Configure .htaccessBefore we start the article on .htaccess files, read here how we were eaten up by the competition (page will open in a new window).
The Apache web server allows for great flexibility as to the configuration of your account using .htaccess files. Placed in your main web directory ...
full path: /usr/www/users/username,
...it controls your entire site. You can also place the .htaccess file in subdirectories, in which case the file will control only files under that subdirectory.
The .htaccess file can be created on the server while logged in via telnet / ssh, or created locally and uploaded in ASCII mode via FTP.
Sample .htaccess file
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
# -FrontPage-
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
AuthName yoursite.com
AuthUserFile /usr/www/users/username/_vti_pvt/service.pwd
AuthGroupFile /usr/www/users/username/_vti_pvt/service.grp
DirectoryIndex index.php index.html index.htm index.shtml
Changing the Default FileWhen a URL specifying only a directory is requested ...
eg.:
http://www.domain.com/directory/... Apache looks for file names by default (in the order they appear):
index.html
index.htm
home.html
welcome.html
The .htaccess directive "DirectoryIndex" can be used to override this behavior. In your .htaccess file, type the following line:
DirectoryIndex index.php index.html
In the above example Apache is forced to look for index.php first and look for index.html only if there is no index.php file present.
"DirectoryIndex" can be used to make any file you would like to appear as default. For instance, you could have:
DirectoryIndex firstpage.html first.html first.php
In the above example the web server would first look for firstpage.html, first.html, and first.php, returning a directory listing if none of those files were present in the directory.
Custom Error PagesApache allows you to replace the default error message pages with pages of your own design. Doing so is as simple as creating the pages and adding one directive for each type of error to your .htaccess file.
The most common error page is the "404 File Not Found" error generated when a user tries to access a non-existent URL at your site. If your domain were example.com and you created the page
http://www.example.com/errors/404.html to replace the default page, you would add the following directive to your .htaccess file:
ErrorDocument 404 /errors/404.html
This directive uses "relative addressing" (e.g. the
http://www.example.com is removed, as Apache already knows the domain name of your site).
Other common error messages you might wish to replace are the "500 Internal Server" error that results when a CGI script crashes, and the "401 Authorization Required" error that occurs when, for instance, someone tries to access a password protected directory without legitimate authentication. If you followed the same file naming conventions as the above example, your directives might look as follows:
ErrorDocument 500 /errors/500.html
ErrorDocument 401 /errors/401.html
Adding MIME TypesMultimedia files such as Macromedia's Flash may require special "MIME Types" in order to work properly. In simple terms, MIME types help the server inform the browser what type of content is being received, so it can load the appropriate plug-ins and such. While we try to keep the server's preconfigured for all popular MIME Types, Apache's "AddType" directive offers you the ability to immediately add any to your account that you might need.
For instance, the MIME type for Flash is "application/x-shockwave-flash", and the file extension Flash files use is .swf. To add this MIME type to your account, the directive in your .htaccess file would be:
AddType application/x-shockwave-flash swf
NOTE: The Flash MIME type is actually preconfigured for your use -- it is included here for example purposes only.
Preventing Directory ListingsIn certain directories, there may be no default HTML filenames (eg. index.html, index.htm, etc.). By default, anyone attempting to view that directory would see a list of the files within it. This behavior can be changed with the "IndexIgnore" directive. To prevent any of the files from being listed, create a .htaccess file in that directory with the following directive:
IndexIgnore *
The * symbol is a "wild-card" that matches all files, and so none will be displayed.
It is also possible to prevent only certain files from being listed (for example all images - .jpg, .gif). Create a .htaccess file in this directory with the following directive:
IndexIgnore *.gif *.jpg
In the above example, Apache ignores any files with .gif extensions (*.gif) and .jpg extensions (*.jpg), but still allows it to list any other file types.