Lirae.co.uk

 

.htaccess

Introduction

A .htaccess file (.htaccess is both the name and extension of the file) is a file that basically tells the server what to do in certain circumstances.
This file is not viewable from a browser; go ahead and try and load up my .htaccess; you'll be sent to a "you're forbidden" page before you get redirected to the blog.

When you create a .htaccess file on your Windows computer, you do so in Notepad. When you go to save it, you need to type ".htaccess" (with the quotation marks) as the file name and just click save. (Sorry - I have no experience with creating .htaccess files on Linux or Mac Operating Systems)
You should be able to see the .htaccess file in the folder where you just saved it but if you can't, go to Tools » Folder Options » View (tab) » make sure "Show hidden files and folders" is checked, then click "OK".

.htaccess files are most commonly used to prevent people from direct linking images, banning IP addresses and creating custom error pages. You can also use .htaccess to change the way your URLs look. :)

.htaccess is bloody powerful; you can break your site if you mess up with your .htaccess file, so if you ever change anything in this file, make sure you work only on a copy of the original file and work in a test directory.

Contents

• Custom Directory Indexes
• Stop Directory Listing
• Custom Error Pages
• IP Banning
• Allowing Only Your Computer In
• Stop Direct Linking
• Redirecting
• URL Rewriting - Intro
• URL Rewriting - Dynamic Pages
• URL Rewriting - Static Pages
• URL Rewriting - File Extensions
• Removing "WWW."
• Forcing One Domain Over Another
• Summary

Custom Directory Indexes

The default indexes for directories is index.html / index.htm / index.php / etc. You can change this, using .htaccess, to anythingyouwant.html / anythingyouwant.htm / anythingyouwant.php / etc:
DirectoryIndex anythingyouwant.htm
So when you go to "somefolder/" it'll look for "anythingyouwant.htm" rather than "index.htm".

• Back to the introduction
• Back to the contents list

Stop Directory Listing

If you have a folder called "somefolder" and you don't have an index page, then the server will show you a list of files within that directory.
If you want to turn this off, just add this to your .htaccess:
IndexIgnore *
This tells the server that, in the event of someone accessing a folder with no index file, hide everything.
You could also set it to hide all .gif files:
IndexIgnore *.gif
Or all *.php files:
IndexIgnore *.php
Or all *.php and *.gif files {but show everything else}:
IndexIgnore *.php *.gif

• Back to the introduction
• Back to the contents list

Custom Error Pages

The default "not found" error on most servers is "404.shtml". Maybe you don't use SSI on your site, maybe you use PHP instead. You don't want your error pages to be too different from the rest of your site, do you? Of course you don't; it confuses visitors.
ErrorDocument 404 http://lirae.co.uk/404.php
Ooh, code! What does this do?!
Well, this tells the server I'm on that, in the event of a "not found" / 404 error, go to "lirae.co.uk/404.php".
Maybe I want things organised (ha!); all the error pages in an error folder.
I'll make the folder called "error/" through my FTP and move all of my error pages there.
I go back to my .htaccess file and change the location of the error pages:
ErrorDocument 404 http://lirae.co.uk/error/404.php
So now, when there's a "not found" error, you'll be taken to "lirae.co.uk/error/404.php" instead of "lirae.co.uk/404.php".

"Not found" errors are, of course, not the only errors you'll get on your site. You'll have 500 errors (internal server error), 403 errors (forbidden - you'll get this if you try to view someone's .htaccess file), etc.

If you'd like to have custom error pages for all of the errors, just modify the following to suit your site:
ErrorDocument 400 http://lirae.co.uk/error/400.php
ErrorDocument 401 http://lirae.co.uk/error/401.php
ErrorDocument 403 http://lirae.co.uk/error/403.php
ErrorDocument 404 http://lirae.co.uk/error/404.php
ErrorDocument 500 http://lirae.co.uk/error/500.php

• Back to the introduction
• Back to the contents list

IP Banning

As long as you have that annoying visitor's IP address, you can ban them, as long as they don't have an IP address that changes every time they connect to the internet.
order allow,deny
deny from 11.11.11.111
deny from 22.22.22.222
allow from all
The above snippet tells the server to, first, let everyone access the site and then deny access to people with the IP address that matches the ones listed.

