with your content management system, there is a limitation to upload, and this limitation will sometimes help you to not upload bulky files so your server does not run out of stock. In this way, you can specify the amount of upload by using the following code.

php_value upload_max_filesize 20M

Note: In the above code, the amount of upload is set to 20 MB and you can change it to the desired level.

The PHP Exit Limit is one of the most important things you can do to control how much server resources you use. You can set this amount by using the following code.

php_value memory limit 128M

The following code can be used to maximize the size of each post by 3 MB.

php_value post_max_size 3M

Using the following code in the .htaccess file, you can specify which files to load at the start of your site, and which file is the priority.

#Alternate default index pages
DirectoryIndex first.html index.htm index.html index.php

Setting default error pages means if a server has an error like 404 when the site is online, which page will the server display to the user. For this you can design the pages for these errors and put them in the directory you want to call them through the following codes when an error occurs.

ErrorDocument 401 /error_pages/401.html
ErrorDocument 404 /error_pages/404.html
ErrorDocument 500 /error_pages/500.html

The Hotlink Protection feature in the cPanel control panel also allows a site to prevent the use of files and images on other sites.

For example, if there is a direct download link on your site, another site will not use your direct link and cannot use it.

Using .htaccess, you can prevent this abuse. But you should keep in mind that your server must have the functionality of Mod_rewrite enabled in order for it to work correctly.

RewriteEngine is
RewriteCond% {HTTP_REFERER}! ^ $
RewriteCond% {HTTP_REFERER}! ^ Http: // (www \.)? yourdomain.com /.*$ [NC]
RewriteRule \. (Gif | jpg | css) $ - [F]

Note: In the above code, the gif, jpg, and CSS extensions are protected and you can add or replace your extensions, and also enter your domain name instead of yourdomain.com.

XSS attacks are one of the most popular and popular attacks between Web site attacks, which are done by injecting codes into various files. To prevent this kind of attack on your site, you can use the following code on your .htaccess file to create a crush bar for XSS attacks.

# Blocks some XSS attacks


RewriteCond% {QUERY_STRING} (\ |% 3E) [NC, OR]
RewriteCond% {QUERY_STRING} GLOBALS (= | \ [| \% [0-9A-Z] {0.2}) [OR]
RewriteCond% {QUERY_STRING} _REQUEST (= | \ [| \% [0-9A-Z] {0.2})
RewriteRule. * Index.php [F, L]
</ IfModule>

So far you saw that you can do very important things with the htaccess file. So protecting yourself from this file is very important and you have to prevent this file from falling to the wrong hands. As security measures enter this inside .htaccess file to protect it.

<files ".htaccess">
order allow, deny
deny from all
</ files>

This way, you can configure your Htaccess file over the site.

You can also find out how to redirect the pages by visiting Htaccess's redirect tutorial.

In order to build your .htaccess we recommend using htaccesseditor.com. This site is one of the most authoritative sites for making htaccess files where you will get to set it all graphically and after doing the edits copy the codes back to your own .htaccess file. 

Congratz! You now know how to use htaccess file without going through a hassle.

Elizabet J

Elizabet J

One OF my major goals is getting new experiences about ICT and what’s more making progress through this field.

user monovm

Zak

2021, Feb, 21

What's up, I check your new stuff on a regular basis. Your writing style is witty, keep it up!

user monovm

Margarette

2021, Feb, 21

I was wondering if you ever considered changing the layout of your website? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having one or two pictures. Maybe you could space it out better?

user monovm

Susith Nonis

2021, Feb, 21

Thanks for the feedback, Margarette. We are currently working on a new interface for our blogs and it will be up and running very soon. 

user monovm

Jacques

2021, Feb, 21

We stumbled over here different page and thought I might check things out. I like what I see so now i am following you. Look forward to looking over your web page for a second time.

user monovm

Jack

2021, Feb, 21

I was recommended this blog by my cousin. I'm not sure whether this post is written by him as nobody else know such detailed about my difficulty. You are incredible! Thanks!

user monovm

Chelsey

2021, Feb, 21

Simply want to say your article is as amazing. The clarity in your post is just cool and i could assume you are an expert on this subject. Fine with your permission allow me to grab your feed to keep up to date with forthcoming post. Thanks a million and please keep up the enjoyable work.