Basic .htaccess commands
Posted by Barry Tarbet on 11 January 2007 04:27 PM
The Apache ".htaccess" file allows you to tweak or override certain configuration options used by the web server. Some common uses for this include:
- Custom error pages
- Deny users by IP
- Change the default index pages
- Prevent hot-linking of your images
- Prevent directory listings
The .htaccess file itself is a plain text file, and can be created and uploaded via FTP (see 5.1), Note that the file must be named ".htaccess". Some Windows text editors will not let you save a file with this name, so you may have to save the file as something else and then rename it before uploading.
.htaccess files affect the directory they are placed in and all sub-directories. You can prevent and alter this behaviour by placing further .htaccess files inside selected sub-directories. For example, if you place a top-level .htaccess file that sets password protection, every directory below that will be protected. If you then place a .htaccess file without these password protection commands inside a sub-directory, this directory and all its children will not be protected. Apache will look back up the directory tree and use the nearest .htaccess file that it finds. It will not combine rules from multiple files.
Custom Error Pages
In order to specify your own custom error documents, you need to add the following command, on one line, within your htaccess file:
ErrorDocument 404 /directory/filename.html
Replace "/directory/filename.html" in the above line with the path to the HTML file you want to be displayed whenever the server returns code 404 (the â€œfile not foundâ€ error).
Other common error codes include:
401 - Authorization Required
403 - Forbidden
500 â€“ Internal Server ErrorDocument
If you want to use an error document handler for each of the error codes above, the .htaccess file would look like the following
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.html
Change the default index page
The default index page is the file that the user will be redirected to if they only enter a directory into their browser address bar. This is usually index.html. For example, if a visitor typed â€œhttp://www.yourdomain.com/â€ into their browser, they would be sent to â€œhttp://www.yourdomain.com/index.htmlâ€ by default.
You can override this in your .htaccess file:
Placing this command in your root .htaccess will tell Apache to redirect all requests that don't include a filename to "newindex.html" instead of the default "index.html".
You can even give Apache a list of files to use:
DirectoryIndex index.php index.pl index.html
Now, when a user types "http://www.yourdomain.com/", Apache will first look for "index.php" and redirect to that file if it exists. If it doesn't it will try the next file, and so on, from left to right.
Several options for altering the behaviour of PHP are available via .htaccess: most of which are already defined on an account-wide basis via the 'php.ini' file, which is normally located at:
However, if PHP is running as an Apache module, you can tweak the PHP setup for an individual site or even single directory, rather than everything on your account, using some of the following directives in a .htaccess file.
If a script you are running requires libraries which are either not accessible from the web, or are included from many different scripts in different locations, it may be best to include the libraries folder in your PHP include path.
php_value include_path ".:/home/virtual/yourdomain.com/var/www/html/libs"
The register_globals option sets whether the contents of the global array variables such as $_GET, $_POST, $_FILE etc are available as variables. For example:
if this script is called as script.php?getvar=hello, then the output of the script will be:
only if register globals is on. If register_globals is off, then to use the value passed to the script on the query string, the script should be amended thus:
To turn register_globals off (advised):
php_value register_globals 0
More information can be found at http://www.php.net/manual/en/configuration.php and a detailed list of directives can found found here: http://uk2.php.net/manual/en/ini.php
You can specify additional MIME Types in .htaccess, too. The user's browser will be setup to handle different file types with different helper applications (for example, a Windows user may have '.txt' files with the MIME Type 'text/plain' to automatically open in Notepad).
You can change the MIME type the server sends to the browser using .htaccess directives. The following example sets '.ogg' audio files to be of type 'application/x-download', which should force the browser to ask the user to download the file, instead of attempting to open it.
AddType application/x-download .ogg
You can check what MIME Types you have setup on your account by checking the file /etc/mime.types
You can find a reasonably recent list of MIME Types here.
If you've moved parts of your site around and want users to be redirected to the new location when they type in the old one, you can use the following command:
Redirect /olddirectory/ http://yoursite.com/newdirectory/
Note that there are three parts to this command: "Redirect", then the path of the old directory or file (which may or may not still exist on the server), and then the full URL to redirect to
If you need further service, please submit a support ticket - thank you for selecting OccHosting.com