That's all well and good but what if the last part of someone's IP address changes periodically? You can't add all of the possible IP addresses that user might have...

We can deny access to anyone who has an IP address that contains "11.11.11."; meaning the person who's IP address is "11.11.11.112" will be banned along with "11.11.11.111".

You do that like this:
order allow,deny
deny from 11.11.11.
deny from 22.22.22.222
allow from all

Please be aware that there's no way you could IP ban someone for good; there's always ways around this.

• Back to the introduction
• Back to the contents list

Allowing Only Your Computer In

You can lock a directory to only allow a computer which has the same IP address as you, into a folder.
(Seriously; do not use this for anything sensitive!)

order deny,allow
allow from 11.11.11.111
deny from all
This tells the server to deny everyone access but let the person through if their IP address is "11.11.11.111".

• Back to the introduction
• Back to the contents list

Stop Direct Linking

The biggest and most annoying problem a site owner will have is to do with other people direct linking from their site. If that person pays for their bandwidth, they could end up getting charged a lot of money because of other people's ignorance or their site will be taken offline by their host for the rest of the month.

Before you enter any of the following codes into your .htaccess file, you need to add this to the top, if it's not already in there:
RewriteEngine on

To stop people from direct linking images from your site, just add this:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?lirae.co.uk/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?lirae.co.uk.*$ [NC]
RewriteRule \.(gif|jpg|png)$ - [F]
This tells your server that if the referrer for the *.gif, *.jpg or *.png image is not your domain, then *break* the image by sending a forbidden error.

You can also use your direct linkers to your advantage (or be really evil... ) and get the server to switch the image to a really big banner with your site's name on it:
RewriteCond %{HTTP_REFERER} !^http://(www\.)?lirae.co.uk/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?lirae.co.uk.*$ [NC]
RewriteRule \.(gif|jpg|png)$ http://lirae.co.uk/myreallybigbanner.gif [R,L]
You would use this code instead of the one above.

• Back to the introduction
• Back to the contents list

Redirecting

Redirect /listed.php http://lirae.co.uk/test.lirocks
"Redirect" tells the server that, when "lirae.co.uk/listed.php" is accessed in the root directory, to redirect the user to "lirae.co.uk/test.lirocks".
For this to work, the first page can't be an actual URL (so no "lirae.co.uk/listed.php" ) and the second page needs to be an actual URL (so no "/test.lirocks" ).

The first slash "/" tells the server to start in the root directory and work up. If I wanted to stop people from viewing my birthday gifts from 2006, the first page would be "/wp/lirae/birthday2006/". This would tell the server that the page in the root directory » "lirae" directory » "birthday2006" directory is the page to redirect visitors away from.

• Back to the introduction
• Back to the contents list

URL / URI Rewriting

Oh, this can be so much fun!
You've probably heard of Wordpress^{^}' "permalinks"?
Normally, when you write an entry in Wordpress^{^}, the URL usually looks a bit like "http://yoursite.com/?p=7".
With "permalinks", the URL can be "http://yoursite.com/title-of-post-here/". This is not only better for search engines (some find it difficult to index pages with question marks in the URL) but it's also a lot easier for humans to read and remember.
Wordpress^{^} allows you to be able to create / modify "permalinks" in the admin panel (Options » Permalinks) but if you're trying to make your own CMS, you'll have to do this with .htaccess (which is so terribly easy!).

Before you start, you need to add this to the .htaccess file:
Options +FollowSymlinks
RewriteEngine on
"Options +FollowSymlinks" needs to be written; it's a security requirement for the rewrite engine and none of the rules are likely to work without it. It only needs to be added once per .htaccess file.
"RewriteEngine on" this switches on the rewrite engine for the folder and any folders under it. Again, this only needs to be added once per .htaccess file.
All of the codes in the three sections below, will go under "RewriteEngine on".

