Useful htaccess Tips & Tricks

.htaccess (hypertext access) files are used to allow Apache web server to handle specific directories of a web app.

Understanding how some lines in .htaccess file work will allow you to make some server-related tasks easier and to protect your webserver against malicious attacks.

Redirect http to https (ssl)

https protocol is a must for any websites nowadays.

RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Custom Error Pages

There is no need to create a 404 error page using backend language. You can create a specific HTML page and set it as default landing page for 404 error.

ErrorDocument 404 errors/404.html 

Set Timezone

This can set timezone for your server.

SetEnv TZ America/Costa_Rica

Modify upload limit for PHP

Adjusting upload file’s limit file size can be done in both php.ini and .htaccess.

php_value upload_max_filesize 40M
php_value post_max_size 40M
php_value max_execution_time 400
php_value max_input_time 400

Allow and disallow user acess

.htaccess can be used to restrict access to individual files and folders.

#allow noone
deny from all

#deny all except one
order deny,allow
deny from all
allow from 192.168.0.0/100

#deny one, allow the rest
order deny,allow
deny from 189.119.223.123
allow from all
# prevent viewing of a specific file
<files my_secret_image.jpg>
	Order allow,deny
	Deny from all
</files>
# disable directory browsing
Options All -Indexes

SEO Friendly 301 Permanent Redirects

Redirecting unused or broken pages to new ones will avoid missing traffic.

Redirect 301 http://www.tldevtech.com/page1 http://www.tldevtech.com/
Redirect 301 /old/file.html http://www.tldevtech.com/new/file.html

Change Default Index Page

index.html is the default index page. We can change it to another one like this:

DirectoryIndex mypage.html
#or from priority list
DirectoryIndex mypage.html mypage.cgi mypage.pl mypage.htm

Skip the download dialogue

This line skips the request asking whether you want to save the file or open it.

AddType application/octet-stream .pdf

Compress files

You can optimize website’s loading time by compress files.

# compress html, javascript, css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

Cache files

Caching is popular approach in optimizing website’s loading time.

<FilesMatch ".(gif|jpg|jpeg|png|ico|js|css|pdf)$">
    Header set Cache-Control "max-age=36000"
</FilesMatch>

Hotlinking protection

Hotlinking protection with .htaccess is a method to prevent other display content such as image using your website’s URL.

RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?www.tldevtech.com/.*$ [NC]
RewriteRule .(gif|jpg|png|webm)$ /go-away/ [R=302,L]

Compress output using GZIP

Compress all the css, js, html files with GZip compression.

<IfModule mod_gzip.c>
    mod_gzip_on       Yes
    mod_gzip_dechunk  Yes
    mod_gzip_item_include file      \.(html?|txt|css|js|php)$
    mod_gzip_item_include handler   ^cgi-script$
    mod_gzip_item_include mime      ^text/.*
    mod_gzip_item_include mime      ^application/x-javascript.*
    mod_gzip_item_exclude mime      ^image/.*
    mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>

Leave a Comment

Your email address will not be published. Required fields are marked *


Scroll to Top

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close