This translation is very interesting for me articles that I want to share with dear habrasoobschestvom. Some of the recipes I've seen on the Habré, but fragmented and not all from the following.
About the purpose of the file. Htaccess know every web developer. At a basic level, it allows you to control access to the site's directory. But adding a variety of additional pieces of code can be done with it and a lot of other interesting things.
If you need a basic understanding of the purpose of the file, then you can get from our article introduction. htaccess (the translation of this article did not do, because there are the basics, enough of them in Russian segment of the web, but if there is interest, we can and translate it for completeness - approx. interpreter), which discloses in detail all aspects of its application.
So, useful examples. htaccess:
1. Control access to files and directories
Password protection - is one thing, but sometimes you may need to completely block a user's access to a particular file or folder. Usually this refers to system folders, so, for example, includes, access to which should have the application, but not users.
To do this, put this code in the file. htaccess file and save it to close the access to which:
deny from all However, note that access will be blocked for all users, including you. Open access to a particular user can be assigned to its IP-address. Here is the code for this need:
order deny,allow deny from all allow from xxx.xxx.xxx.xxx
where xxx. xxx. xxx. xxx - is your IP. To specify the allowed range IP-address, you can replace the last three digits. For example, instead of writing them, "0/12", you specify the range of IP-addresses of a network, which will save you from having to enter the list of all the allowed IP-addresses individually.
If you want to block access to a particular file, including myself. htaccess, use the following code snippet:
<Files .htaccess> order allow,deny deny from all </Files>
If you want to specify a certain IP-addresses that should not be allowed access, list them using allow from.
If you want to block access to a specific file type, use this code:
<FilesMatch ".(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$"> Order Allow,Deny Deny from all </FilesMatch>
2. Ban on directory browsing
To prevent exposure of the site add to the directory. Htaccess the following code:
Options All -Indexes
If for some reason you want to allow viewing of all directories, use the code:
Options All +Indexes
3. Acceleration loading time by compressing files
You can compress the files of any type. For example, to compress HTML-file, add the code:
AddOutputFilterByType DEFLATE text/html
To compress text files, use:
AddOutputFilterByType DEFLATE text/plain
You can also compress JavaScript or enable compression for other file types commands:
AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml
In addition, you can compress all your JavaScript, HTML and CSS files using GZIP. To do this, use the following code:
<IfModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text\.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image\.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* </IfModule>
4. Secure Site by pasting images from other sites
If you want to prevent adding links to images from third-party resources, add to. Htaccess code:
RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC] RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Do not forget to replace yourdomain.com to your domain name.
5. Blocking visitors referred from a specific domain
If you do not want to see on your website users from a specific domain, you can deny them access. For example, users with unwanted resources (adult sites, hacker sites, etc.), you can redirect to a page 403 Forbidden. To do this, you must enable mod_rewrite, although, as a rule, it is enabled by default. Add the. Htaccess code:
<IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_REFERER} bannedurl1.com [NC,OR] RewriteCond %{HTTP_REFERER} bannedurl2.com [NC,OR] RewriteRule .* - [F] </ifModule>
You need to replace bannedurl1.com bannedurl2.com and domains that you want to make the black list. You can use the flag [NC], indicating that the entered domain name is not case-sensitive. Flag [F] indicates the type of action, in this case - shows Error 403 Forbidden. If you want to block some sites use flags [NC, OR] for each domain, but if you want to prohibit the use of a single domain - use flag [NC].
6. Blocking requests from specific browsers
If your log files were records of visiting specific browsers (it may be imitating the browser bots or spiders), you can deny them access to your site by adding a few lines in. htaccess:
RewriteEngine On RewriteBase / SetEnvIfNoCase Referer "^$" bad_user SetEnvIfNoCase User-Agent "^badbot1" bad_user SetEnvIfNoCase User-Agent "^badbot2" bad_user SetEnvIfNoCase User-Agent "^badbot3" bad_user Deny from env=bad_user
Replace badbot1, badbot1 etc. bot names from your journal. This prevents unauthorized programs to access your site.
7. File caching
File caching - another way to speed up your website. Here's what you need to register in. Htaccess:
<FilesMatch ".(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$"> Header set Cache-Control "max-age=2592000" </FilesMatch>
You can add more file types (or remove some of them) in perechislennyq in this example the file list. You can also specify the time to save files in the cache (in seconds) with variable max-age.
8. Disable caching for different types of files
If you do not want to cache certain file types, you can not include them in the list. However, sometimes the files can be stored in the cache even if not explicitly listed in the list, in which case you can disable caching for them individually. Most often required to disable caching for dynamic files such as scripts. Example required for this code:
<FilesMatch ".(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch>
Just specify the file types that you want to disable caching.
9. Bypass download dialog
By default, when you try to download a file from a Web server displays a dialog that asks you whether you want to save the file or open it. This dialogue is particularly annoying when downloading large media or PDF-files. If the files that you have uploaded to the server are made available for download, you can make life easier for users by setting load the default action. Add the. htaccess as follows:
AddType application/octet-stream .pdf AddType application/octet-stream .zip AddType application/octet-stream .mp3
10. Rename the file. Htaccess
If for some reason you want to rename a file. Htaccess, then you can do it. Theoretically, rename the file. Htaccess should not cause problems with applications running on your server, but if you notice the appearance of scripting errors after you rename the file, just rename it back.
AccessFileName htac.cess
In addition, you must update all records that refer to the file. Htaccess, or there will be a lot of mistakes.
11. Replacing home page Site
If you want a home that is different from the standard (index.html, index.php, index.htm, etc.), add the following code to the file. Htaccess:
DirectoryIndex mypage.html
Replace URL mypage.html on the page you want to use as the main one.
12. Redirect to a secure HTTPS connection
If you are using HTTPS and want to redirect users to a secure page on your site, add the. Htaccess file the following lines:
RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
13. The maximum total size of the download in PHP, the maximum size of the transmitted data, the maximum run-time scripts, etc.
. Htaccess allows you to set some of the values directly affect the performance of PHP applications. For example, if you want to set PHP limit on the size of uploaded files, so as not to clog hosting large files:
php_value upload_max_filesize 15M
You can set any value in the example the file size 15M (MB). In addition, you can limit the maximum size of transmitted when loading data in PHP:
php_value post_max_size 10M
You can replace the 10M to any desired value you. If you do not need a constant running scripts, you can limit the execution time with the line:
php_value max_execution_time 240
240 - run time (in seconds) after which the script is stopped, you can change it to any other. Finally, if you want to limit the analysis of initial data script, use the following code:
php_value max_input_time 180
Instead of 180, set any desired you time (in seconds).
14. Hiding file types
Sometimes you want users to not know what types of files are located on your site. One way to hide this information - to make sure that all your files are displayed as HTML or PHP files:
ForceType application/x-httpd-php ForceType application/x-httpd-php
And this is only part of what may. Htaccess, but in general it can do much more. For example, you can set up an automatic transfer your page, set the time zone of the server, remove the WWW from URL-addresses or use a fancy presentation folders, etc. But in any case, before you start experimenting with the file. Htaccess, always keep a backup copy of the original. Htaccess, so if you have problems you can quickly restore the site.
Source
UPD (thanks akuma ) PHP extension to hide the file format is given as an example and use this trick in a real project may harm
Articles
0 commentaires:
Enregistrer un commentaire