HTACCESS use details (transfer)

xiaoxiao2021-04-01  214

HTACCESS can do a lot of scope, including: folder password protection, user automatically redirect, custom error page, change your file extension, block specific user IP addresses, only allow specific IP addresses, stop catalog tables, Use another file as an index file, wait ...

Introduction introduction

File name .htaccess property 644 (RW-R-R-)

HTACCESS will affect all subdires in its directory.

Note that most content is required to remain within one line, do not change, otherwise it will cause errors.

2. Error Documents error documentation

OFFICIAL Document: Errordocument Directive

ErrorDocument Code Document

example

ErrorDocument 400 /ERRORS/BadRequest.html

ErrorDocument 404 http://yoursite/errors/notfound.html

ErrorDocument 401 "Authorization Required"

More ..

Less .. (Note the contents if the double quotes appear to be escaping to / ")

Common HTTP status code

Successful Client Requests

200 OK

201 Created

202 ACCEPTED

203 Non-AuthorArative Information

204 no content

205 RESET Content

206 Partial Content

Client Request Redirected

300 Multiple Choices

301 MOVED Permanently

302 MOVED TEMPORARILY

303 See Other

304 Not Modified

305 USE PROXY

Client Request ErrorS

400 Bad Request

401 Authorization Required

402 Payment Required (Not used Yet)

403 forbidden

404 Not Found

405 Method Not ALLOWED

406 Not Acceptable (Encoding)

407 Proxy Authentication Required

408 Request Timed Out

409 Conflicting Request

410 Gone

411 Content LENGTH REQUIRED

412 Precondition Failed

413 Request Entity TOON LONG

414 Request Uri Too Long

415 Unsupported Media Type

Server Errors

500 Internal Server Error

501 Not IMplement

502 BAD GATEWAY

503 Service Unavailable

504 GATEWAY TIMEOUT

505 HTTP Version Not Supported

3. Password Protection Password Protection

OFFICIAL Document: Authentication, Authorization and Access Control

Suppose password files are .htpasswd

Authorfile /usr/local/safedir/.htpasswd (now you must use the full path name)

Authname Enterpassword

Authtype Basic

Two common verification methods:

Require User WINDIX

(Only user WINDIX login)

Require Valid-User

(All legitimate users can log in)

Tip: How to generate a password file

Use the htpasswd command (Apache comes with it) The first generation needs to create a password file

htpasswd -c .htpasswd User1

After adding new users

htpasswd .htpasswd user2

4. Enabling SSI VIA HTACCESS allows SSI (Server Side Including) function via HTACCESS

Addtype text / html .shtml

AddHndler Server-Parsed .shtml

Options Indexes Followsymlinks Includes

DirectoryIndex index.shtml index.html

5. Blocking Users BY IP Blocks User Accesss Based on IP

ORDER ALOW, DENY

Deny from 123.45.6.7

Deny from 12.34.5. (The entire C class address)

ALLOW FROM ALL

6. Blocking Users / Sites by ReferRer Block User / Site Access According to ReferRer

Need MOD_REWRITE module

Example 1. Block single ReferRer: Badsite.com

ReWriteEngine on

# Options FOLLOWSYMLINKS

Rewritecond% {http_referer} Badsite / .com [nc]

Rewriterule. * - [f]

Example 2. Block multiple ReferR: Badsite1.com, Badsite2.com

ReWriteEngine on

# Options FOLLOWSYMLINKS

ReWriteCond% {http_refere} Badsite1 / .com [nc, or]

RewriteCond% {http_referer} Badsite2 / .com

Rewriterule. * - [f]

[NC] - Case-Insensite

[F] - 403 forbidden

Note that the above code comes from "Options FollowSymlinks" statement. If the server does not set up FOLLOWSYMLINKS in the paragraph of httpd.conf, you will need to add this sentence, otherwise the "500 INTERNAL Server Error" error is obtained.

7. Blocking Bad Bots and Site Rippers (Aka Offline Browsers) Blocking bad reptiles and offline browsers

Need MOD_REWRITE module

Bad crawler? For example, some crawler of the garbage Email address and the reptile of Robots.txt (such as baidu?)

