>>
Site Map
>>
Forums
>>
Admin_HostingDomain
Forum module - topics in forum:
Admin_HostingDomain - Các hướng dẫn cài đặt quản lý và mua bán hosting domain, Cấu hình server web
Tất cả về .htaccess những code hay
sau đây là một số đoạn code nhỏ về htacces rất hữu ích .. mình cố gắng để nó ở mãu nhỏ nhất để các bạn có thể trộn và gắn vào các mẫu khác tuỳ theo nhu cầu sử dụng
=======
( tất cả tiêu đề bằng tiếng anh và giải thích đều kèm theo code bằng thuật ngữ tiếng anh ) nếu bạn nào không rõ có thể hỏi ở đây..
Make any file be a certain filetype (regardless of name or extension)
| Code: : |
#Makes image.gif, blah.html, index.cgi all act as php
ForceType application/x-httpd-php |
Authentication Magic
Require password for 1 file:
| Code: : |
<Files login.php>
AuthName "Prompt"
AuthType Basic
AuthUserFile /home/askapache.com/.htpasswd
Require valid-user
</Files> |
Protect multiple files:
| Code: : |
<FilesMatch "^(exec|env|doit|phpinfo|w)*$">
AuthName "Development"
AuthUserFile /.htpasswd
AuthType basic
Require valid-user
</FilesMatch> |
Example uses of the Allow Directive:
| Code: : |
# A (partial) domain-name
Allow from 10.1.0.0/255.255.0.0
# Full IP address
Allow from 10.1.2.3
# More than 1 full IP address
Allow from 192.168.1.104 192.168.1.205
# Partial IP addresses
# first 1 to 3 bytes of IP, for subnet restriction.
Allow from 10.1
Allow from 10 172.20 192.168.2
# network/netmask pair
Allow from 10.1.0.0/255.255.0.0
# network/nnn CIDR specification
Allow from 10.1.0.0/16
# IPv6 addresses and subnets
Allow from 2001:db8::a00:20ff:fea7:ccea
Allow from 2001:db8::a00:20ff:fea7:ccea/10 |
Using visitor dependent environment variables:
| Code: : |
SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
Order Deny,Allow
Deny from all
Allow from env=let_me_in |
Allow from apache.org but deny from foo.apache.org
| Code: : |
Order Allow,Deny
Allow from apache.org
Deny from foo.apache.org |
Allow from IP address with no password prompt, and also allow from non-Ip address with password prompt:
| Code: : |
AuthUserFile /home/www/site1-passwd
AuthType Basic
AuthName MySite
Require valid-user
Allow from 172.17.10
Satisfy Any |
block access to files during certain hours of the day
| Code: : |
# If the hour is 16 (4 PM) Then deny all access
RewriteCond %{TIME_HOUR} ^16$
RewriteRule ^.*$ - [F,L] |
Redirect non-https requests to https server fixing double-login problem and ensuring that htpasswd authorization can only be entered using HTTPS
| Code: : |
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com |
SEO Friendly redirects for bad/old links and moved links
For single moved file
| Code: : |
Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html |
For multiple files like a blog/this.php?gh
| Code: : |
| RedirectMatch 301 /blog(.*) http://www.askapache.com/$1 |
different domain name
| Code: : |
| Redirect 301 / http://www.newdomain.com |
Require the www
| Code: : |
RewriteCond %{HTTP_HOST} !^www\.example\.com$
RewriteRule ^(.*)$ http://www.example.com/$1 [R=301,L] |
Redirect everyone to different site except 1 IP address (useful for web-development)
| Code: : |
ErrorDocument 403 http://www.someothersite.com
Order deny,allow
Deny from all
Allow from 24.33.65.6 |
CHMOD your files
chmod .htpasswd files 640
chmod .htaccess files 644
chmod php files 600
chmod files that you really don't want people to see as 400
NEVER chmod 777, if something requires write access use 766
Variable (mod_env) Magic
Set the Timezone of the server:
Turn off the ServerSignature
| Code: : |
| ServerSignature Off |
Add a "en" language tag and "text/html; UTF-8" headers without meta tags
| Code: : |
AddDefaultCharset UTF-8
# Or AddType 'text/html; charset=UTF-8' html
DefaultLanguage en-US |
Use a custom php.ini
Detailed instructions for doing this whether you are using php as a cgi or the apache module mod_php
Securing directories: Remove the ability to execute scripts
Heres a couple different ways I do it
| Code: : |
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
This is cool, you are basically categorizing all those files that end in those extensions so that they fall under the jurisdiction of the -ExecCGI command, which also means -FollowSymLinks (and the opposite is also true, +ExecCGI also turns on +FollowSymLinks) |
Only allow GET and PUT request methods to your server.
