{"id":12024,"date":"2019-03-21T03:25:50","date_gmt":"2019-03-21T03:25:50","guid":{"rendered":"http:\/\/www.appservgrid.com\/paw92\/?p=12024"},"modified":"2019-03-21T03:25:50","modified_gmt":"2019-03-21T03:25:50","slug":"25-useful-apache-htaccess-tricks-to-secure-and-customize-websites","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/03\/21\/25-useful-apache-htaccess-tricks-to-secure-and-customize-websites\/","title":{"rendered":"25 Useful Apache \u2018.htaccess\u2019 Tricks to Secure and Customize Websites"},"content":{"rendered":"

Websites are important parts of our lives. They serve the means to expand businesses, share knowledge and lots more. Earlier restricted to providing only static contents, with introduction of dynamic client and server side scripting languages and continued advancement of existing static language like html to html5, adding every bit of dynamicity is possible to the websites and what left is expected to follow soon in near future.<\/p>\n

With websites, comes the need of a unit that can display these websites to a huge set of audience all over the globe. This need is fulfilled by the servers that provide means to host a website. This includes a list of servers like:\u00a0Apache HTTP Server<\/b>,\u00a0Joomla<\/b>, and\u00a0WordPress<\/b>\u00a0that allow one to host their websites.<\/p>\n

\n

\"Apache<\/a><\/p>\n

25 htaccess Tricks<\/p>\n<\/div>\n

One who wants to host a website can create a local server of his own or can contact any of above mentioned or any another server administrator to host his website. But the actual issue starts from this point. Performance of a website depends mainly on following factors:<\/p>\n

    \n
  1. Bandwidth consumed by the website.<\/li>\n
  2. How secure is the website against hackers.<\/li>\n
  3. Optimism when it comes to data search through the database<\/li>\n
  4. User-friendliness when it comes to displaying navigation menus and providing more UI features.<\/li>\n<\/ol>\n

    Alongside this, various factors that govern success of servers in hosting websites are:<\/p>\n

      \n
    1. Amount of data compression achieved for a particular website.<\/li>\n
    2. Ability to simultaneously serve multiple clients asking for a same or different website.<\/li>\n
    3. Securing the confidential data entered on the websites like: emails, credit card details and so on.<\/li>\n
    4. Allowing more and more options to enhance dynamicity to a website.<\/li>\n<\/ol>\n

      This article deals with one such feature provided by the servers that help enhance performance of websites along with securing them from bad bots, hotlinks etc. i.e. \u2018.htaccess<\/b>\u2018 file.<\/center><\/p>\n

      What is .htaccess?<\/h4>\n

      htaccess<\/b>\u00a0(or\u00a0hypertext access<\/b>) are the files that provide options for website owners to control the server environment variables and other parameters to enhance functionality of their websites. These files can reside in any and every directory in the directory tree of the website and provide features to the directory and the files and folders inside it.<\/p>\n

      What are these features? Well these are the server directives i.e. the lines that instruct server to perform a specific task, and these directives apply only to the files and folders inside the folder in which this file is placed. These files are hidden by default as all Operating System and the web servers are configured to ignore them by default but making the hidden files visible can make you see this very special file. What type of parameters can be controlled is the topic of discussion of subsequent sections.<\/p>\n

      Note<\/strong>: If\u00a0.htaccess<\/b>\u00a0file is placed in\u00a0\/apache\/home\/www\/Gunjit\/<\/b>\u00a0directory then it will provide directives for all the files and folders in that directory, but if this directory contains another folder namely:\u00a0\/Gunjit\/images\/<\/b>\u00a0which again has another\u00a0.htaccess<\/b>\u00a0file then the directives in this folder will override those provided by the master\u00a0.htaccess<\/b>\u00a0file (or file in the folder up in hierarchy).<\/p>\n

      Apache Server and .htaccess files<\/h4>\n

      Apache HTTP Server<\/b>\u00a0colloquially called Apache was named after a Native American Tribe Apache to respect its superior skills in warfare strategy. Build on C\/C++ and XML it is cross-platform web server which is based on NCSA HTTPd server and has a key role in growth and advancement of World Wide Web.<\/p>\n

      Most commonly used on UNIX, Apache is available for wide variety of platforms including FreeBSD, Linux, Windows, Mac OS, Novel Netware etc. In 2009, Apache became the first server to serve more than 100 million websites.<\/p>\n