Can determine them according to http_user_agent

(But there is a more shameless "Search Zhongsou.com" stream set your own agent to "Mozilla / 4.0 (Compatible; Msie 5.5; Windows NT 5.0)" too much, it is powerful)

ReWriteEngine on

ReWritecond% {http_user_agent} ^ blackwidow [or]

Rewritecond% {http_user_agent} ^ bot / mailto: craftbot@yahoo.com [or]

Rewritecond% {http_user_agent} ^ chinaclaw [or]

REWRITECOND% {http_user_agent} ^ Custo [or]

REWRITECOND% {http_user_agent} ^ Disco [or]

REWRITECOND% {http_user_agent} ^ Download / DEMON [OR]

Rewritecond% {http_user_agent} ^ ECATCH [OR]

REWRITECOND% {http_user_agent} ^ EirGrabber [or] REWRITECOND% {http_user_agent} ^ emailsiPhon [or]

Rewritecond% {http_user_agent} ^ emailwolf [or]

Rewritecond% {http_user_agent} ^ express / webpictures [or]

REWRITECOND% {http_user_agent} ^ extractorpro [or]

ReWritecond% {http_user_agent} ^ eyenetie [or]

REWRITECOND% {http_user_agent} ^ Flashget [or]

ReWritecond% {http_user_agent} ^ getright [or]

Rewritecond% {http_user_agent} ^ getWeb! [Or]

REWRITECOND% {http_user_agent} ^ Go! Zilla [or]

REWRITECOND% {http_user_agent} ^ go-ahead-got-it [or]

REWRITECOND% {http_user_agent} ^ grabnet [or]

REWRITECOND% {http_user_agent} ^ grafula [or]

REWRITECOND% {http_user_agent} ^ hmview [or]

REWRITECOND% {http_user_agent} httrack [nc, or]

REWRITECOND% {http_user_agent} ^ Image / Stripper [or]

Rewritecond% {http_user_agent} ^ Image / Sucker [OR]

Rewritecond% {http_user_agent} inde / library [nc, or]

Rewritecond% {http_user_agent} ^ intergt [or]

REWRITECOND% {http_user_agent} ^ Internet / ninja [or]

Rewritecond% {http_user_agent} ^ jetcar [or]

ReWritecond% {http_user_agent} ^ joc / web / spider [or]

Rewritecond% {http_user_agent} ^ larbin [or]

REWRITECOND% {http_user_agent} ^ leechftp [or]

ReWritecond% {http_user_agent} ^ mass / downloader [or]

REWRITECOND% {http_user_agent} ^ Midown / Tool [OR]

Rewritecond% {http_user_agent} ^ mister / pix [or]

Rewritecond% {http_user_agent} ^ navroad [or]

REWRITECOND% {http_user_agent} ^ nearsite [or]

REWRITECOND% {http_user_agent} ^ Netants [or]

Rewritecond% {http_user_agent} ^ NetSpider [or]

REWRITECOND% {http_user_agent} ^ Net / Vampire [or]

REWRITECOND% {http_user_agent} ^ Netzip [or]

REWRITECOND% {http_user_agent} ^ octopus [or]

ReWritecond% {http_user_agent} ^ offline / expedition [or]

REWRITECOND% {http_user_agent} ^ offline / navigator [or] REWRITECOND% {http_user_agent} ^ pagegrabber [or]

Rewritecond% {http_user_agent} ^ PAPA / FOTO [OR]

REWRITECOND% {http_user_agent} ^ pavuk [or]

Rewritecond% {http_user_agent} ^ pcbrowser [or]

Rewritecond% {http_user_agent} ^ realdownload [or]

Rewritecond% {http_user_agent} ^ reget [or]

Rewritecond% {http_user_agent} ^ sitesnagger [or]

ReWriteCond% {http_user_agent} ^ smartdownload [or]

ReWritecond% {http_user_agent} ^ superbot [or]

REWRITECOND% {http_user_agent} ^ superHttp [or]