| Code: : |
Options -ExecCGI -Indexes -All
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD) RewriteRule .* - [F] |
Processing All gif files to be processed through a cgi script
| Code: : |
| Action image/gif /cgi-bin/filter.cgi |
Process request/file depending on the request method
| Code: : |
| Script PUT /cgi-bin/upload.cgi |
Force Files to download, not be displayed in browser
AddType application/octet-stream .avi
AddType application/octet-stream .mpgThen in your HTML you could just link directly to the file..
| Code: : |
<a href="/movies/mov1.avi">Download Movie1</a>And then you will get a pop-up box asking whether you want to save the file or open it. |
Show the source of dynamic files
If you'd rather have .pl, .py, or .cgi files displayed in the browser as source rather than be executed as scripts, simply create a .htaccess file in the relevant directory with the following:
| Code: : |
RemoveHandler cgi-script .pl .py .cgi |
Dramatically Speed up your site by implementing Caching!
| Code: : |
# MONTH
<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|swf)$">
Header set Cache-Control "max-age=2592000"
</FilesMatch>
# WEEK
<FilesMatch "\.(js|css|pdf|txt)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
# DAY
<FilesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=43200"
</FilesMatch>
|
Prevent Files image/file hotlinking and bandwidth stealing
| Code: : |
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?askapache.com/.*$ [NC]
RewriteRule \.(gif|jpg|swf|flv|png)$ http://www.askapache.com/legal.gif [R=302,L] |
ErrorDocuments
| Code: : |
ErrorDocument 404 /favicon.ico
ErrorDocument 403 https://secure.htaccesselite.com
|
| Code: : |
ErrorDocument 404 /cgi-bin/error.php
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/error.php
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php |
Note: You can also do an external link, but don't do an external link to your site or you will cause a loop that will hurt your SEO.
Thêm một số cơ bản
.htaccess Basics
A .htaccess file is a special file used to control certain aspects of your website. With .htaccess you can:
1. Password protect directories
2. Point domains and subdomains to specific directories
3. Block traffic to your website
4. and more
When you place a .htaccess file in a directory, it will affect that directory and all directories below that one.
To create a .htaccess file:
1. Create an empty text file (named htaccess.txt) in Notepad
2. Add the contents of your .htaccess file
3. Upload the file to your package in the appropriate directory for what you want to do
4. Rename the file .htaccess
5. Note - You can also save the file directly in NotePad as ".htaccess" by putting quotes around the name during the save. But if you do that be sure your FTP program will still upload it in ASCII format.
Some of the simple "one liners" are:
1. To disallow the showing of default index pages Options -indexes
2. To turn indexes back on in a lower directory Options +indexes
3. To redirect requests to a document or directory Redirect /olddirectory http://domain.com/newdirectory/
4. Have your HTML (.htm) pages processed as PHP (.php) pages AddHandler application/x-httpd-php .php .htm
5. To use a different startup page DirectoryIndex filename.htm
6. To force all files of a certain type to download rather than open <files *.pdf>ForceType applicaton/octet-stream</files>
7. To use a custom error page ErrorDocument 404 /errorpage.htm
The error codes you can use, and what they mean, are listed below:
| Quote: : |
* 401 - Not Authorized - example is a failed htaccess/htpasswd request
* 403 - Forbidden - example is requesting a default directory index if Options -indexes
* 404 - Not Found - example is an invalid file name
* 500 - Internal Server Error - example is an invalid htaccess file |
Additional specific .htaccess functiionality can be found in many of the Tips & Scripts topics on this page.
hi admin
tớ có một ít thắc mắc mông cậu giải thích dùm tớ ngen
vui lòng cho tớ xin email or nick yahoo ngenn
Cậu có thể nói ro rõ về cách tạo cái files.haccess hok ạ..
Tớ đã tạo files với nội dung như sau ;
---------Redirect 301 /ip/ip.html http://www.xaluan.com/index.html-------------------------------------
( tớ tạo 1 folder tên là ip trong thư mục root và dẫn đến xaluan.com )
nhưng khi thực khi files .haccess vói câu lệnh trên thì nó vẫn vào thẳng files index.php trong webtớ. cậu có thể nói ro rõ về câu lệnh trên và hứơgn dẫn cách dùng nó đưọc hok ạ
