A summary of the basic configuration of.htaccess on the Apache server

The.htaccess file (or "distributed configuration file") provides a way to change the configuration for a directory by placing a file containing one or more instructions in a specific document directory to act on that directory and all its subdirectories. As a user, the commands you can use are limited. Administrators can set this using Apache's AllowOverride directive.

- directives in subdirectories overwrite directives in more advanced directories or primary server configuration files.

-.htaccess must be uploaded in ASCII mode, preferably with its permissions set to 644.

The location of the wrong document

Common client request error return code:
401 Authorization Required
403 Forbidden
404 Not Found
405 Method Not Allowed
408 Request Timed Out
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
Common server error return code:
500 Internal Server Error

Users can use.htaccess to specify their own pre-made error warning pages. In general, people can set up a directory, such as errors, to place these pages. Then, in.htaccess, add the following instruction:

ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/internalerror.html

1 instruction 1 line. The first instruction above means that for 404, when the required document is not found, the page should be notfound.html in the directory /errors. It is not difficult to see that the grammatical format is:

ErrorDocument error code/directory name/filename. Extension

If you need very little information to prompt you, you don't need to make a page, just use the HTML number in the instruction, as in this example:

ErrorDocument 401"
You do not have access to this page, please give up!
"

Password protection for document access

To use.htaccess to set access user and password for a document in a directory, the first thing to do is to generate a.htpasswd text document, such as:

zheng:y4E7Ep8e7EYV

In this case, the password is encrypted, so the user can find some tools to encrypt the password into the code supported by.htaccess. It is best not to place this document in the www directory. It is recommended that it be placed outside the www root directory document to be more secure.

With the authorized user documentation, the following instructions can be added to.htaccess:

AuthUserFile.htpasswd server directory
AuthGroupFile /dev/null (directories requiring authorized access)
AuthName EnterPassword
AuthType Basic (authorization type)

require user wsabstract (for users who are allowed access, require valid-user if you want all users in the table to do so)

Note: the brackets are the notes you added while studying

Deny access from an IP

If I don't want a government department to access my site's content, I can exclude them by adding IP to that department's.htaccess.

Such as:

order allow,deny

deny from 210.10.56.32

deny from 219.5.45.

allow from all

Line 2 rejects an IP, and line 3 rejects an IP segment, i.e. 219.5.45.0~219.2.45.255

Want to say no to everyone? deny from all okay. Not only IP, but also the domain name.

Protect the.htaccess document

When you use.htaccess to set password protection for the directory, it contains the path to the password file. For security reasons, it is necessary to protect.htaccess from others. You can do this in other ways, though, such as document permissions. However,.htaccess can do this on its own by adding the following instructions:

order allow,deny

deny from all

URL steering

We may have replanned the site, migrated the documents, or changed the directory. That's when a visit from a search engine or a link from another website can go wrong. In this case, the old URL can be automatically redirected to the new address by following instructions:

Redirect/old directory/old document name the address of the new document

Or the entire directory to:

Redirect old directory new directory

Change the default home page file

1 generally, the default home file names are default, index, and so on. However, sometimes there is no default file in the directory, but a specific file name, such as pmwiki.php in pmwiki. In this case, it is cumbersome for the user to remember the file name to access. You can easily set a new default file name in.htaccess:

DirectoryIndex new default file name

You can also list more than one, in order indicating the priority between them, for example:

DirectoryIndex filename.html index.cgi index.pl default.htm

Preventing hotlinking

If you don't like people linking their own images and documents to their web pages, you can do so with the htaccess command.

The required instructions are as follows:

RewriteEngine on

RewriteCond %{ HTTP_REFERER } !^$

RewriteCond %{ HTTP_REFERER } !^http://(www.)?mydomain.com/.*$ [NC]

RewriteRule .(gif&line;jpg)$ - [F]

If you don't think it's nice to have someone's page skylight, use a picture instead:

RewriteEngine on

RewriteCond %{ HTTP_REFERER } !^$

RewriteCond %{ HTTP_REFERER } !^http://(www.)?mydomain.com/.*$ [NC]

RewriteRule .(gif&line;jpg)$ http://www.mydomain.com/ Alternate image file name  [R,L]