      Apache server has one\u00a0.htaccess<\/b>\u00a0file per user in\u00a0www\/<\/b>\u00a0directory. Although these files are hidden but can be made visible if required. In\u00a0www\/<\/b>\u00a0directory there are a number of folders each pertaining to a website named on user\u2019s or owner\u2019s name. Apart from this you can have one\u00a0.htaccess<\/b>\u00a0file in each folder which configured files in that folder as stated above.<\/p>\n

      How to configure htaccess file on Apache server is as follows\u2026<\/p>\n

      Configuration on Apache Server<\/h4>\n

      There can be two cases:<\/p>\n

      Hosting website on own server<\/h5>\n

      In this case, if\u00a0.htaccess<\/b>\u00a0files are not enabled, you can enable\u00a0.htaccess<\/b>\u00a0files by simply going to\u00a0httpd.conf<\/b>(Default configuration file for Apache HTTP Daemon) and finding the\u00a0<Directories><\/b>\u00a0section.<\/p>\n

      <Directory \"\/var\/www\/htdocs\">\r\n<\/pre>\n
      And locate the line that says\u2026<\/p>\n
      AllowOverride None \r\n<\/pre>\n
      And correct it to.<\/p>\n
      AllowOverride All\r\n<\/pre>\n
      Now, on restarting Apache,\u00a0.htaccess<\/b>\u00a0will work.<\/p>\n
      Hosting website on different hosting provider server<\/h5>\n
      In this case it is better to consult the hosting admin, if they allow access to\u00a0.htaccess<\/b>\u00a0files.<\/p>\n
      25 \u2018.htaccess\u2019 Tricks of Apache Web Server for Websites<\/h3>\n
      1. How to enable mod_rewrite in .htaccess file<\/h4>\n
      mod_rewrite<\/b>\u00a0option allows you to use redirections and hiding your true URL with redirecting to some other URL. This option can prove very useful allowing you to replace the lengthy and long URL\u2019s to short and easy to remember ones.<\/p>\n
      To allow\u00a0mod_rewrite<\/b>\u00a0just have a practice to add the following line as the first line of your\u00a0.htaccess<\/b>\u00a0file.<\/p>\n
      Options +FollowSymLinks\r\n<\/pre>\n
      This option allows you to follow symbolic links and thus enable the\u00a0mod_rewrite<\/b>\u00a0option on the website. Replacing the URL with short and crispy one is presented later on.<\/p>\n
      2. How to Allow or Deny Access to Websites<\/h4>\n
      htaccess<\/b>\u00a0file can allow or deny access of website or a folder or files in the directory in which it is placed by using\u00a0order<\/b>,\u00a0allow<\/b>\u00a0and\u00a0deny<\/b>\u00a0keywords.<\/p>\n
      Allowing access to only 192.168.3.1 IP<\/h5>\n
      Order Allow, Deny\r\nDeny from All\r\nAllow from 192.168.3.1\r\n\r\nOR\r\n\r\nOrder Allow, Deny\r\nAllow from 192.168.3.1\r\n<\/pre>\n
      Order<\/b>\u00a0keyword here specifies the order in which\u00a0allow<\/b>,\u00a0deny<\/b>\u00a0access would be processed. For the above \u2018Order<\/b>\u2019 statement, the\u00a0Allow<\/b>\u00a0statements would be processed first and then the\u00a0deny<\/b>\u00a0statements would be processed.<\/p>\n
      Denying access to only one IP Address<\/h5>\n
      The below lines provide the means to allow access of the website to all the users accept one with IP Address:\u00a0192.168.3.1<\/b>.<\/p>\n
      rder Allow, Deny\r\nDeny from 192.168.3.1\r\nAllow from All\r\n\r\nOR\r\n\r\n\r\nOrder Deny, Allow\r\nDeny from 192.168.3.1\r\n<\/pre>\n
      3. Generate Apache Error documents for different error codes.<\/h4>\n
      Using some simple lines, we can fix the error document that run on different error codes generated by the server when user\/client requests a page not available on the website like most of us would have seen the \u2018404 Page not found<\/b>\u2019 page in their web browser. \u2018.htaccess<\/b>\u2019 files specify what action to take in case of such error conditions.<\/p>\n
      To do this, the following lines are needed to be added to the \u2018.htaccess<\/b>\u2019 files:<\/p>\n
      ErrorDocument <error-code> <path-of-document\/string-representing-html-file-content>\r\n<\/pre>\n
      \u2018ErrorDocument<\/b>\u2019 is a keyword, error-code can be any of\u00a0401<\/b>,\u00a0403<\/b>,\u00a0404<\/b>,\u00a0500<\/b>\u00a0or any valid error representing code and lastly, \u2018path-of-document\u2019 represents the path on the local machine (in case you are using your own local server) or on the server (in case you are using any other\u2019s server to host your website).<\/p>\n
