Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tutorials:htaccess [2011/04/30 13:45] – created clemenstutorials:htaccess [2011/10/04 19:11] (current) – Fix formatting: ToC, readability of codelines. memnon
Line 3: Line 3:
 Contents Contents
  
-  - [[#intro|Introduction]] +  - [[#Introduction]] 
-  - [[#recipes|Recipes]] +  - [[#Recipes]] 
-    - [[#redir-error|Redirect to a custom error page]] +    - [[#Redirect to a custom error page]] 
-    - [[#deny-dir|Deny directory listing]] +    - [[#Deny directory listing]] 
-    - [[#addtype|Add (or force) MIME-type]] +    - [[#Add (or force) MIME-type]] 
-    - [[#no-ext|Access files without specifying the extension +    - [[#Access files without specifying the extension 
-      * [[#add-ext|I want to access files without extension, but my (cgi|pl|php) is not found]]]] +      * [[#I want to access files without extension, but my (cgi|pl|php) is not found]]]] 
-    - [[#remove-handler|Serve .pl .php .cgi etc. as plain text files]] +    - [[#Serve .pl .php .cgi etc. as plain text files]] 
-    - [[#download|Force a download with a specific filename]] +    - [[#Force a download with a specific filename]] 
-    - [[#charset|Specify a default character encoding]] +    - [[#Specify a default character encoding]] 
-    - [[#password|Password protect your directories]]+    - [[#Password protect your directories]]
  
 ===== Introduction ===== ===== Introduction =====
Line 19: Line 19:
 .htaccess is the default file used by the [[http://httpd.apache.org/|Apache HTTP server]] (and others) in order to allow dynamic configuration. It's a plain text file that uses the same syntax present in the main configuration files (e.g., httpd.conf). It can contain a subset of Apache directives. The size of this subset depends on wheter the directives can be overridden or not (and this is present in the server configuration). In the Apache documentation you can see if a directive can be placed in a .htaccess file by checking that in the Context: line appears .htaccess. For instace, it's possible for the [[http://httpd.apache.org/docs/2.2/mod/core.html#forcetype|ForceType]] directive, but it's not for the  [[http://httpd.apache.org/docs/2.2/mod/core.html#errorlog|ErrorLog]] directive. file. .htaccess is the default file used by the [[http://httpd.apache.org/|Apache HTTP server]] (and others) in order to allow dynamic configuration. It's a plain text file that uses the same syntax present in the main configuration files (e.g., httpd.conf). It can contain a subset of Apache directives. The size of this subset depends on wheter the directives can be overridden or not (and this is present in the server configuration). In the Apache documentation you can see if a directive can be placed in a .htaccess file by checking that in the Context: line appears .htaccess. For instace, it's possible for the [[http://httpd.apache.org/docs/2.2/mod/core.html#forcetype|ForceType]] directive, but it's not for the  [[http://httpd.apache.org/docs/2.2/mod/core.html#errorlog|ErrorLog]] directive. file.
  
-The configuration directives placed in a .htaccess file will take effect immediately when a document, located in the directory where the .htaccess file is located and all subdirectories, is accessed. The server will also search for .htaccess files in all the parent directories. If there is a conflicting configuration directive, the server will apply the one that is in the .htaccess file closer to the requested resource. For instance, suppose that X and Y are two generic options. If you have "Options +X -Y" in $HOME/html/.htaccess and "Options -X" in $HOME/html/files/test/.htaccess, when you access a file in http://YOURUSERNAME.freeshell.org/files/test/ (and all subdirectories, unless you have another .htaccess file that reverts the configuration) options X and Y will be disabled, but if you access a file in http://YOURUSERNAME.freeshell.org/files/ (and above) option X will be enabled and option Y disabled.+The configuration directives placed in a .htaccess file will take effect immediately when a document, located in the directory where the .htaccess file is located and all subdirectories, is accessed. The server will also search for .htaccess files in all the parent directories. If there is a conflicting configuration directive, the server will apply the one that is in the .htaccess file closer to the requested resource. For instance, suppose that X and Y are two generic options. If you have "//Options +X -Y//" in $HOME/html/.htaccess and "//Options -X//" in $HOME/html/files/test/.htaccess, when you access a file in http://YOURUSERNAME.freeshell.org/files/test/ (and all subdirectories, unless you have another .htaccess file that reverts the configuration) options X and Y will be disabled, but if you access a file in http://YOURUSERNAME.freeshell.org/files/ (and above) option X will be enabled and option Y disabled.
  
