|
The Apache ".htaccess" file allows you to tweak or override certain
configuration options used by the web server. Some common uses for this
include:
- Custom error pages
- Deny users by IP
- Change the default index pages
- Redirects
- Prevent hot-linking of your images
- Prevent directory listings
The .htaccess file itself is a plain text file, and can be created
and uploaded via FTP (see 5.1), Note that the file must be named ".htaccess".
Some Windows text editors will not let you save a file with this name,
so you may have to save the file as something else and then rename it
before uploading.
.htaccess files affect the directory they are placed in and all
sub-directories. You can prevent and alter this behaviour by placing
further .htaccess files inside selected sub-directories. For example,
if you place a top-level .htaccess file that sets password protection,
every directory below that will be protected. If you then place a
.htaccess file without these password protection commands inside a
sub-directory, this directory and all its children will not be protected.
Apache will look back up the directory tree and use the nearest
.htaccess file that it finds. It will not combine rules from multiple files.
Custom Error Pages
In order to specify your own custom error documents, you need to add the
following command, on one line, within your htaccess file:
ErrorDocument 404 /directory/filename.html
Replace "/directory/filename.html" in the above line with the path to the HTML
file you want to be displayed whenever the server returns code 404
(the “file not found” error).
Other common error codes include:
401 - Authorization Required
403 - Forbidden
500 – Internal Server ErrorDocument
If you want to use an error document handler for each of the error codes above, the
.htaccess file would look like the following
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.html
Change the default index page
The default index page is the file that the user will be redirected to if they only
enter a directory into their browser address bar. This is usually index.html. For
example, if a visitor typed “http://www.yourdomain.com/” into their browser, they
would be sent to “http://www.yourdomain.com/index.html” by default.
You can override this in your .htaccess file:
DirectoryIndex newindex.html
Placing this command in your root .htaccess will tell Apache to redirect all
requests that don't include a filename to "newindex.html" instead of the default
"index.html".
You can even give Apache a list of files to use:
DirectoryIndex index.php index.pl index.html
Now, when a user types "http://www.yourdomain.com/", Apache will first look
for "index.php" and redirect to that file if it exists. If it doesn't it will
try the next file, and so on, from left to right.
PHP Options
Several options for altering the behaviour of PHP are available via .htaccess: most
of which are already defined on an account-wide basis via the 'php.ini' file, which
is normally located at:
/etc/php.ini
However, if PHP is running as an Apache module, you can tweak the PHP setup for an
individual site or even single directory, rather than everything on your account, using
some of the following directives in a .htaccess file.
Include Paths
If a script you are running requires libraries which are either not accessible from
the web, or are included from many different scripts in different locations, it
may be best to include the libraries folder in your PHP include path.
php_value include_path ".:/home/virtual/yourdomain.com/var/www/html/libs"
Register Globals
The register_globals option sets whether the contents of the global array variables
such as $_GET, $_POST, $_FILE etc are available as variables. For example:
<?php
echo $getvar;
?>
if this script is called as script.php?getvar=hello, then the output of the script
will be:
hello
only if register globals is on. If register_globals is off, then to use the value
passed to the script on the query string, the script should be amended thus:
<?php
echo $_GET['getvar'];
?>
To turn register_globals off (advised):
php_value register_globals 0
More information can be found at
http://www.php.net/manual/en/configuration.php
and a detailed list of directives can found found here:
http://uk2.php.net/manual/en/ini.php
MIME Types
You can specify additional MIME Types in .htaccess, too. The user's browser will
be setup to handle different file types with different helper applications (for
example, a Windows user may have '.txt' files with the MIME Type 'text/plain' to
automatically open in Notepad).
You can change the MIME type the server sends to the browser using .htaccess
directives. The following example sets '.ogg' audio files to be of type
'application/x-download', which should force the browser to ask the user to
download the file, instead of attempting to open it.
AddType application/x-download .ogg
You can check what MIME Types you have setup on your account by checking
the file /etc/mime.types
You can find a reasonably recent list of MIME Types
here.
Redirects
If you've moved parts of your site around and want users to be redirected
to the new location when they type in the old one, you can use the following command:
Redirect /olddirectory/ http://yoursite.com/newdirectory/
Note that there are three parts to this command: "Redirect", then the path of the
old directory or file (which may or may not still exist on the server), and then the
full URL to redirect to.
|