      Example:<\/h5>\n
      ErrorDocument 404 \/error-docs\/error-404.html\r\n<\/pre>\n
      The above line sets the document \u2018error-404.html<\/b>\u2019 placed in\u00a0error-docs<\/b>\u00a0folder to be displayed in case the 404 error is reported by the server for any invalid request for a page by the client.<\/p>\n
      rrorDocument 404 \"<html><head><title>404 Page not found<\/title><\/head><body><p>The page you request is not present. Check the URL you have typed<\/p><\/body><\/html>\"\r\n<\/pre>\n
      The above representation is also correct which places the string representing a usual html file.<\/p>\n
      4. Setting\/Unsetting Apache server environment variables<\/h4>\n
      In\u00a0.htaccess<\/b>\u00a0file you can set or unset the global environment variables that server allow to be modified by the hosters of the websites. For setting or unsetting the environment variables you need to add the following lines to your .htaccess files.<\/p>\n
      Setting the Environment variables<\/h5>\n
      SetEnv OWNER \u201cGunjit Khera\u201d\r\n<\/pre>\n
      Unsetting the Environment variables<\/h5>\n
      UnsetEnv OWNER\r\n<\/pre>\n
      5. Defining different MIME types for files<\/h4>\n
      MIME<\/b>\u00a0(Multipurpose Internet Multimedia Extensions<\/b>) are the types that are recognized by the browser by default when running any web page. You can define MIME types for your website in\u00a0.htaccess<\/b>\u00a0files, so that different types of files as defined by you can be recognized and run by the server.<\/p>\n
      <IfModule mod_mime.c>\r\n\tAddType\tapplication\/javascript\t\tjs\r\n\tAddType application\/x-font-ttf\t\tttf ttc\r\n<\/IfModule>\r\n<\/pre>\n
      \n
      Here,\u00a0mod_mime.c<\/b>\u00a0is the module for controlling definitions of different MIME types and if you have this module installed on your system then you can use this module to define different MIME types for different extensions used in your website so that server can understand them.<\/p>\n
      6. How to Limit the size of Uploads and Downloads in Apache<\/h4>\n
      .htaccess<\/b>\u00a0files allow you the feature to control the amount of data being uploaded or downloaded by a particular client from your website. For this you just need to append the following lines to your .htaccess file:<\/p>\n
      php_value upload_max_filesize 20M\r\nphp_value post_max_size 20M\r\nphp_value max_execution_time 200\r\nphp_value max_input_time 200\r\n<\/pre>\n
      The above lines set maximum upload size, maximum size of data being posted, maximum execution time i.e. the maximum time the a user is allowed to execute a website on his local machine, maximum time constrain within on the input time.<\/p>\n
      7. Making Users to download .mp3 and other files before playing on your website.<\/h4>\n
      Mostly, people play songs on websites before downloading them to check the song quality etc. Being a smart seller you can add a feature that can come in very handy for you which will not let any user play songs or videos online and users have to download them for playing. This is very useful as online playing of songs and videos consumes a lot of bandwidth.<\/p>\n
      Following lines are needed to be added to be added to your .htaccess file:<\/p>\n
      AddType application\/octet-stream .mp3 .zip \r\n<\/pre>\n
      8. Setting Directory Index for Website<\/h4>\n
      Most of website developers would already know that the first page that is displayed i.e. the home page of a website is named as \u2018index.html<\/b>\u2019 .Many of us would have seen this also. But how is this set?<\/p>\n
      .htaccess<\/b>\u00a0file provides a way to list a set of pages which would be scanned in order when a client requests to visit home page of the website and accordingly any one of the listed set of pages if found would be listed as the home page of the website and displayed to the user.<\/p>\n
      Following line is needed to be added to produce the desired effect.<\/center><\/p>\n
      DirectoryIndex index.html index.php yourpage.php\r\n<\/pre>\n