 Remember that .htaccess files must be readable by the server, so you can "chmod 640 .htaccess" in order to give it the correct permissions. It's, however, a good practice to run "mkhomepg -p" in your SDF shell everytime you play with files in your html directory. Remember that .htaccess files must be readable by the server, so you can "chmod 640 .htaccess" in order to give it the correct permissions. It's, however, a good practice to run "mkhomepg -p" in your SDF shell everytime you play with files in your html directory.
Line 26: Line 26:
  
   * [[http://httpd.apache.org/docs/2.2/howto/htaccess.html|Apache Tutorial: .htaccess files]]   * [[http://httpd.apache.org/docs/2.2/howto/htaccess.html|Apache Tutorial: .htaccess files]]
-  * [[http://wiki.apache.org/httpd/Htaccess|Httpd Wiki > Htaccess]]+  * [[http://wiki.apache.org/httpd/Htaccess|Httpd Wiki Htaccess]]
   * [[http://www.htaccess-guide.com/|htaccess-guide.com]]   * [[http://www.htaccess-guide.com/|htaccess-guide.com]]
  
Line 41: Line 41:
 If you type http://YOURUSERNAME.freeshell.org/pics/ you will see a list of the files present in pics. Probably you don't want this (if you don't want that other people see your private stuff, don't put it on-line, or, at least, [[http://freeshell.org/index.cgi?faq?WEB?04|password protect them]]). Add this to your .htaccess file: If you type http://YOURUSERNAME.freeshell.org/pics/ you will see a list of the files present in pics. Probably you don't want this (if you don't want that other people see your private stuff, don't put it on-line, or, at least, [[http://freeshell.org/index.cgi?faq?WEB?04|password protect them]]). Add this to your .htaccess file:
  
-Options -Indexes "+  Options -Indexes
  
 ==== Add (or force) MIME-type ==== ==== Add (or force) MIME-type ====
Line 47: Line 47:
 The server could not be aware of all kind of files out there, so will have some troubles trying to figure out what to do with an unknown extension. You can tell the server what to do with unknown file types. Say you have a [[http://en.wikipedia.org/wiki/Cabinet_(file_format)|.cab]] file. Apache will communicate to your user agent the correct information about the file with: The server could not be aware of all kind of files out there, so will have some troubles trying to figure out what to do with an unknown extension. You can tell the server what to do with unknown file types. Say you have a [[http://en.wikipedia.org/wiki/Cabinet_(file_format)|.cab]] file. Apache will communicate to your user agent the correct information about the file with:
  
-AddType application/vnd.ms-cab-compressed .cab "+  AddType application/vnd.ms-cab-compressed .cab
  
 AddType is the directive, application/vnd.ms-cab-compressed is the MIME-type present in the Content-Type: entry in the HTTP headers sent by Apache, and .cab is the extension. AddType is the directive, application/vnd.ms-cab-compressed is the MIME-type present in the Content-Type: entry in the HTTP headers sent by Apache, and .cab is the extension.
Line 53: Line 53:
 Even if the server knows what's the MIME-type of a specific file extension, you could prefer it to use another one. Let's say that you want .html files to be served as application/xhtml+xml (because you are hardcore). Try this: Even if the server knows what's the MIME-type of a specific file extension, you could prefer it to use another one. Let's say that you want .html files to be served as application/xhtml+xml (because you are hardcore). Try this:
  
-AddType application/xhtml+xml .html "+  AddType application/xhtml+xml .html
  
 You can look for common MIME-type on [[http://en.wikipedia.org/wiki/Internet_media_type#List_of_common_media_types|wikipedia]] or read a full list on [[http://www.iana.org/assignments/media-types/|IANA's website]]. You can look for common MIME-type on [[http://en.wikipedia.org/wiki/Internet_media_type#List_of_common_media_types|wikipedia]] or read a full list on [[http://www.iana.org/assignments/media-types/|IANA's website]].
Line 63: Line 63:
 You can use URIs without extensions with: You can use URIs without extensions with:
  
