From this guide, you will be able to learn about .htaccess files and their functions, and use them to optimize your website. Although .htaccess is just a file, it can change the settings of the server, allowing you to do many different things, the most popular feature is that you can create a custom "404 error" page. .htaccess is not difficult to use. Ultimately, it is just a matter of adding a few simple instructions to a text document.
First you have to determine if the host supports it
This may be difficult to answer with a simple answer. Many hosts support .htaccess but don't actually state it specifically, and many other types of hosts are capable but don't allow their users to use .htaccess. Generally speaking, if your host uses a Unix or Linux system, or any version of the Apache web server, .htaccess is theoretically supported, although your hosting provider may not allow you to use it.
A good sign to tell if your host allows .htaccess is if it supports folder password protection. In order to achieve this function, the hosting provider needs to use .htaccess (of course, in a few cases, although they provide password protection, they do not allow you to use .htaccess). If you are not sure whether your host supports .htaccess, the best way is to upload your own .htaccess file to see if it works, or directly send an e-mail to your hosting service provider for consultation.
The .htaccess file (or "distributed configuration file") in the Apache system provides a method to change the configuration for a directory, that is, place a file containing one or more directives in a specific document directory to act on this directory and All its subdirectories. As a user, the commands that can be used are restricted. Administrators can set them through Apache's AllowOverride directive.
Directives in subdirectories override directives in higher-level directories or in the main server configuration file.
.htaccess must be uploaded in ASCII mode, preferably with its permissions set to 644.
.htaccess can do a ton of things, including: password protection of folders, automatic user redirection, custom error pages, changing your file extensions, banning users from specific IP addresses, only allowing users from specific IP addresses, banned directory listings , and use other files as index files.
Creating .htaccess files may cause you some difficulties. Writing files is easy, you just need to write the appropriate code in a text editor (such as WordPad). The real difficulty may be saving the file, since .htaccess has a weird filename (it doesn't actually have a filename, just an 8-letter extension) and is not acceptable in some systems (like Windows 3.1) Such file name. On most operating systems, all you need to do is save the document as: ".htaccess" (including the quotes). If this doesn't work, you need to name it something else (for example, htaccess.txt), upload it to the server, and then use FTP software to rename it directly.
warn
Before using .htaccess, I must give you some warnings. While using .htaccess on a server is absolutely unlikely to cause you any trouble (it just doesn't work if something is wrong), you have to be especially careful if you use Microsoft FrontPage Extensions. Because FrontPage Extensions themselves use .htaccess, you cannot edit it and add your own information. If you really need this (not recommended, but possible), you should first download the .htaccess file from the server (if it exists), and then add your code in front of it.
2|Configuration of .httacces file
The first use of .htaccess I'm going to cover is custom error pages. This will allow you to have your own, personalized error page (for example when a file is not found) rather than the error page provided by your service provider. Or there are no pages. This will make your website look more professional when something goes wrong. You can also use a script to notify you when an error occurs (for example, I use Free Webmaster Help's PHP script to automatically e-mail me when a page cannot be found).
Any page error code you know (like 404 Page Not Found) can be turned into a custom page by adding the following text to the .htaccess file:
ErrorDocument errornumber /file.html
For example, if I have a nofound.html file in my root directory, I want to use it as the 404 error page:
ErrorDocument 404 /notfound.html
If the file is not in the root directory of the website, you only need to set the path to:
ErrorDocument 500 /errorpages/500.html
Here are some of the most common errors:
Common client request error return codes:
400 - Bad request Bad request
401 Authorization Required requires verification
403 Forbidden
404 Not Found Page not found
405 Method Not Allowed
408 Request Timed Out
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
Common server error return codes:
500 Internal Server Error Internal Server Error
Next, all you have to do is create a file that displays when errors occur, and then upload them along with .htaccess.
Users can use .htaccess to specify their own pre-made error reminder page. In general, people can set up a special directory, such as errors, to place these pages. Then add the following instructions to .htaccess:
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/internalerror.html
One instruction per line. The meaning of the first instruction above is for 404, that is, when the required document is not found, the page must be displayed as the notfound.html page in the /errors directory. It is not difficult to see that the syntax format is:
ErrorDocument error code/directory name/file name.extension
If there is very little information to be prompted, there is no need to create a special page and use the HTML number directly in the command, such as the following example:
ErrorDocument 401 "You do not have permission to access this page, please give up!"
Sometimes, for some reason, there is no index file in your directory, which means that when someone types the path to the directory in the browser address bar, all the files in the directory will be displayed, which will leave a mark on your website. Lower safety hazards.
To avoid this (without having to create a bunch of new index files), you can prevent the directory listing from being displayed by typing the following command in your .htaccess document: Options-Indexes
In some cases, you may only want to allow users with certain IPs to access your website (for example, only allow users with a specific ISP to enter a directory), or you may want to block certain IP addresses (for example, by Low-level users are kept out of your message board). Of course, this only works if you know the IP address you want to block, however most users online these days use dynamic IP addresses, so this is not a common way to limit usage.