      The above line specifies that if any request for visiting the home page comes by any visitor then the above listed pages will be searched in order in the directory firstly:\u00a0index.html<\/b>\u00a0which if found will be displayed as the sites home page, otherwise list will proceed to the next page i.e.\u00a0index.php<\/b>\u00a0and so on till the last page you have entered in the list.<\/p>\n
      9. How to enable GZip compression for Files to save site\u2019s bandwidth.<\/h4>\n
      This is a common observation that heavy sites generally run bit slowly than light weight sites that take less amount of space. This is just because for a heavy site it takes time to load the huge script files and images before displaying them on the client\u2019s web browser.<\/p>\n
      This is a common mechanism that when a browser requests a web page, server provides the browser with that webpage and now to locally display that web page, the browser has to download that page and then run the script inside that page.<\/p>\n
      What GZip compression does here is saving the time required to serve a single customer thus increasing the bandwidth. The source files of the website on the server are kept in compressed form and when the request comes from a user then these files are transferred in compressed form which are then uncompressed and executed on the server. This improves the bandwidth constrain.<\/p>\n
      Following lines can allow you to compress the source files of your website but this requires\u00a0mod_deflate.c<\/b>module to be installed on your server.<\/p>\n
      <IfModule mod_deflate.c>\r\n\tAddOutputFilterByType DEFLATE text\/plain\r\n\tAddOutputFilterByType DEFLATE text\/html\r\n\tAddOutputFilterByType DEFLATE text\/xml\r\n\tAddOutputFilterByType DEFLATE application\/html\r\n\tAddOutputFilterByType DEFLATE application\/javascript\r\n\tAddOutputFilterByType DEFLATE application\/x-javascript\r\n<\/IfModule>\r\n<\/pre>\n
      10. Playing with the File types.<\/h4>\n
      There are certain conditions that the server assumes by default. Like:\u00a0.php<\/b>\u00a0files are run on the server, similarly\u00a0.txt<\/b>\u00a0files say for example are meant to be displayed. Like this we can make some executable\u00a0cgi-scripts<\/b>\u00a0or files to be simply displayed as the source code on our website instead of being executed.<\/p>\n
      To do this observe the following lines from a .htaccess file.<\/p>\n
      RemoveHandler cgi-script .php .pl .py\r\nAddType text\/plain .php .pl .py\r\n<\/pre>\n
      These lines tell the server that\u00a0.pl<\/b>\u00a0(perl script),\u00a0.php<\/b>\u00a0(PHP file) and\u00a0.py<\/b>\u00a0(Python file) are meant to just be displayed and not executed as cgi-scripts.<\/p>\n
      11. Setting the Time Zone for Apache server<\/h4>\n
      The power and importance of\u00a0.htaccess<\/b>\u00a0files can be seen by the fact that this can be used to set the\u00a0Time Zone<\/b>of the server accordingly. This can be done by setting a global Environment variable \u2018TZ<\/b>\u2019 of the list of global environment variables that are provided by the server to each of the hosted website for modification.<\/p>\n
      Due to this reason only, we can see time on the websites (that display it) according to our time zone. May be some other person hosting his website on the server would have the timezone set according to the location where he lives.<\/p>\n
      Following lines set the Time Zone of the Server.<\/p>\n
      SetEnv TZ India\/Kolkata\r\n<\/pre>\n
      12. How to enable Cache Control on Website<\/h4>\n
      A very interesting feature of browser, most have observed is that on opening one website simultaneously more than one time, the latter one opens fast as compared to the first time. But how is this possible? Well in this case, the browser stores some frequently visited pages in its cache for faster access later on.<\/p>\n
      But for how long? Well this answer depends on you i.e. on the time you set in your\u00a0.htaccess<\/b>\u00a0file for Cache control. The\u00a0.htaccess<\/b>\u00a0file can specify the amount of time for which the pages of website can stay in the browser\u2019s cache and after expiration of time, it must revalidate i.e. pages would be deleted from the Cache and recreated the next time user visits the site.<\/p>\n