-Options +MultiViews "+  Options +MultiViews
  
 === I want to access files without extension, but my (cgi|pl|php) is not found === === I want to access files without extension, but my (cgi|pl|php) is not found ===
Line 69: Line 69:
 Suppose that you have a cgi file called script.cgi and that, **once you enable MultiViews** (see above), when you access http://YOURUSERNAME.freeshell.org/script you get a 404 page. It's likely that the server have some problems in determining the MIME-type. In this case, put in your .htaccess file: Suppose that you have a cgi file called script.cgi and that, **once you enable MultiViews** (see above), when you access http://YOURUSERNAME.freeshell.org/script you get a 404 page. It's likely that the server have some problems in determining the MIME-type. In this case, put in your .htaccess file:
  
-AddType application/x-httpd-cgi .cgi "+  AddType application/x-httpd-cgi .cgi
  
 If you have perl and/or php files, add (modify the extension as needed): If you have perl and/or php files, add (modify the extension as needed):
  
-AddType application/x-httpd-php .php AddType application/x-httpd-perl .pl "+  AddType application/x-httpd-php .php AddType application/x-httpd-perl .pl
  
 ==== Serve .pl .php .cgi etc. as plain text files ==== ==== Serve .pl .php .cgi etc. as plain text files ====
Line 79: Line 79:
 If you want the server to execute your files, in order to be able to read the code of some specific files, you can remove the handlers. Let's say that the code you want to read is located in $HOME/html/code/. Now, you can put in $HOME/html/code/.htaccess the following bits: If you want the server to execute your files, in order to be able to read the code of some specific files, you can remove the handlers. Let's say that the code you want to read is located in $HOME/html/code/. Now, you can put in $HOME/html/code/.htaccess the following bits:
  
-RemoveHandler .pl .php .cgi "+  RemoveHandler .pl .php .cgi
  
 ==== Force a download with a specific filename ==== ==== Force a download with a specific filename ====
Line 85: Line 85:
 Let's say that you have a pdf file with an unintuitive name aaa222.pdf. You might want to force a download when people access the file and, in doing so, specify a default file name for the file that will be saved. This will do the job: Let's say that you have a pdf file with an unintuitive name aaa222.pdf. You might want to force a download when people access the file and, in doing so, specify a default file name for the file that will be saved. This will do the job:
  
-" &lt;Files x.cab&gt; Header set Content-Disposition "attachment; filename=Thesis.pdf" &lt;/Files&gt; "+  <Files x.cabHeader set Content-Disposition "attachment; filename=Thesis.pdf" </Files>
  
 ==== Specify a default character encoding ==== ==== Specify a default character encoding ====
Line 91: Line 91:
 If you want all your html documents to be served with UTF-8 as the default encoding (or charset): If you want all your html documents to be served with UTF-8 as the default encoding (or charset):
  
-AddCharset UTF-8 .html "+  AddCharset UTF-8 .html
  
-UTF-8 was used as an example, but you can use whatever encoding is appropriate. Note also that in the example only files with extension html will have a default encoding. If you want to extend that behaviour to other file extensions, add them on the same line. For instance, "AddCharset UTF-8 .html .htm .txt".+UTF-8 was used as an example, but you can use whatever encoding is appropriate. Note also that in the example only files with extension html will have a default encoding. If you want to extend that behaviour to other file extensions, add them on the same line. For instance, "//AddCharset UTF-8 .html .htm .txt//".
  
 This can also be useful if you want that only pages written in a specific language are served with a default encoding, while the others use the encoding sent normally by the server. So, suppose that you're usin [[http://www.w3.org/International/questions/qa-when-lang-neg|language negotiation]] and have resources in two languages, english (with extension en.html) and chinese (with extension cn.html). With the following line: This can also be useful if you want that only pages written in a specific language are served with a default encoding, while the others use the encoding sent normally by the server. So, suppose that you're usin [[http://www.w3.org/International/questions/qa-when-lang-neg|language negotiation]] and have resources in two languages, english (with extension en.html) and chinese (with extension cn.html). With the following line:
  
-AddCharset UTF-8 .cn "+  AddCharset UTF-8 .cn
  
 only .cn.html files will have UTF-8 as the default encoding. (The order of the language in the extension is not relevant, i.e., the files could have been html.en and html.cn; also, the leading dot in the extension in the .htaccess file is optional). only .cn.html files will have UTF-8 as the default encoding. (The order of the language in the extension is not relevant, i.e., the files could have been html.en and html.cn; also, the leading dot in the extension in the .htaccess file is optional).
Line 104: Line 104:
  
 This is a FAQ: http://sdf.org/index.cgi?faq?WEB?04 This is a FAQ: http://sdf.org/index.cgi?faq?WEB?04
 +