Magento Expert Forum - Improve your Magento experience

Results 1 to 5 of 5

30 Popular .htaccess code snippets

  1. #1
    Administrator david's Avatar
    Join Date
    Nov 2012
    Posts
    261
    Thanks
    22
    Thanked 42 Times in 34 Posts

    Cool 30 Popular .htaccess code snippets




    “A .htaccess (hypertext access) file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration„. (FromWikipedia) The .htaccess method will only effect the folder in which the .htaccess file resides, and all the folders inside. The .htaccess file is very useful and allows you to do a lot of things… Here’s my list of the most popular htaccess code snippets that can be added to your .htaccess file. I hope you find them as useful as I do.


    .Htaccess Code Snippets, Examples, Tips And Tricks


    01. Protect WordPress Blog From Script Injections




    Options +FollowSymLinks


    RewriteEngine On


    RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]


    RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]


    RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})


    RewriteRule ^(.*)$ index.php [F,L]


    Source: http://wptidbits.com/tutorials/21-mo...for-wordpress/


    02. Prevent Hotlinking


    RewriteEngine On
    #Replace ?mysite\.com/ with your blog url
    RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
    RewriteCond %{HTTP_REFERER} !^$
    #Replace /images/nohotlink.jpg with your "don't hotlink" image url
    RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L]



    03. Configure Your Website For HTML5 Videos


    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} !=/favicon.ico
    AddType video/ogg .ogv
    AddType video/ogg .ogg
    AddType video/mp4 .mp4
    AddType video/webm .webm
    AddType application/x-shockwave-flash swf
    Source: http://snipplr.com/view.php?codeview&id=53437


    04. Use Browser Caching To Improve Blog Speed



    ExpiresActive On
    ExpiresByType image/jpg "access 1 year"
    ExpiresByType image/jpeg "access 1 year"
    ExpiresByType image/gif "access 1 year"
    ExpiresByType image/png "access 1 year"
    ExpiresByType text/css "access 1 month"
    ExpiresByType application/pdf "access 1 month"
    ExpiresByType text/x-javascript "access 1 month"
    ExpiresByType application/x-shockwave-flash "access 1 month"
    ExpiresByType image/x-icon "access 1 year"
    ExpiresDefault "access 2 days"



    Source: http://www.onextrapixel.com/2011/11/...for-wordpress/


    05. Blacklist Undesired Users And Bots Ip Address



    order allow,deny
    allow from all
    deny from 123.456.789
    deny from 93.121.788
    deny from 223.956.789
    deny from 128.456.780



    Source: http://www.smashingmagazine.com/2010...curity-tweaks/


    06. Redirect Hotlinkers


    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?domain.tld/.*$ [NC]
    RewriteRule ^.*\.(bmp|tif|gif|jpg|jpeg|jpe|png)$ http://google.com [R]


    Source: http://www.askapache.com/htaccess/ul...le-sample.html

    07. Force Trailing Slash



    RewriteCond %{REQUEST_URI} /+[^\.]+$
    RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]



    Source: http://perishablepress.com/code-snippets/


    08. Remove File Extensions From Urls


    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME}\.html -f
    RewriteRule ^(.*)$ $1.html
    # Replace html with your file extension, eg: php, htm, asp
    Source: http://eisabainyo.net/weblog/2007/08...n-via-htaccess


    09. If You Want To Cover Both Http And Https


    Options +FollowSymlinks
    RewriteEngine On
    RewriteCond %{HTTP_HOST}//s%{HTTPS} ^www.(.*)//((s)on|s.*)$ [NC]
    RewriteRule ^ http%3://%1%{REQUEST_URI} [L,R=301]


    Source: http://www.askapache.com/htaccess/co...-examples.html


    10. Create Custom Error Pages


    ErrorDocument 400 /errors/badrequest.html
    ErrorDocument 401 /errors/authreqd.html
    ErrorDocument 403 /errors/forbid.html
    ErrorDocument 404 /errors/notfound.html
    ErrorDocument 500 /errors/serverr.html
    Source: http://css-tricks.com/snippets/htacc...m-error-pages/


    11. Log PHP Errors


    # display no errs to user
    php_flag display_startup_errors off
    php_flag display_errors off
    php_flag html_errors off
    # log to file
    php_flag log_errors on
    php_value error_log /location/to/php_error.log