You can ban an IP address using the following command:
deny from 000.000.000.000
000.000.000.000 here is the blocked IP address. If you only specify a few of them, you can block the entire network segment. If you enter 210.10.56., all IP addresses from 210.10.56.0 to 210.10.56.255 will be blocked.
You can allow an IP address to access the website using the following command:
allow from 000.000.000.000
The allowed IP address is 000.000.000.000. You can block the entire network segment just like you block the IP address.
If you want to prevent everyone from accessing the directory, you can use:
deny from all
However, this does not affect the script's use of documents in this directory.
Change the default homepage file
Generally, the default homepage file names include default, index, etc. However, sometimes there is no default file in the directory, but a specific file name, such as w3sky.PHP in w3sky. In this case, it is troublesome for the user to remember the file name to access it. New default file names can be easily set in .htaccess:
DirectoryIndex new default file name
Multiple lists can also be listed, with the order indicating the priority between them, for example:
DirectoryIndex filename.html index.cgi index.pl default.htm
Maybe you don't want to keep using index.htm or index.html as the directory's index file. For example, if your site uses PHP files, you might want to use index.PHP as the directory's index document. Of course, you don't have to be limited to the "index" document. If you want, using .htaccess you can even set foofoo.balh as your index document!
These mutually replacing index files can be arranged in a list, and the server will search from left to right to check which document exists in the real directory. If none are found, it will display the directory listing (unless you have turned off showing directory file listings).
DirectoryIndex index.PHP index.PHP3 messagebrd.pl index.html index.htm
One of the most useful features of .htaccess is to redirect requests to different documents within or outside the same site. This is extremely useful when you change the name of a file but still want users to access it using the old address. Another application (that I find useful) is redirecting to a long URL, for example in my newsletter I can use a very short URL to point to my affiliate link. Here is an example of a redirect file:
Redirect /location/from/root/file.ext
http://www.w3sky.com/new/file/123.html
In the above example, to access the file named oldfile.html in the root directory, type:
/oldfile.html
To access files in an old subdirectory, type:
/old/oldfile.html
You can also use .htaccess to redirect entire website directories. If you have a directory named olddirectory on your website, and you have created the same document as above on a new website http://www.w3sky.com/newdirectory/ , you can copy all the files in the old directory Do a redirect without having to declare them one by one:
Redirect /olddirectory http://www.w3sky.com/newdirectory
In this way, any requests directed to the /olddirectory directory in the site will be redirected to the new site, including the additional URL information appended. For example, someone types:
Requests will be redirected to:
This feature is extremely powerful if used correctly.
We may redesign the website, move documents, or change the directory. At this time, visits from search engines or links from other websites may go wrong. In this case, you can use the following command to automatically redirect the old URL to the new address:
Redirect /old directory/old document name address of new document
Or redirect the entire directory:
Redirect old directory new directory
Although there are various uses for .htaccess, by far the most popular, and probably the most useful, is using it for reliable password protection of website directories. Although JavaScript and others can also do it, only .htaccess has perfect security (that is, visitors must know the password before they can access the directory, and there is no "backdoor").
Using .htaccess to password-protect a directory is a two-step process. The first step is to add the appropriate lines of code to your .htaccess document, and then place the .htaccess document in the directory you want to protect:
AuthName “Section Name”
AuthType Basic
AuthUserFile /full/path/to/.htpasswd
Require valid-user
You may need to modify some parts of the above content based on your website, such as replacing "Section Name" with the name of the protected section "Members Area".
/full/parth/to/.htpasswd should be replaced with the full server path pointing to the .htpasswd file (more on this document later). If you don't know the full path to your web space, please ask your system administrator.
Password protection of directories is more troublesome than other features of .htaccess, because you must also create a document containing a username and password to access your website, and the relevant information (by default) is located in a document called .htpasswd. Like .htaccess, .htpasswd is a document with no file name and an 8-bit extension that can be placed anywhere on your website (the password should be encrypted at this time), but it is recommended that you save it outside the web root directory of your website , so that it cannot be accessed through the network. 1516501417
When using .htaccess to password-protect a directory, it contains the path to the password file. For security reasons, it is necessary to protect .htaccess so that others cannot see its contents. Although this can be done in other ways, such as permissions on the document. However, .htaccess itself can also do it, just add the following instructions: 1516501417
order allow,deny
deny from all
To use .htaccess to set access users and corresponding passwords for documents in a directory, the first thing to do is to generate a .htpasswd text document, for example:
forge:y4E7Ec8e7EwV
The password here is encrypted, and users can find some tools to encrypt the password into an encoding supported by .htaccess. It is best not to place this document in the www directory. It is recommended to place it outside the www root directory document, which is safer.
With the authorized user document, you can add the following instructions to .htaccess:
Server directory for AuthUserFile .htpasswd
AuthGroupFile /dev/null (directory that requires authorized access)
AuthName EnterPassword
AuthType Basic (authorization type)
require user wsabstract (users allowed to access, if you want all users in the table to be allowed, you can use require valid-user)
Note, the brackets are the comments you added when studying.
Deny access from an IP
If I don't want a certain government department to access the content of my site, I can exclude them by adding the department's IP in .htaccess.
