Posted By

johnloy on 06/04/08


Tagged

server htaccess apache mod-rewrite


Versions (?)

Who likes this?

3 people have marked this snippet as a favorite

johnloy
jdstraughan
section31


Sample .htaccess


 / Published in: Apache
 

  1. ###############################################################################
  2.  
  3. #
  4.  
  5. # Copyright (c) 2006 SeQuential Partners. All rights reserved.
  6.  
  7. # This file and code/text contained herein is the property of SeQuential
  8.  
  9. # Partners, Indianapolis, IN. It may not be reprinted or published
  10.  
  11. # without written consent. You are free to use for personal use!
  12.  
  13. #
  14.  
  15. # Latest: http://www.askapache.com/htaccess.txt
  16.  
  17. #
  18.  
  19. ###############################################################################
  20.  
  21.  
  22.  
  23.  
  24.  
  25.  
  26.  
  27.  
  28.  
  29. ### Section 1: Main Settings and Options
  30.  
  31. #
  32.  
  33. # Options: ALL,ExecCGI,FollowSymLinks,Includes,IncludesNOEXEC,Indexes
  34.  
  35. # MultiViews, SymLinksIfOwnerMatch.
  36.  
  37.  
  38.  
  39. #
  40.  
  41. # Main Defaults.
  42.  
  43. #
  44.  
  45. Options +ExecCGI -Indexes
  46.  
  47. DirectoryIndex index.html index.htm index.php
  48.  
  49. DefaultLanguage en-US
  50.  
  51. AddDefaultCharset UTF-8
  52.  
  53. ServerSignature Off
  54.  
  55.  
  56.  
  57. ### ENVIRONMENT VARIABLES ###
  58.  
  59. #SetEnv PHPRC /webroot/includes
  60.  
  61. #SetEnv TZ America/Indianapolis
  62.  
  63. #SetEnv SERVER_ADMIN [email protected]
  64.  
  65.  
  66.  
  67. ### MIME TYPES ###
  68.  
  69. AddType video/x-flv .flv
  70.  
  71. AddType application/x-shockwave-flash .swf
  72.  
  73. AddType image/x-icon .ico
  74.  
  75.  
  76.  
  77. ### FORCE FILE TO DOWNLOAD INSTEAD OF APPEAR IN BROWSER ###
  78.  
  79. #-> http://www.htaccesselite.com/htaccess/addtype-addhandler-action-vf6.html
  80.  
  81. #AddType application/octet-stream .mov .mp3 .zip
  82.  
  83.  
  84.  
  85. ### ERRORDOCUMENTS ###
  86.  
  87. ErrorDocument 404 "404 error"
  88.  
  89. ErrorDocument 400 "400 error"
  90.  
  91. ErrorDocument 401 "401 error"
  92.  
  93. ErrorDocument 403 "403 error"
  94.  
  95. ErrorDocument 405 "405 error"
  96.  
  97. ErrorDocument 406 "406 error"
  98.  
  99. ErrorDocument 409 "409 error"
  100.  
  101. ErrorDocument 413 "413 error"
  102.  
  103. ErrorDocument 414 "414 error"
  104.  
  105. ErrorDocument 500 "500 error"
  106.  
  107. ErrorDocument 501 "501 error"
  108.  
  109.  
  110.  
  111. #=============================================================================#
  112.  
  113. # SCRIPTING, ACTION, ADDHANDLER
  114.  
  115. #=============================================================================#
  116.  
  117. # Handlers be builtin, included in a module, or added with Action directive
  118.  
  119. # default-handler: default, handles static content (core)
  120.  
  121. # send-as-is: Send file with HTTP headers (mod_asis)
  122.  
  123. # cgi-script: treat file as CGI script (mod_cgi)
  124.  
  125. # imap-file: Parse as an imagemap rule file (mod_imap)
  126.  
  127. # server-info: Get server config info (mod_info)
  128.  
  129. # server-status: Get server status report (mod_status)
  130.  
  131. # type-map: type map file for content negotiation (mod_negotiation)
  132.  
  133. # fastcgi-script: treat file as fastcgi script (mod_fastcgi)
  134.  
  135. ###########
  136.  
  137.  
  138.  
  139. ### PARSE AS CGI ###
  140.  
  141. #AddHandler cgi-script .cgi .pl .spl
  142.  
  143.  
  144.  
  145. ### RUN PHP AS APACHE MODULE ###
  146.  
  147. #AddHandler application/x-httpd-php .php .htm
  148.  
  149.  
  150.  
  151. ### RUN PHP AS CGI ###
  152.  
  153. #AddHandler php-cgi .php .htm
  154.  
  155.  
  156.  
  157. ### CGI PHP WRAPPER FOR CUSTOM PHP.INI ###
  158.  
  159. #AddHandler phpini-cgi .php .htm
  160.  
  161. #Action phpini-cgi /cgi-bin/php5-custom-ini.cgi
  162.  
  163.  
  164.  
  165. ### FAST-CGI SETUP WITH PHP-CGI WRAPPER FOR CUSTOM PHP.INI ###
  166.  
  167. #AddHandler fastcgi-script .fcgi
  168.  
  169. #AddHandler php-cgi .php .htm
  170.  
  171. #Action php-cgi /cgi-bin/php5-wrapper.fcgi
  172.  
  173.  
  174.  
  175. ### CUSTOM PHP CGI BINARY SETUP ###
  176.  
  177. #AddHandler php-cgi .php .htm
  178.  
  179. #Action php-cgi /cgi-bin/php.cgi
  180.  
  181.  
  182.  
  183. ### PROCESS SPECIFIC FILETYPES WITH CGI-SCRIPT ###
  184.  
  185. #Action image/gif /cgi-bin/img-create.cgi
  186.  
  187.  
  188.  
  189. ### CREATE CUSTOM HANDLER FOR SPECIFIC FILE EXTENSIONS ###
  190.  
  191. #AddHandler custom-processor .ssp
  192.  
  193. #Action custom-processor /cgi-bin/myprocessor.cgi
  194.  
  195.  
  196.  
  197. #=============================================================================#
  198.  
  199. # HEADERS, CACHING AND OPTIMIZATION
  200.  
  201. #=============================================================================#
  202.  
  203. #-> http://www.htaccesselite.com/htaccess/cache-control-http-headers-vt65.html
  204.  
  205. # 300 5 M
  206.  
  207. # 2700 45 M
  208.  
  209. # 3600 1 H
  210.  
  211. # 54000 15 H
  212.  
  213. # 86400 1 D
  214.  
  215. # 518400 6 D
  216.  
  217. # 604800 1 W
  218.  
  219. # 1814400 3 W
  220.  
  221. # 2419200 1 M
  222.  
  223. # 26611200 11 M
  224.  
  225. # 29030400 1 Y (never expire)
  226.  
  227. ###########
  228.  
  229.  
  230.  
  231. #### HEADER CACHING ####
  232.  
  233. #-> http://www.htaccesselite.com/htaccess/caching-using-header-vt2.html
  234.  
  235. #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico)$">
  236.  
  237. # Header set Cache-Control "max-age=2592000"
  238.  
  239. #</FilesMatch>
  240.  
  241. #<FilesMatch "\.(js|css|pdf|swf)$">
  242.  
  243. # Header set Cache-Control "max-age=604800"
  244.  
  245. #</FilesMatch>
  246.  
  247. #<FilesMatch "\.(html|htm|txt)$">
  248.  
  249. # Header set Cache-Control "max-age=600"
  250.  
  251. #</FilesMatch>
  252.  
  253. #<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
  254.  
  255. # Header unset Cache-Control
  256.  
  257. #</FilesMatch>
  258.  
  259.  
  260.  
  261. ### ALTERNATE EXPIRES CACHING ###
  262.  
  263. #-> htaccesselite.com/d/use-htaccess-to-speed-up-your-site-discussion-vt67.html
  264.  
  265. #ExpiresActive On
  266.  
  267. #ExpiresDefault A604800
  268.  
  269. #ExpiresByType image/x-icon A2592000
  270.  
  271. #ExpiresByType application/x-javascript A2592000
  272.  
  273. #ExpiresByType text/css A2592000
  274.  
  275. #ExpiresByType text/html A300
  276.  
  277. #<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
  278.  
  279. # ExpiresActive Off
  280.  
  281. #</FilesMatch>
  282.  
  283.  
  284.  
  285. ### META HTTP-EQUIV REPLACEMENTS ###
  286.  
  287. #<FilesMatch "\.(html|htm|php)$">
  288.  
  289. # Header set imagetoolbar "no"
  290.  
  291. #</FilesMatch>
  292.  
  293.  
  294.  
  295. #=============================================================================#
  296.  
  297. # REWRITES AND REDIRECTS
  298.  
  299. #=============================================================================#
  300.  
  301. # REQUEST METHODS: GET,POST,PUT,DELETE,CONNECT,OPTIONS,PATCH,PROPFIND,
  302.  
  303. # PROPPATCH,MKCOL,COPY,MOVE,LOCK,UNLOCK
  304.  