      Following lines implement Cache Control for your website.<\/p>\n
      <FilesMatch \"\\.(ico|png|jpeg|svg|ttf)$\">\r\n\tHeader Set Cache-Control \"max-age=3600, public\"\r\n<\/FilesMatch>\r\n<FilesMatch \"\\.(js|css)$\">\r\n\tHeader Set Cache-Control \"public\"\r\n\tHeader Set Expires \"Sat, 24 Jan 2015 16:00:00 GMT\"\r\n<\/FilesMatch>\r\n<\/pre>\n
      The above lines allow caching of the pages which are inside the directory in which\u00a0.htaccess<\/b>\u00a0files are placed for 1 hour.<\/p>\n
      13. Configuring a single file, the <files> option.<\/h4>\n
      Usually the content in\u00a0.htaccess<\/b>\u00a0files apply to all the files and folders inside the directory in which the file is placed, but you can also provide some special permissions to a special file, like denying access to that file only or so on.<\/p>\n
      For this you need to add <File> tag to your file in a way like this:<\/p>\n
      <files conf.html=\"\">\r\nOrder allow, deny\r\nDeny from 188.100.100.0\r\n<\/files>\r\n<\/pre>\n
      This is a simple case of denying a file \u2018conf.html<\/b>\u2019 from access by\u00a0IP 188.100.100.0<\/b>, but you can add any or every feature described for .htaccess file till now including the features yet to be described to the file like:\u00a0Cache-control<\/b>,\u00a0GZip compression<\/b>.<\/p>\n
      This feature is used by most of the servers to secure\u00a0.htaccess<\/b>\u00a0files which is the reason why we are not able to see the .htaccess files on the browsers. How the files are authenticated is demonstrated in subsequent heading.<\/p>\n
      14. Enabling CGI scripts to run outside of cgi-bin folder.<\/h4>\n
      Usually servers run\u00a0CGI<\/b>\u00a0scripts that are located inside the\u00a0cgi-bin<\/b>\u00a0folder but, you can enable running of CGI scripts located in your desired folder but just adding following lines to .htaccess file located in the desired folder and if not, then creating one, appending following lines:<\/p>\n
      AddHandler cgi-script .cgi\r\nOptions +ExecCGI\r\n<\/pre>\n
      15. How to enable SSI on Website with .htaccess<\/h4>\n
      Server side includes as the name suggests would be related to something included at the server side. But what? Generally when we have many pages in our website and we have a navigation menu on our home page that displays links to other pages then, we can enable SSI (Server Size Includes) option that allows all the pages displayed in the navigation menu to be included with the home page completely.<\/p>\n
      The\u00a0SSI<\/b>\u00a0allows inclusion of multiple pages as if content they contain is a part of a single page so that any editing needed to be done is done in one file only which saves a lot of disk space. This option is by default enabled on servers but for\u00a0.shtml<\/b>\u00a0files.<\/p>\n
      In case you want to enable it for\u00a0.html<\/b>\u00a0files you need to add following lines:<\/p>\n
      AddHandler server-parsed .html\r\n<\/pre>\n
      After this following in the html file would lead to SSI.<\/p>\n
      <!--#inlcude virtual= \u201cgk\/document.html\u201d-->\r\n<\/pre>\n
      16. How to Prevent website Directory Listing<\/h4>\n
      To prevent any client being able to list the directories of the website on the server at his local machine add following lines to the file inside the directory you don\u2019t want to get listed.<\/p>\n
      Options -Indexes\r\n<\/pre>\n
      17. Changing Default charset and language headers.<\/h4>\n
      .htaccess<\/b>\u00a0files allow you to modify the character set used i.e.\u00a0ASCII<\/b>\u00a0or\u00a0UNICODE<\/b>,\u00a0UTF-8<\/b>\u00a0etc. for your website along with the default language used for the display of content.<\/p>\n
      Following server\u2019s global environment variables allow you to achieve above feature.<\/p>\n
      AddDefaultCharset UTF-8\r\nDefaultLanguage en-US\r\n<\/pre>\n
      Re-writing URL\u2019s: Redirection Rules<\/h4>\n
      Re-writing<\/b>\u00a0feature simply means replacing the long and un-rememberable URL\u2019s with short and easy to remember ones. But, before going into this topic there are some rules and some conventions for special symbols used later on in this article.<\/p>\n
      Special Symbols:<\/h5>\n\n\n\n\n\n\n\n\n\n\n