For example:
order allow,deny
deny from 210.10.56.32
deny from 219.5.45.
allow from all
The second line denies a certain IP, and the third line denies a certain IP range, that is, 219.5.45.0~219.2.45.255
Want to reject everyone? Just use deny from all. Not only IP, but also domain name can be used to set it.
After creating the .htpasswd document (which can be created with a text editor), the next step is to enter the username and password used to access the website, which should be:
username:password
The position of "password" should be the encrypted password. You can get encrypted passwords in several ways: one is to use a permade script available online or write one yourself; another good username/password encryption service is through the KxS website, which allows you to enter your username and password. , and then generate a correctly formatted password.
For multiple users, you only need to add a new line with the same format in the .htpasswd document. In addition, there are some free script programs that can easily manage .htpasswd files and automatically add/remove users, etc.
When you try to access a directory protected by an .htaccess password, your browser will pop up the standard username/password dialog. If you don't like this method, some scripts allow you to embed username/password input boxes in the page for authentication. You can also enter the username and password (unencrypted) in the browser's URL box in the following way:
http://username:password@ www.w3sky.com/directory/
If you don't like others to link their own pictures and documents on their web pages, you can also do it through the htaccess command.
The required instructions are as follows:
RewriteEngine on
RewriteCond %{ HTTP_REFERER } !^$
RewriteCond %{ HTTP_REFERER } !^http://(www.)?w3sky.com/.*$ [NC]
RewriteRule .(gif &line;jpg)$ - [F]
If you think it doesn’t look good to have a skylight open on someone else’s page, you can use a picture instead:
RewriteEngine on
RewriteCond %{ HTTP_REFERER } !^$
RewriteCond %{ HTTP_REFERER } !^http://(www.)?w3sky.com/.*$ [NC]
RewriteRule .(gif &line;jpg)$ http://www.w3sky.com/Replacement picture file name [R,L]
This method is to redirect all yourdomain.com traffic to www.yourdomain.com (or vice versa). In fact, some people abroad think that this method is not helpful to PageRank. I think it's because they saw that there is a preferred domain tool in the Google administrator tools, which can specify Google's crawlers to use www.yourdomain.com or yourdomain.com as the preferred domain for crawling and ranking, and the redirection seems unnecessary. But many people have indeed confirmed that this is effective. Anyway, no one has said that this method will have any damage to SEO or pagerank.
Write in .htaccess:
Options +FollowSymlinks All -Indexes
rewriteEngine on
rewriteBase/
RewriteCond %{HTTP_HOST} ^domain.com$
RewriteRule ^(.*)$ http://www.domain.com/ $1 [R=301,L]
Forced removal of 3w
The following takes WordPress as an example. In other situations, you can refer to it and solve it by yourself. There is usually a .htaccess file in your WordPress directory. If not, create one manually. If you set up permalink, the content in .htaccess will be as follows:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Let’s not worry about what it means specifically, just add below the line RewriteBase /:
RewriteCond %{HTTP_HOST} ^ www.yourdomain.tld $ [NC]
RewriteRule ^(.*)$ http://yourdomain.tld/ $1 [R=301,L]
And you're done. Of course, replace yourdomain.tld with your own domain name. The above two lines mean to rewrite the form www.yourdomain.tld into yourdomain.tld, and permanently redirect all links accessing the former to the latter.
It is mandatory to add www before the domain name
If you really insist on adding www in front, my above words will be in vain, and I express my regrets. But, you can. Just change the two lines of code added above to this:
RewriteCond %{HTTP_HOST} ^yourdomain.tld$ [NC]
RewriteRule ^(.*)$ http://www.yourdomain.tld/ $1 [R=301,L]
.htaccess is a powerful tool that site administrators can use. It has more variations to suit different purposes, saving time and improving website security.
Special instructions for .htaccess
* To enable .htaccess, you need to modify httpd.conf, enable AllowOverride, and use AllowOverride to restrict the use of specific commands.
* If you need to use a file name other than .htaccess, you can use the AccessFileName directive to change it. For example, if you need to use .config, you can configure it in the server configuration file as follows:
AccessFileName.config
* In general, .htaccess files should not be used unless you do not have access to the main configuration file. There is a very common misunderstanding that user authentication can only be achieved through .htaccess files. In fact, this is not the case. It is completely feasible and a good method to write user authentication in the main configuration file. .htaccess files should be used in situations where the content provider needs to change the server's configuration for a specific directory without root privileges. If the server administrator is unwilling to frequently modify the configuration, he or she can allow users to modify the configuration themselves through the .htaccess file, especially if the ISP runs multiple user sites on the same machine and hopes that users can change the configuration themselves. Nonetheless, you should generally avoid using .htaccess files whenever possible. Any configuration you wish to place in the .htaccess file can be placed in the <Directory> section of the main configuration file and is more efficient. There are two main reasons to avoid using .htaccess files, namely performance and security.
Attached: .htaccess tool connection
Online .htaccess file generator
http://cooletips.de/htaccess/
Able to generate .htaccess files online, it is very simple to configure redirection, system error files, etc.
.htaccess editor online editor
Customizable default encoding, error pages, etc.