• Back to the introduction
• Back to the contents list

URL / URI Rewriting - Dynamic Pages

Let's say that the URL that gets created is always something like "pagename.php?category=catid&post=postid&page=pagenumber", you'd want it to be more readable than that, surely?
RewriteRule pagename/(.*)/(.*)/(.*)/$ pagename.php?category=$1&post=$2&page=$3
RewriteRule pagename/(.*)/(.*)/$ pagename.php?category=$1&post=$2
RewriteRule pagename/(.*)/$ pagename.php?category=$1
RewriteRule pagename/$ pagename.php
These rules tell the rewrite engine to treat:

• "pagename.php" as a folder
• "pagename.php?category=catid" as two folders: pagename/catid/
• "pagename.php?category=catid&post=postid" as three folders: pagename/catid/postid/
• and "pagename.php?category=catid&post=postid&page=pagenumber" as four folders: pagename/catid/postid/pagenumber/

You'll also notice that there's a trailing slash with a dollar sign next to it ( "/$" ) at the end of each rewrite rule. This tells the server that there must be a trailing slash in the URL for the page to work.
You can change this so the pages will work with or without a trailing slash:
RewriteRule ^pagename/(.*)/(.*)/(.*)(/?)$ pagename.php?category=$1&post=$2&page=$3
RewriteRule ^pagename/(.*)/(.*)(/?)$ pagename.php?category=$1&post=$2
RewriteRule ^pagename/(.*)(/?)$ pagename.php?category=$1
RewriteRule ^pagename(/?)$ pagename.php
You'll notice that, instead of "/$" (meaning "must end with a trailing slash" ), there's "/?$", which means "might end with a trailing slash".

(.*) means "anything", basically. "Anything" can be letters, numbers, hyphens, underscores, etc. You could also do this with regular expressions (for letters, you'd have " ([a-zA-Z]) ", for numbers, you'd have " ([0-9]) ", for letters and numbers, you'd have " ([a-zA-Z0-9]) " ).
The "$" at the end of the rule? This means "end of". If there's a "^" at the beginning of a rule, that means "start of".
"$[number]" will match each (.*), in order. The first " (.*) " will match to "$1", the second " (.*) " will match to "$2" and so on.

• Back to the introduction
• Back to the contents list

URL / URI Rewriting - Static Pages

You can rewrite URLs for regular, static pages too.
For example, I have lirae.co.uk/test.php. Now, you can access "test.php" by either going to "lirae.co.uk/test.php" or you can go to "lirae.co.uk/test/"; the same page will be shown but one looks like a folder in the address bar.
This is the code I'm using:
RewriteRule ^test/?$ test.php
This tells the rewrite engine to treat "test.php" as a folder; "test" or "test/".

• Back to the introduction
• Back to the contents list

URL / URI Rewriting - File Extensions

Faking folders is fun enough but let's fake file extensions!
My "lirae.co.uk/test.php" page can be accessed by going to "lirae.co.uk/test/" but it can also be accessed by going to "lirae.co.uk/test.lirocks"...now tell me that that is not cool!

So how do I do it?
RewriteRule ^(.*).lirocks$ $1.php
Remember:

• "$1" matches with "(.*)"
• "(.*)" basically means "anything"
• "^" at the start of a rewrite rule means "must start with " {in this case, it must start with anything}

This means that all of my pages with a .php extension can also be accessed by going to [pagename].lirocks.
You can change this to anything, such as:
RewriteRule ^(.*).iloveliraessite$ $1.php
or
RewriteRule ^(.*).liscool$ $1.php
and other good stuff like that. ;)

• Back to the introduction
• Back to the contents list

Removing "WWW."

First, you need to add "Options +FollowSymlinks" to your .htaccess file, if you haven't already. This is a security requirement for the rewrite engine to allow the rules to work.
You'll also need to add "RewriteEngine on", if you haven't already. This turns on the rewrite engine.

Having "WWW." before your domain name is a matter of preference. Although the "WWW." is deprecated and is no longer necessary, some people still like it, while others don't like it quite so much. You can read more about "WWW." being deprecated at the no-www.org site!^{^}

With this code, "www.lirae.co.uk/test.php" would redirect to "lirae.co.uk/test.php" and "www.lirae.co.uk/wp" would redirect to "lirae.co.uk/wp/". Yay; no "WWW."!

Here's the code:
RewriteCond %{HTTP_HOST} ^www\.lirae.co.uk$ [NC]
RewriteRule .* http://lirae.co.uk%{REQUEST_URI} [R]
That code basically tells the server that if the URL has "www." in it, redirect the user to the same page but minus the "www.". It also tells the server that the URL is not case sensitive; so WWW.LIRAE.CO.UK is the same as www.lirae.co.uk.