    Source: http://css-tricks.com/snippets/htacc...error-logging/

    12. Redirect WordPress Feeds To FeedBurner


    # temp redirect wordpress content feeds to feedburner

    RewriteEngine on
    RewriteCond %{HTTP_USER_AGENT} !FeedBurner [NC]
    RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
    RewriteRule ^feed/?([_0-9a-z-]+)?/?$ http://feeds.feedburner.com/webanddesigners [R=302,NC,L]

    Source: http://perishablepress.com/press/200...taccess-redux/


    13. Force Download Of Specific Files



    ForceType application/octet-stream
    Header set Content-Disposition attachment


    ForceType application/octet-stream
    Header set Content-Disposition attachment



    Source: http://www.givegoodweb.com/post/30/f...e-and-htaccess


    14. Require Password For 1 File



    AuthName "Prompt"
    AuthType Basic
    AuthUserFile /home/askapache.com/.htpasswd
    Require valid-user



    15. Protect Multiple Files



    AuthName "Development"
    AuthUserFile /.htpasswd
    AuthType basic
    Require valid-user



    Source: http://www.angelmonticelli.com.ar/20...code-snippets/


    16. Compress Text Files




    SetOutputFilter DEFLATE




    17. Expire Headers



    ExpiresActive On
    ExpiresDefault "access plus 1 seconds"
    ExpiresByType image/x-icon "access plus 2592000 seconds"
    ExpiresByType image/jpeg "access plus 2592000 seconds"
    ExpiresByType image/png "access plus 2592000 seconds"
    ExpiresByType image/gif "access plus 2592000 seconds"
    ExpiresByType application/x-shockwave-flash "access plus 2592000 seconds"
    ExpiresByType text/css "access plus 604800 seconds"
    ExpiresByType text/javascript "access plus 216000 seconds"
    ExpiresByType application/javascript "access plus 216000 seconds"
    ExpiresByType application/x-javascript "access plus 216000 seconds"
    ExpiresByType text/html "access plus 600 seconds"
    ExpiresByType application/xhtml+xml "access plus 600 seconds"



    18. Cache-Control Headers




    Header set Cache-Control "max-age=2592000, public"


    Header set Cache-Control "max-age=604800, public"


    Header set Cache-Control "max-age=216000, private"


    Header set Cache-Control "max-age=600, private, must-revalidate"




    19. Turn ETags Off



    Header unset ETag

    FileETag None

    20. Remove Last-Modified Header



    Header unset Last-Modified



    Source: http://www.samaxes.com/2009/01/more-...with-htaccess/


    21. Banning A WordPress Spammer With .Htaccess



    order allow,deny
    deny from 200.49.176.139
    allow from all



    Source: The easiest way to ban a WordPress spammer


    22. How To: Deny Comment Posting To No Referrer Requests


    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]


    23. Redirect Www To Non Www Or Vice Versa


    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^www.yourblogname.com [NC]
    RewriteRule ^(.*)$ http://yourblogname.com/$1 [L,R=301]
    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^yourblogname.com [NC]
    RewriteRule ^(.*)$ http://www.yourblogname.com/$1 [L,R=301]


    Source: http://www.webanddesigners.com/20-ht...-from-hacking/


    24. Block Referring Domains


    #block referring domains
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} digg\.com [NC]
    RewriteRule .* – [F]


    25. Redirect Visitors To A Maintenance Page


    RewriteEngine on
    RewriteCond %{REQUEST_URI} !/maintenance.html$
    RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
    RewriteRule $ /maintenance.html [R=302,L]


    Source: Comment faire une page d’accueil pour les internautes


    26. Allow Only Your IP Adress On The Wp-Admin Directory


    AuthUserFile /dev/null
    AuthGroupFile /dev/null
    AuthName "Example Access Control"
    AuthType Basic

    order allow, deny
    deny from all
    allow from xx.xx.xx.xx



    Source: Protecting the WordPress wp-admin folder


    27. Password-Protect Single File



    AuthType Basic
    AuthName "Prompt"
    AuthUserFile /home/path/.htpasswd
    Require valid-user



    28. Password-Protect Multiple Files



    AuthType basic
    AuthName "Development"
    AuthUserFile /home/path/.htpasswd
    Require valid-user