      Symbol<\/b><\/td>\nMeaning<\/b><\/td>\n<\/tr>\n
      ^<\/td>\nStart of the string<\/td>\n<\/tr>\n
      $<\/td>\nEnd of the String<\/td>\n<\/tr>\n
      |<\/td>\nOr [a|b] \u2013 a or b<\/td>\n<\/tr>\n
      [a-z]<\/td>\nAny of the letter between a to z<\/td>\n<\/tr>\n
      +<\/td>\nOne or more occurrence of previous letter<\/td>\n<\/tr>\n
      *<\/td>\nZero or more occurrence of previous letter<\/td>\n<\/tr>\n
      ?<\/td>\nZero or one occurrence of previous letter<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      Constants and their meaning:<\/h5>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
      Constant<\/b><\/td>\nMeaning<\/b><\/td>\n<\/tr>\n
      NC<\/td>\nNo-case or case sensitive<\/td>\n<\/tr>\n
      L<\/td>\nLast rule \u2013 stop processing further rules<\/td>\n<\/tr>\n
      R<\/td>\nTemporary redirect to new URL<\/td>\n<\/tr>\n
      R=301<\/td>\nPermanent redirect to new URL<\/td>\n<\/tr>\n
      F<\/td>\nForbidden, send 403 header to the user<\/td>\n<\/tr>\n
      P<\/td>\nProxy \u2013 grab remote content in substitution section and return it<\/td>\n<\/tr>\n
      G<\/td>\nGone, no longer exists<\/td>\n<\/tr>\n
      S=x<\/td>\nSkip next x rules<\/td>\n<\/tr>\n
      T=mime-type<\/td>\nForce specified MIME type<\/td>\n<\/tr>\n
      E=var:value<\/td>\nSet environment variable var to value<\/td>\n<\/tr>\n
      H=handler<\/td>\nSet handler<\/td>\n<\/tr>\n
      PT<\/td>\nPass through \u2013 in case of URL\u2019s with additional headers.<\/td>\n<\/tr>\n
      QSA<\/td>\nAppend query string from requested to substituted URL<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
      18. Redirecting a non-www URL to a www URL.<\/h4>\n
      Before starting with the explanation, lets first see the lines that are needed to be added to\u00a0.htaccess<\/b>\u00a0file to enable this feature.<\/p>\n
      RewriteEngine ON\r\nRewriteCond %{HTTP_HOST} ^abc\\.net$\r\nRewriteRule (.*) http:\/\/www.abc.net\/$1 [R=301,L]\r\n<\/pre>\n
      The above lines enable the\u00a0Rewrite Engine<\/b>\u00a0and then in second line check all those URL\u2019s that pertain to host\u00a0abc.net<\/b>\u00a0or have the\u00a0HTTP_HOST<\/b>\u00a0environment variable set to \u201cabc.net<\/b>\u201d.<\/p>\n
      For all such URL\u2019s the code permanently redirects them (as\u00a0R=301<\/b>\u00a0rule is enabled) to the new URL\u00a0http:\/\/www.abc.net\/$1<\/b>\u00a0where\u00a0$1<\/b>\u00a0is the\u00a0non-www<\/b>\u00a0URL having host as\u00a0abc.net<\/b>. The non-www URL is the one in bracket and is referred by $1.<\/p>\n
      19. Redirecting entire website to https.<\/h4>\n
      Following lines will help you transfer entire website to https:<\/p>\n
      RewriteEngine ON\r\nRewriteCond %{HTTPS} !on\r\nRewriteRule (.*) https:\/\/%{HTTP_HOST}%{REQUEST_URI}\r\n<\/pre>\n
      The above lines enable the re-write engine and then check the value of HTTPS environment variable. If it is on then re-write the entire pages of the website to https.<\/p>\n
      20. A custom redirection example<\/h4>\n
      For example, redirect url \u2018http:\/\/www.abc.net?p=100&q=20 \u2018 to \u2018http:\/\/www.abc.net\/10020pq\u2019.<\/p>\n
      RewriteEngine ON\r\nRewriteRule ^http:\/\/www.abc.net\/([0-9]+)([0-9]+)pq$ ^http:\/\/www.abc.net?p=$1&q=$2\r\n<\/pre>\n
      In above lines, $1 represents the first bracket and $2 represents the second bracket.<\/p>\n
      21. Renaming the htaccess file<\/h4>\n
      For preventing the\u00a0.htaccess<\/b>\u00a0file from the intruders and other people from viewing those files you can rename that file so that it is not accessed by client\u2019s browser. The line that does this is:<\/p>\n
      AccessFileName\thtac.cess\r\n<\/pre>\n
      22. How to Prevent Image Hotlinking for your Website<\/h4>\n
      Another problem that is major factor of large bandwidth consumption by the websites is the problem of hot links which are links to your websites by other websites for display of images mostly of your website which consumes your bandwidth. This problem is also called as \u2018bandwidth theft<\/b>\u2019.<\/p>\n