• Back to the introduction
• Back to the contents list

Forcing One Domain Over Another

I have two domains that go to this site; lirae.net and lirae.co.uk. When I decided to change everything to the .co.uk extension, it created some problems for me; I'd linked to pages within my site using the .net extension. This isn't too bad but my site is themed; the visitor chooses what they want my site to look like when they visit. Switching between two domains would switch the layout the visitor is using, which isn't a good thing.
So what could I do? I had a few choices;

• confuse the visitors who had changed the theme they want to use
• go through all of my pages (have you seen how big this site is?!) and change "lirae.net" to "lirae.co.uk"
• find a way to force only one domain

I chose to "force" the .co.uk over the .net. Any page you go to on my site, even if you replace the .co.uk with the .net, you'll only see the .co.uk.

First off, you need to tell the server to allow this to happen and turn on the rewrite engine, if you haven't done so already.
Options +FollowSymlinks
RewriteEngine on

Then you'll need to add this code:
RewriteCond %{HTTP_HOST} ^lirae.net$ [NC]
RewriteRule .* http://lirae.co.uk%{REQUEST_URI} [R]
This tells the server that if the URL has "lirae.net" in it, redirect the visitor to the same page but with a .co.uk extension.

I could also do this with two different domains. Let's say I want to force "lirae.co.uk" over "yummyrae.net"; so when you go to "yummyrae.net/wp", you'll see "lirae.co.uk/wp" instead:
RewriteCond %{HTTP_HOST} ^yummyrae.net$ [NC]
RewriteRule .* http://lirae.co.uk%{REQUEST_URI} [R]
This does exactly the same thing as the code before, except it switches "yummyrae.net" with "lirae.co.uk".
This is a much better idea than parking an old domain, if you're trying to get users to use the new one. ;)

• Back to the introduction
• Back to the contents list

Summary

This "introduction" is unbelievably brief when you think of how much you can do with a .htaccess file; this document doesn't even scratch the tip of the iceberg.
Htaccess isn't something you can learn in a weekend...I personally doubt you could learn everything .htaccess can do in a week.
If you're interested in learning .htaccess, I strongly suggest you go along to Apache's page on .htaccess^{^}.

It doesn't seem like it's difficult to learn but there is a lot to know and I've only recently become interested in it myself. :)

As far as I am aware, everything written on this page is correct. If I have made an error, please do let me know.

   

Owner

(About Carlee)Hey there! I'm known as Lirae (but my real name is Carlee) and this is my little home on the web. I'm twenty two years old and live in Plymouth, in the United Kingdom.

Content

• Home
• About Lirae
• Stuff For You
• About The Site

For You

• Downloads
• Dressup Games
• Jigsaws
• Memory Games

Entries

• Ruined
• Sick again
• Mirrors
• I haz returned!
• Shopping
• View archives?
• Subscribe to the feed?

Change The Skin

• A Better Place 1 Col
• A Better Place 2 Col
• Summer's Coming
• No Name
• Pink & Orange
• Wistful

Twitter (My Account^{^})

• I did my bit and bought JEFF BUCKLEY'S version of Hallelujah. Now you can do your bit!
  09:22pm December 20th 2008
• CANNOT believe that Scott got kicked out in favour of Daniel on X Factor. DANIEL AIN'T GOING TO WIN!
  10:00pm October 25th 2008
• I used to be able to be online ALL DAY. Now, I can barely manage an hour before I get bored.
  12:27pm October 19th 2008
• ...is about to bugger off and do some knitting. I WILL finish that damn scarf!
  06:13pm October 6th 2008

Last.fm (My Account^{^})

• Linkin Park - Faint 11:30pm December 20th 2008
• Linkin Park - Faint 11:30pm December 20th 2008
• Linkin Park - Faint 11:30pm December 20th 2008
• Linkin Park - Faint 11:30pm December 20th 2008
• Linkin Park - Faint 11:30pm December 20th 2008

Flickr (My Account^{^})

Blogroll

• Amanda ^{^}
• Becca ^{^}
• Claire ^{^}
• Jem ^{^}
• Kim ^{^}
• Rhiannon ^{^}
• Rose ^{^}
• Maz ^{^}

Misc Links

• Debra ^{^}
• Debs ^{^}
• Tab ^{^}
• Tinsa ^{^}