    29. Redirect Any Request For Anything From Spamsite To Differentspamsite


    RewriteCond %{HTTP_REFERER} ^http://.*spamsite.*$ [NC]
    RewriteRule .* http://www.differentspamsite.com [R]
    Redirect All Requests From Spamsite To An Image Of Something At Differentspamsite


    RewriteCond %{HTTP_REFERER} ^http://.*spamsite.*$ [NC]
    RewriteRule .* http://www.differentspamsite/something.jpg [R]
    Redirect Traffic From A Certain Address Or Range Of Addresses To Another Site


    RewriteCond %{REMOTE_ADDR} 192.168.10.*
    RewriteRule .* http://www.differentspamsite.com/index.html [R]


    Source: http://perishablepress.com/press/200...access-tricks/


    30. Speed Up Your Site With .Htaccess Caching


    # 1 YEAR

    Header set Cache-Control "max-age=29030400, public"

    # 1 WEEK

    Header set Cache-Control "max-age=604800, public"

    # 2 DAYS

    Header set Cache-Control "max-age=172800, proxy-revalidate"

    # 1 MIN

    Header set Cache-Control "max-age=60, private, proxy-revalidate"



    Source: http://www.askapache.com/htaccess/sp...s-caching.html


    31. Redirect All WordPress Feeds To Feedburner



    RedirectMatch 301 /feed/(atom|rdf|rss|rss2)/?$ http://feedburner.com/yourfeed/
    RedirectMatch 301 /comments/feed/(atom|rdf|rss|rss2)/?$ http://feedburner.com/yourfeed/

    Source: http://www.wprecipes.com/how-to-redi...-with-htaccess


    32. Stop Spam On Your WordPress Blog



    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !.*yourdomainname.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]



    Source: http://www.wprecipes.com/reduce-spam...using-htaccess


    33. Deny Access To Your Wp-Config.Php File


    # protect wpconfig.php

    order allow,deny
    deny from all



    34. Securing The .Htaccess



    order allow,deny
    deny from all
    satisfy all



    Source: http://www.onextrapixel.com/2011/11/...for-wordpress/


    Warning: .htaccess files can do more harm than good if used incorrectly. You should always be careful when modifying your htaccess file: even a minor typographical error can make your site unusable!


    So, be sure to keep the original working .htaccess as backup just in case you need to revert to original settings.

    View more threads in the same category:


  2. The Following User Says Thank You to david For This Useful Post:

    rocker (27-03-2013)

  3. #2
    Junior Member rocker's Avatar
    Join Date
    Mar 2013
    Posts
    105
    Thanks
    3
    Thanked 11 Times in 9 Posts

    Default

    It help me a lot for my blog configuration. Thanks david

  4. #3
    Administrator david's Avatar
    Join Date
    Nov 2012
    Posts
    261
    Thanks
    22
    Thanked 42 Times in 34 Posts

    Default

    Good to know

  5. #4
    Junior Member
    Join Date
    Sep 2018
    Location
    United Kingdom
    Posts
    228
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Default

    Hotlinking is a bad practice that consist of using the images from another site on yours.
    When you’re hotlinked by someone else, your bandwidth is used for someone else profit.
    Of course, you may want to prevent hotlinkers. Just add the following snippet to
    your .htaccess file after replacing the example urls by your own urls.

  6. #5
    Junior Member petershene's Avatar
    Join Date
    Aug 2017
    Location
    South Africa
    Posts
    92
    Thanks
    2
    Thanked 3 Times in 3 Posts

    Default

    Im very glad you mentioned protecting htacess itself as all this code would be rendered useless without it. I would also throw in :

    # protect files beginning with .ht
    RedirectMatch 403 /\.ht(.*)

    For htpaswrd.

    As for making a backup do it. Also if you are working on a chrome browser sometimes you need a refresh as chrome doesnt always pick up on htacess changes immediatle unless you work your site in ingognito mode. Leave and test again.

Similar Threads

  1. Create unique coupon code in Magento
    By david in forum Programming & Development
    Replies: 9
    Last Post: 20-07-2022, 04:48 AM
  2. Replies: 1
    Last Post: 14-03-2019, 07:26 AM
  3. Protect a Directory Using .htaccess
    By david in forum PHP programming
    Replies: 1
    Last Post: 14-03-2019, 07:23 AM
  4. How to use .htaccess to redirect www to non-www?
    By speed2x in forum PHP programming
    Replies: 2
    Last Post: 22-06-2015, 01:23 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •