The .htaccess file is a very powerful tool – amongst other things, it allows you to password protect folders, redirect users automatically, use custom error pages, change your file extensions, ban users by IP address, only allow users with certain IP addresses, stop directory listings and use an alternate index file.
Creating the file is easy, you just need enter the appropriate code into a text editor (like notepad). You may run into problems with saving the file because .htaccess is a strange file name (the file actually has no name but a 8 letter file extension). You may need to name it something else (e.g. htaccess.txt) and then upload it to the server using an ftp client program (.htaccess files must be uploaded in ASCII mode, not BINARY). Once you have uploaded the file you can then rename it using your FTP program.
You may need to CHMOD the htaccess file to 644 or (RW-R–R–). This makes the file usable by the server, but prevents it from being read by a browser, which could seriously compromise your security.
For more information on .htaccess files see the Comprehensive guide to .htaccess.
In my next post I’ll be going through some cool things you can do with the .htaccess file
If you enjoyed this post, make sure you subscribe to my RSS feed!
Simple question, a little off-topic, but anyway … Is it possible to use .htpasswd and .htaccess without having SSH access to the server? Or another words: Is it possible to protect your folders with passwords without having any SSH access?
I have been trying to find something on this topic (because I wanted to protect few folders on my site), but I wasn’t able to solve this problem properly… So now I am using .htaccess only (IP: deny, allow).
I have a question regarding setting up an .htaccess file . I am trying to allow access to a directory based on the referrer being the following:
http://www.example.com/somedirectory/home.php
I have .pdf files and .doc files as well as .php and .html files in another directory
http://www.example.com/directory2/example.doc
/directory2/
example.doc
page.pdf
index.html
page.php
I only want the directories under directory2 to be served to the client if the referrer comes from only the one single above page in my domain. And if this is not the case, redirect the user to the following page:
http://www.example.com/access_error.php
How do I construct the .htaccess file so that this will work under Apache Tomcat?? I have been researching this for many days now, and need it for a project I’m doing. I know it’s something small and silly, I just can’t figure it out, and I want to be able to copy the .htaccess to other directories, and add it to new directories down the road. So the .htaccess file needs to only effect the directory it’s in. Any help would be greatly appreciated.
Sincerely,
Haley Miska
Web Programmer