Some .htaccess rules

Posted: May 2, 2013 in General linux

Redirect non-www to www

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.

RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

1. To enable directory browsing

Options +Indexes

## block a few types of files from showing

IndexIgnore *.wmv *.mp4 *.avi

2. To disable directory browsing

Options All -Indexes

DenyIp adresses from accesssing the domain –

order allow,deny
allow from all

deny from 10.114.43.102
deny from 10.224.160.4

3. To get SSL working with HTML/SHTML

AddType text/html .html

AddType text/html .shtml

AddHandler server-parsed .html

AddHandler server-parsed .shtml

# AddHandler server-parsed .htm

4. To block users from accessing the site

order deny,allow

deny from 10.54.122.33

deny from 10.70.44.53

deny from .spammers.com

allow from all

5. To allow only LAN users

order deny,allow

deny from all

allow from 192.168.0.0/24

6. To Redirect Visitors to New Page/Directory

Redirect oldpage.html http://www.domainname.com/newpage.html

Redirect /olddir http://www.domainname.com/newdir/

If you only want to allow a certain range of IP addresses inside of 10.50.0.0 (such as from 10.50.10.20 through 10.50.10.80) you can use the following command:

iptables -A INPUT -i eth1 -m iprange –src-range 10.50.10.20-80 -j ACCEPT

7. To block site from specific referrers

RewriteEngine on

RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]

RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]

RewriteRule .* – [F]

8. To Block Hot Linking/Bandwidth hogging

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]

RewriteRule \.(gif|jpg)$ – [F]

9. To Stop .htaccess (or any other file) from being viewed

order allow,deny

deny from all

10. To Avoid the 500 Error

# Avoid 500 error by passing charset

AddDefaultCharset utf-8

11. To Grant CGI Access in a directory

Options +ExecCGI

AddHandler cgi-script cgi pl

# To enable all scripts in a directory use the following

# SetHandler cgi-script

12. To Change Script Extensions

AddType application/x-httpd-php .gne

gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc.

13. To Enable Gzip – Save Bandwidth

# BEGIN GZIP

# Combine the below two lines – I’ve split it up for presentation

AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css

application/x-javascript application/javascript

# END GZIP

14. To Turn off magic_quotes_gpc

# Only if you use PHP

php_flag magic_quotes_gpc off

15. To block access to foles during certain hours of the day

Options +FollowSymLinks

RewriteEngine On

RewriteBase /

# If the hour is 16 (4 PM) Then deny all access

RewriteCond %{TIME_HOUR} ^16$

RewriteRule ^.*$ – [F,L]

16.To password protect 1 file alone

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthType Basic

AuthUserFile /home/askapache.com/.htpasswd

Require valid-user

AuthName “htaccess password prompt”

AuthType Basic

AuthUserFile /home/askapache.com/.htpasswd

Order deny,allow

Deny from all

Require valid-user

17. To password protect multiple files

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthUserFile /.htpasswd

AuthType basic

Require valid-user

18. To allow network/netmask pair

Order deny,allow

Deny from all

Allow from 10.1.0.0/255.255.0.0

19. To allow IP address

Order deny,allow

Deny from all

Allow from 10.1.2.3

20.To allow more than 1 IP address

Order deny,allow

Deny from all

Allow from 192.168.1.104 192.168.1.205

21. To Partial IP addresses, first 1 to 3 bytes of IP, for subnet restriction

Order deny,allow

Deny from all

Allow from 10.1

Allow from 10 172.20 192.168.2

22. To allow accessing site from one IP without password and allow from any address with password prompt

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthUserFile /home/askapache.com/.htpasswd

AuthType Basic

Require valid-user

Allow from 172.17.10.1

Satisfy Any

23. Add a .htaccess file in the directory you want to protect with the following code.

AuthType Basic

AuthName “Restricted Files”

AuthUserFile /path/to/htpwd/.htpasswd

Require valid-user

Then chmod with following commands

$ chmod 644 .htaccess

$ chmod 640 .htpasswd

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s