  305. ###########
  306.  
  307.  
  308.  
  309. ### REWRITE DEFAULTS ###
  310.  
  311. #RewriteEngine On
  312.  
  313. #RewriteBase /
  314.  
  315.  
  316.  
  317. ### REQUIRE SUBDOMAIN ###
  318.  
  319. #RewriteCond %{HTTP_HOST} !^$
  320.  
  321. #RewriteCond %{HTTP_HOST} !^subdomain\.domain\.tld$ [NC]
  322.  
  323. #RewriteRule ^/(.*)$ http://subdomain.domain.tld/$1 [L,R=301]
  324.  
  325.  
  326.  
  327. ### SEO REWRITES ###
  328.  
  329. #RewriteRule ^(.*)/ve/(.*)$ $1/voluntary-employee/$2 [L,R=301]
  330.  
  331. #RewriteRule ^(.*)/hsa/(.*)$ $1/health-saving-account/$2 [L,R=301]
  332.  
  333.  
  334.  
  335. ### WORDPRESS ###
  336.  
  337. #RewriteCond %{REQUEST_FILENAME} !-f # Existing File
  338.  
  339. #RewriteCond %{REQUEST_FILENAME} !-d # Existing Directory
  340.  
  341. #RewriteRule . /index.php [L]
  342.  
  343.  
  344.  
  345. ### ALTERNATIVE ANTI-HOTLINKING ###
  346.  
  347. #RewriteCond %{HTTP_REFERER} !^$
  348.  
  349. #RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC]
  350.  
  351. #RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ - [F]
  352.  
  353.  
  354.  
  355. ### REDIRECT HOTLINKERS ###
  356.  
  357. #RewriteCond %{HTTP_REFERER} !^$
  358.  
  359. #RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC]
  360.  
  361. #RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ http://google.com [R]
  362.  
  363.  
  364.  
  365. ### DENY REQUEST BASED ON REQUEST METHOD ###
  366.  
  367. #RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)$ [NC]
  368.  
  369. #RewriteRule ^.*$ - [F]
  370.  
  371.  
  372.  
  373. ### REDIRECT UPLOADS ###
  374.  
  375. #RewriteCond %{REQUEST_METHOD} ^(PUT|POST)$ [NC]
  376.  
  377. #RewriteRule ^(.*)$ /cgi-bin/form-upload-processor.cgi?p=$1 [L,QSA]
  378.  
  379.  
  380.  
  381. ### REQUIRE SSL EVEN WHEN MOD_SSL IS NOT LOADED ###
  382.  
  383. #RewriteCond %{HTTPS} !=on [NC]
  384.  
  385. #RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
  386.  
  387.  
  388.  
  389. #### ALTERNATATIVE TO USING ERRORDOCUMENT ###
  390.  
  391. #-> http://www.htaccesselite.com/d/htaccess-errordocument-examples-vt11.html
  392.  
  393. #RewriteCond %{REQUEST_FILENAME} !-f
  394.  
  395. #RewriteCond %{REQUEST_FILENAME} !-d
  396.  
  397. #RewriteRule ^.*$ /error.php [L]
  398.  
  399.  
  400.  
  401. ### SEO REDIRECTS ###
  402.  
  403. #Redirect 301 /2006/oldfile.html http://subdomain.domain.tld/newfile.html
  404.  
  405. #RedirectMatch 301 /o/(.*)$ http://subdomain.domain.tld/s/dl/$1
  406.  
  407.  
  408.  
  409. #=============================================================================#
  410.  
  411. # AUTHENTICATION AND SECURITY
  412.  
  413. #=============================================================================#
  414.  
  415. # http://www.htaccesselite.com/htaccess/basic-authentication-example-vt17.html
  416.  
  417. #
  418.  
  419. # Require (user|group|valid-user) (username|groupname)
  420.  
  421. ###########
  422.  
  423.  
  424.  
  425. ### BASIC PASSWORD PROTECTION ###
  426.  
  427. #AuthType basic
  428.  
  429. #AuthName "prompt"
  430.  
  431. #AuthUserFile /.htpasswd
  432.  
  433. #AuthGroupFile /dev/null
  434.  
  435. #Require valid-user
  436.  
  437.  
  438.  
  439. ### ALLOW FROM IP OR VALID PASSWORD ###
  440.  
  441. #Require valid-user
  442.  
  443. #Allow from 192.168.1.23
  444.  
  445. #Satisfy Any
  446.  
  447.  
  448.  
  449. ### PROTECT FILES ###
  450.  
  451. #<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
  452.  
  453. # Order Allow,Deny
  454.  
  455. # Deny from all
  456.  
  457. #</FilesMatch>
  458.  
  459.  
  460.  
  461. ### PREVENT HOTLINKING ###