REWRITECOND% {http_user_agent} ^ Surfbot [OR]

Rewritecond% {http_user_agent} ^ Takeout [or]

ReWritecond% {http_user_agent} ^ Teleport / Pro [OR]

Rewritecond% {http_user_agent} ^ voideye [or]

REWRITECOND% {http_user_agent} ^ Web / Image / Collector [or]

REWRITECOND% {http_user_agent} ^ Web / Sucker [OR]

REWRITECOND% {http_user_agent} ^ Webauto [or]

ReWritecond% {http_user_agent} ^ Webcopier [or]

REWRITECOND% {http_user_agent} ^ WebFetch [or]

REWRITECOND% {http_user_agent} ^ WebGO / IS [OR]

REWRITECOND% {http_user_agent} ^ Webleacher [or]

Rewritecond% {http_user_agent} ^ WebReaper [or]

Rewritecond% {http_user_agent} ^ WebSauger [or]

REWRITECOND% {http_user_agent} ^ Website / Extractor [or]

REWRITECOND% {http_user_agent} ^ Website / Quester [OR]

REWRITECOND% {http_user_agent} ^ Webstripper [or]

ReWritecond% {http_user_agent} ^ Webwhacker [or]

REWRITECOND% {http_user_agent} ^ WebZip [or]

Rewritecond% {http_user_agent} ^ wget [or]

ReWritecond% {http_user_agent} ^ widow [or]

ReWritecond% {http_user_agent} ^ wwwoffle [or]

Rewritecond% {http_user_agent} ^ XALDON / WebSpider [or]

ReWritecond% {http_user_agent} ^ Zeus

Rewriterule ^. * - [f, l]

[F] - 403 forbidden

[L] -?

8. Change your default Directory Page Change the Default Directory page DirectoryIndex index.html index.php index.cgi index.pl

9. Redirects steering

Single file

Redirect /old_dir/old_file.html http://yoursite.com/new_dir/new_file.html

Whole directory

Redirect / Old_Dir http://yoursite.com/new_dir

Effect: like moving the directory position

http://yoursite.com/old_dir -> http://yoursite.com/new_dir

http://yoursite.com/old_dir/dir1/test.html -> http://yoursite.com/new_dir/dir1/test.html

TIP: Solution to Redirect cannot be turned to using user directory

When you use the Apache default user directory, such as http://mysite.com/~windix, when you want to turn to http://mysite.com/~windix/jump, you will find that the following redirect does not work:

Redirect / jump http://www.google.com

The correct way is to change

Redirect / ~ WINDIX / JUMP http://www.google.com

(Source: .htaccess redirect in "sites" not redirecting: why?

)

10. prevent viewing of .htaccess file prevention. Htaccess file is viewed

ORDER ALOW, DENY

Deny from all

11. Add Mime Types Add MIME Type

AddType Application / X-ShockWave-Flash SWF

Tips: Settings Types for Application / OcTet-Stream will be prompted

12. Preventing Hot Linking of Images and Other File Types Anti-theft Chain

Need MOD_REWRITE module

ReWriteEngine on

Rewritecond% {http_referer}! ^ $

Rewritecond% {http_referer}! ^ Http: // (www //.)? Mydomain.com /.* $ [nc]

ReWriterule /.(gif|jpg|js|css) $ - [f]

Analysis:

If http_referer is non-empty (source is other site, non-direct connection) and

If http_refere is not (www.) Mydomain.com starts (ignore the case [NC]) (source non-this station)

For all files ending with .gif / .jpg / .js / .css # 403 forbidden error [F]

You can also specify a response, as shown in the following example

Rewriterule /. (GIF|JPG) $

[R, l]

[R] - Steering (Redirect)

[L] - Connection (LINK)

13. Preventing Directory Listing Prevents the list of lists

Indexignore *

Indexignore * .jpg * .gif

TIPS:

Allow directory list display: Options indexes

Disable directory list display: Options -indexes

Display prompt information: Table file Header, page Tail file Readme

转载请注明原文地址:https://www.9cbs.com/read-131159.html

New Post(0)