      A common observation is when a site displays the image contained in some other site due to this hot-linking your site needs to be loaded and at the stake of your site\u2019s bandwidth, the other site\u2019s images are displayed. To prevent this for like: images such as:\u00a0.gif<\/b>,\u00a0.jpeg<\/b>\u00a0etc. following lines of code would help:<\/p>\n
      RewriteEngine ON\r\nRewriteCond %{HTTP_REFERER} !^$\r\nRewriteCond %{HTTP_REFERERER} !^http:\/\/(www\\.)?mydomain.com\/.*$ [NC]\r\nRewriteRule \\.(gif|jpeg|png)$ - [F].\r\n<\/pre>\n
      The above lines check if the\u00a0HTTP_REFERER<\/b>\u00a0is not set to blank or not set to any of the links in your websites. If this is happening then all the images in your page are replaced by 403 forbidden.<\/p>\n
      23. How to Redirect Users to Maintenance Page.<\/h4>\n
      In case your website is down for maintenance and you want to notify all your clients that need to access your websites about this then for such cases you can add following lines to your .htaccess websites that allow only admin access and replace the site pages having links to any .jpg, .css, .gif, .js etc.<\/p>\n
      RewriteCond %{REQUEST_URI} !^\/admin\/ [NC]\r\nRewriteCond %{REQUEST_URI} !^((.*).css|(.*).js|(.*).png|(.*).jpg)\t [NC]\r\nRewriteRule ^(.*)$ \/ErrorDocs\/Maintainence_Page.html\r\n[NC,L,U,QSA]<\/pre>\n
      These lines check if the Requested URL contains any request for any admin page i.e. one starting with \u2018\/admin\/<\/b>\u2019 or any request to \u2018.png, .jpg, .js, .css\u2019 pages and for any such requests it replaces that page to \u2018ErrorDocs\/Maintainence_Page.html<\/b>\u2019.<\/p>\n
      24. Mapping IP Address to Domain Name<\/h4>\n
      Name servers are the servers that convert a specific IP Address to a domain name. This mapping can also be specified in the .htaccess files in the following manner.<\/p>\n
      For Mapping L.M.N.O address to a domain name www.hellovisit.com\r\nRewriteCond %{HTTP_HOST} ^L\\.M\\.N\\.O$ [NC]\r\nRewriteRule ^(.*)$ http:\/\/www.hellovisit.com\/$1 [L,R=301]\r\n<\/pre>\n
      The above lines check if the host for any page is having the IP Address as:\u00a0L.M.N.O<\/b>\u00a0and if so the page is mapped to the domain name\u00a0http:\/\/www.hellovisit.com<\/b>\u00a0by the third line by permanent redirection.<\/p>\n
      25. FilesMatch Tag<\/h4>\n
      Like\u00a0<files><\/b>\u00a0tag that is used to apply conditions to a single file,\u00a0<FilesMatch><\/b>\u00a0can be used to match to a group of files and apply some conditions to the group of files as below:<\/p>\n
      <FilesMatch \u201c\\.(png|jpg)$\u201d>\r\nOrder Allow, Deny \r\nDeny from All\r\n<\/FilesMatch>\r\n<\/pre>\n
      Conclusion<\/h3>\n
      The list of tricks that can be done with\u00a0.htaccess<\/b>\u00a0files is much more. Thus, this gives us an idea how powerful this file is and how much security and dynamicity and other features it can give to your website.<\/p>\n
      We\u2019ve tried our best to cover as much as htaccess tricks in this article, but incase if we\u2019ve missed any important trick, or you most welcome to post your htaccess ideas and tricks that you know via comments section below \u2013 we will include those in our article too\u2026<\/p>\n
      Source<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
      Websites are important parts of our lives. They serve the means to expand businesses, share knowledge and lots more. Earlier restricted to providing only static contents, with introduction of dynamic client and server side scripting languages and continued advancement of existing static language like html to html5, adding every bit of dynamicity is possible to … <\/p>\n
      Continue reading “25 Useful Apache \u2018.htaccess\u2019 Tricks to Secure and Customize Websites”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-12024","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12024","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=12024"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12024\/revisions"}],"predecessor-version":[{"id":12026,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12024\/revisions\/12026"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=12024"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=12024"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=12024"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}