  462.  
  463. #SetEnvIfNoCase Referer "^http://subdomain.domain.tld/" good
  464.  
  465. #SetEnvIfNoCase Referer "^$" good
  466.  
  467. #<FilesMatch "\.(png|jpg|jpeg|gif|bmp|swf|flv)$">
  468.  
  469. # Order Deny,Allow
  470.  
  471. # Deny from all
  472.  
  473. # Allow from env=good
  474.  
  475. # ErrorDocument 403 http://www.google.com/intl/en_ALL/images/logo.gif
  476.  
  477. # ErrorDocument 403 /images/you_bad_hotlinker.gif
  478.  
  479. #</FilesMatch>
  480.  
  481.  
  482.  
  483. ### LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK ###
  484.  
  485. #LimitRequestBody 10240000 #bytes, 0-2147483647(2GB)
  486.  
  487.  
  488.  
  489. #=============================================================================#
  490.  
  491. # SSL SECURITY
  492.  
  493. #=============================================================================#
  494.  
  495. #-> http://htaccesselite.com/d/redirecting-all-or-part-of-a-server-to-ssl-vt61
  496.  
  497. ###########
  498.  
  499.  
  500.  
  501. ### MOST SECURE WAY TO REQUIRE SSL ###
  502.  
  503. #-> http://www.askapache.com/2006/htaccess/apache-ssl-in-htaccess-examples.html
  504.  
  505. #SSLOptions +StrictRequire
  506.  
  507. #SSLRequireSSL
  508.  
  509. #SSLRequire %{HTTP_HOST} eq "domain.tld"
  510.  
  511. #ErrorDocument 403 https://domain.tld
  512.  
  513.  
  514.  
  515. #=============================================================================#
  516.  
  517. # SITE UNDER CONSTRUCTION
  518.  
  519. #=============================================================================#
  520.  
  521. # Heres some awesome htaccess to use when you are developing a site
  522.  
  523. ###########
  524.  
  525.  
  526.  
  527. ### COMBINED DEVELOPER HTACCESS CODE-USE THIS ###
  528.  
  529. #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)$">
  530.  
  531. # Header set Cache-Control "max-age=5"
  532.  
  533. #</FilesMatch>
  534.  
  535. #AuthType basic
  536.  
  537. #AuthName "Ooops! Temporarily Under Construction..."
  538.  
  539. #AuthUserFile /.htpasswd
  540.  
  541. #AuthGroupFile /dev/null
  542.  
  543. #Require valid-user # password prompt for everyone else
  544.  
  545. #Order Deny,Allow
  546.  
  547. #Deny from all
  548.  
  549. #Allow from 192.168.64.5 # Your, the developers IP address
  550.  
  551. #Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/
  552.  
  553. #Allow from googlebot.com # Allows google to crawl your pages
  554.  
  555. #Satisfy Any # no password required if host/ip is Allowed
  556.  
  557.  
  558.  
  559. ### DONT HAVE TO EMPTY CACHE OR RELOAD TO SEE CHANGES ###
  560.  
  561. #ExpiresDefault A5 #If using mod_expires
  562.  
  563. #<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|js|css|pdf|swf|html|htm|txt)$">
  564.  
  565. # Header set Cache-Control "max-age=5"
  566.  
  567. #</FilesMatch>
  568.  
  569.  
  570.  
  571. ### ALLOW ACCESS WITH PASSWORD OR NO PASSWORD FOR SPECIFIC IP/HOSTS ###
  572.  
  573. #AuthType basic
  574.  
  575. #AuthName "Ooops! Temporarily Under Construction..."
  576.  
  577. #AuthUserFile /.htpasswd
  578.  
  579. #AuthGroupFile /dev/null
  580.  
  581. #Require valid-user # password prompt for everyone else
  582.  
  583. #Order Deny,Allow
  584.  
  585. #Deny from all
  586.  
  587. #Allow from 192.168.64.5 # Your, the developers IP address
  588.  
  589. #Allow from w3.org # css/xhtml check jigsaw.w3.org/css-validator/
  590.  
  591. #Allow from googlebot.com # Allows google to crawl your pages
  592.  
  593. #Satisfy Any # no password required if host/ip is Allowed

Report this snippet  

You need to login to post a comment.