The contents of the .htaccess file is part of the Linux web server configuration, most commonly used to mod rewrite, but you can also influence other useful parameters. Some examples of use and syntax can be found below..
- How to create/edit .htaccess file?
- Inheriting settings
- Examples of settings
- Implementing HTTPS (.htaccess redirect)
How to create/edit .htaccess file?
Either by using the tool available in the Customer Center - it allows you to edit existing files, but the main advantage is the ability to create a new file through the graphical interface, or you can create a file by using your favorite text editor, and place it on the server the desired directory.
- Log in to Customer center.
- Choose hosting, where you wish to edit .htaccess (Servers and hosting / click on details at the right of the domain / server settings).
- In server settings click in category .htaccess on Settings button.
- There select directory, for which you want to edit the .htaccess ( "/" is root directory - www).
- Type the required .htaccess record in the form and confirm the change by clicking the Save button.
Detailed walk through:
- Use your login to sign in to the Customer Center. Alternatively, you can ask for a forgotten password.
- After logging in, choose the virtual server where you want to edit the .htaccess (Servers and hosting / click on details at the right of the domain / server settings).
- In server settings click in category .htaccess on Settings button.
- There select directory, for which you want to edit the .htaccess ( "/" is root directory - www).
- Type the required .htaccess record in the form and confirm the change by clicking the Save button.
Inheriting settings
Settings in .htaccess apply not only to the directory in which the file is located, but it is also inherited for all directories in it and below (which may, for example, interfere with rewrite rules).
Inherited settings can always be "overwhelmed" by the new .htaccess settings in the lower directory (which will continue to inherit its sub folders).
Examples of settings
Password protected access to the directory
You can set up access to a specific directory only after entering a valid username and password in Customer center in section Services/Web hosting and servers/Virtual servers after clicking on domain name and choosing the "settings" button at ".htaccess file edit". Select "Password" at the appropriate folder.
- Select "Password" at the appropriate folder.
- Next, set the login information in the directory and confirm it by clicking the Set password button.
Webserver settings
# Comment - all text that is on the line after the "#" character is ignored by the server
# You can then write notes for later orientation
# Set Default Directory Files (Indexes) - Default Settings
# Names are separated by a space, case-sensitive (index.php and Index.php are 2 different files)
DirectoryIndex index.php index2.php ThirdIndex.htm LastIndex.html
# Directory Content Listing - default off
# If there is no index file in the directory (see DirectoryIndex above), you can have its content listed
Options +Indexes
# Setting up custom error pages
# An address or a relative path can be given as the address - the relative address is given from the /www/
ErrorDocument 401 /path/file401.html # (umístění souboru je tedy /www/cesta/soubor401.html)
ErrorDocument 404 /path/file404.html
ErrorDocument 500 /path/file500.html
ErrorDocument 503 http://domain.cz/path/file.html
# Access control
# enable / disable access to the directory by IP address
Allow from all # Default settings - access allowed from all IP addresses
Deny from all # Prevents access from all IP addresses (eg, PHP gets locally in the directory)
Deny from 81.95.96.29 # Block access from a specific IP address
Deny from 81.95.96 # Block access address range 81.95.96.xx
PHP settings
# Setting register globals
php_flag register_globals on/off
# Setting magic quotes
php_flag magic_quotes_gpc on
# Setting display errors
php_flag display_errors on
# Setting max_input_vars
php_value max_input_vars 5000 (or other number you need)
Some PHP settings (for example memory_limit) in .htaccess cannot be set
Mod Rewrite
# before setting any rules, rewrite must be turned on
RewriteEngine On
# redirecting the domain something.domain.cz into the domain domain.cz/folder over 301
RewriteCond %{HTTP_HOST} ^something\.domain\.cz$
RewriteRule ^(.*)$ http://domain.cz/folder [R,L]
# redirecting the domain something.domain.cz into the folder domain.cz/folder
RewriteCond %{HTTP_HOST} ^something\.domain\.cz [NC]
RewriteCond %{REQUEST_URI} !^/folder/
RewriteRule ^(.*)$ /folder/$1 [L,QSA]
# redirecting from domain.cz/folder on domain.cz - the path to folder is not showed
RewriteCond %{HTTP_HOST} ^(www.)?domain.cz$
RewriteCond %{REQUEST_URI} !^/folder/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /folder/$1
RewriteCond %{HTTP_HOST} ^(www.)?domain.cz$
RewriteRule ^(/)?$ folder/index.php [L]
More information to mod rewrite can be found in documentation:
http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html
http://httpd.apache.org/docs/2.0/misc/rewriteguide.html
Turning off eAccelerator
php_flag eaccelerator.enable 0
php_flag eaccelerator.optimizer 0
Implementing HTTPS (.htaccess redirect)
HTTPS is on Linux hosting implemented (the same as HTTP) by using reverse proxy Nginx which does so called TLS offloading.
Operation between Nginx and Apache is no longer encrypted, and Apache only learns about encryption. This results in the following limitations for applications that try to verify that they are accessed through secure HTTPS.
- detection in PHP using the variable $ _SERVER ['HTTPS']! = 'on' is fully functional - the variable $ _SERVER ['SERVER_PORT'] also contains 80 when using HTTPS
Forwarding to HTTPS with retention compatibility is recommended to perform the following conditions:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA,NE]