The most complete htaccess file usage collection
- 2020-05-06 12:05:31
- OfStack
1. Set
time zone Sometimes, when you use the date or mktime functions in PHP, it will display some very strange information depending on the time zone. The following is one way to solve this problem. This is to set the time zone of your server. You can find a list of all supported time zones here.
SetEnv TZ Australia/Melbourne
2. Search engine friendly 301 permanent redirection method
Why is search engine friendly? Because many modern search engines now have the ability to update their existing records by checking for permanent changes to 301.
Redirect 301 //www.jb51.net/home //www.jb51.net/
3. Block the download dialog box
usually, when you download something, you'll see a dialog asking you to keep the file or open it. If you don't want to see this, you can put the following code in your.htaccess file.
4. www prefix
is omitted One of the principles of SEO is to make sure your website has only one URL. Therefore, you need to redirect all access via www to non-www, or vice versa.
5. Personalize Error page
Customize your own personalized error page for each error code.
6. Zip file
Optimize the speed of your site by compressing your files.
7. Cache file
Caching files is another great way to speed up your site.
8. Cache
is not allowed for certain file types On the other hand, you can also customize to disable caching for certain file types.
security issues
The htaccess code below can improve the security level of your web server. Image link theft protection is very useful to prevent others from stealing and using the image resources on your server.
1. Through.htaccess put hotlinking
Hate those who steal images from your web server and use up your bandwidth? Try this. You can prevent this from happening.
2. Hack
If you want to improve the security level of your website, you can remove the following lines of code to prevent some common malicious URL matching hacking techniques.
Block access to your.htaccess file
The following code blocks access to your.htaccess file. Also, you can configure to block multiple file types.
4. Rename htaccess file
You can protect the htaccess file by renaming it.
5. Ban directory browsing
The server is not allowed to display the directory structure externally and vice versa.
6. Change the default Index page
You can change the default index.html, index.php or index.htm to another page.
7. Block unwanted visitors by quoting information
8. Block certain requests by determining browser header information This method saves you bandwidth by preventing certain bots or spider crawlers from crawling your site.
9. Disable script execution to enhance your directory security
time zone Sometimes, when you use the date or mktime functions in PHP, it will display some very strange information depending on the time zone. The following is one way to solve this problem. This is to set the time zone of your server. You can find a list of all supported time zones here.
SetEnv TZ Australia/Melbourne
2. Search engine friendly 301 permanent redirection method
Why is search engine friendly? Because many modern search engines now have the ability to update their existing records by checking for permanent changes to 301.
Redirect 301 //www.jb51.net/home //www.jb51.net/
3. Block the download dialog box
usually, when you download something, you'll see a dialog asking you to keep the file or open it. If you don't want to see this, you can put the following code in your.htaccess file.
AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mov
4. www prefix
is omitted One of the principles of SEO is to make sure your website has only one URL. Therefore, you need to redirect all access via www to non-www, or vice versa.
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www.lvtao.net [NC]
RewriteRule ^(.*)$ http://lvtao.net/$1 [L,R=301]
5. Personalize Error page
Customize your own personalized error page for each error code.
ErrorDocument 401 /error/401.php
ErrorDocument 403 /error/403.php
ErrorDocument 404 /error/404.php
ErrorDocument 500 /error/500.php
6. Zip file
Optimize the speed of your site by compressing your files.
# The compression text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
7. Cache file
Caching files is another great way to speed up your site.
Header set Cache-Control " max-age=2592000 "
8. Cache
is not allowed for certain file types On the other hand, you can also customize to disable caching for certain file types.
# Explicit rules prohibit caching for scripts and other dynamic files
3.Header unset Cache-Control
security issues
The htaccess code below can improve the security level of your web server. Image link theft protection is very useful to prevent others from stealing and using the image resources on your server.
1. Through.htaccess put hotlinking
Hate those who steal images from your web server and use up your bandwidth? Try this. You can prevent this from happening.
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?aqee.net/.*$ [NC]
RewriteRule .(gif|jpg|swf|flv|png)$ /feed/ [R=302,L]
2. Hack
If you want to improve the security level of your website, you can remove the following lines of code to prevent some common malicious URL matching hacking techniques.
RewriteEngine On
# proc/self/environ? No way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Prevents scripts from attempting to pass URL Modify the mosConfig value
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Prevent script from passing URL The passed base64_encode spam
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Stop in URL contains <\script> Tagged script
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block an attempt to pass URL Set up the PHP the GLOBALS Script for variables
RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR]
# Block an attempt to pass URL Set up the PHP the _REQUEST Script for variables
RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2})
# Redirect all blocked requests to 403 Disable prompt page!
RewriteRule ^(.*)$ index.php [F,L]
Block access to your.htaccess file
The following code blocks access to your.htaccess file. Also, you can configure to block multiple file types.
# To protect your htaccess file
order allow,deny
deny from all
# Prevents viewing the specified file
order allow,deny
deny from all
# Multiple file types
Order Allow,Deny
Deny from all
4. Rename htaccess file
You can protect the htaccess file by renaming it.
AccessFileName htacc.ess
5. Ban directory browsing
The server is not allowed to display the directory structure externally and vice versa.
# No directory browsing
Options All -Indexes
# Open directory browsing
Options All +Indexes
6. Change the default Index page
You can change the default index.html, index.php or index.htm to another page.
DirectoryIndex business.html
7. Block unwanted visitors by quoting information
# Block users from a website
RewriteEngine on
RewriteCond %{HTTP_REFERER} scumbag.com [NC,OR]
RewriteCond %{HTTP_REFERER} wormhole.com [NC,OR]
RewriteRule .* � [F]
8. Block certain requests by determining browser header information This method saves you bandwidth by preventing certain bots or spider crawlers from crawling your site.
# Block users from certain sites
SetEnvIfNoCase ^User-Agent$ .*(craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider
|leacher|collector|grabber|webpictures) HTTP_SAFE_BADBOT
SetEnvIfNoCase ^User-Agent$ .*(libwww-perl|aesop_com_spiderman) HTTP_SAFE_BADBOT
Deny from env=HTTP_SAFE_BADBOT
9. Disable script execution to enhance your directory security
# Disables script execution in certain directories
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI