This page has been robot translated, sorry for typos if any. Original content here.

The file for setting access to the .htaccess server.

Site building

File for setting access to the server. htaccess

Author: Maxim Prikhodko
Published on November 30, 2005

As among the server systems the most popular operating system is Unix, then the most common server is not MS IIS , but Apache (the version of which, however, exists for Windows ).

When the name of your site is entered in the browser line, it is the server that decides which files to show and how. And you can control the operation of the server with respect to the website by manipulating the configuration file. htaccess , any change of which immediately takes effect.

Syntax. htaccess has a rigid structure, non-compliance which leads to server errors, so you must fulfill the following two requirements:

  1. The paths to the files (directories) are specified from the root of the server. For example: / opt / home / www.mysite.ru / htdocs / config /. htpasswords

  2. Domains are indicated with a protocol. For example: Redirect / http://www.site.ru

The file should be called "point" htaccess and be written in UNIX-format. In FAR, for example, when editing, you can press Shift + F2 and select the "Save as UNIX-text" menu item.

Here are simple examples of managing access to a site using a file. htaccess :

Prevent all files:

deny from all

Here all denotes "all".

Allow access from a specific IP address (for example, 192.13.237.14):

order allow deny
deny from all
allow from 192.13.237.14

Deny access from a specific IP address (for example, 192.13.237.14):

order allow deny
allow from all
deny from 192.13.237.14

Blocking a group of files by mask:

<Files "\ . ( Inc | sql | others expansion ) $ ">
order allow, deny
deny from all
</ Files>

In this example, the Apache web server itself can access files with the specified extensions.

You can set a ban on a specific file by its full name ( for example , config.inc.php ):

<Files config.inc.php >
order allow , deny
deny from all
</ Files>

Password on directory :

AuthName "Private zone"
AuthType Basic
AuthUserFile / pub / home / login . htpasswd
require valid-user
</ Files>

AuthName will be displayed for the visitor and can be used to explain the authorization request. The AuthUserFile value indicates the location where the password file is stored to access this directory. This file is created by the special utility htpasswd.exe.

For example, in the directory that we protect by creating a password. htaccess with the following content:

AuthName "For Registered Users Only"
AuthType Basic
AuthUserFile / pub / home / yoursite.ru/.htpasswd
require valid-user
</ Files>

In this example, when a user requests a directory, the visitor will see the phrase " For Registered Users Only ", the password file must be in the / pub / yoursite.ru / directory and be called. htapasswd . The directory is specified from the root of the server. If you incorrectly specify a directory, Apache will not be able to read the file. htpasswd and no one will get access to this directory.

Similarly to protecting an entire directory, you can set a password for only one file. For example, to protect the private.zip file, it is necessary in the file. htaccess specify the following information:

<Files private.zip >
AuthName "Users zone"
AuthType Basic
AuthUserFile / pub / home / login . htpasswd
</ Files>

Similarly, using the < Files > \. ( Inc | sql | other extensions) $ "> command, you can specify passwords for the file mask. For example, to set a password for access to all files with the extension. sql you must specify the following information:

<Files "\ . ( Sql ) $">
AuthName "Users zone"
AuthType Basic
AuthUserFile / pub / home / yoursite.ru/.htpasswd
</ Files>

In order to redirect the visitor to the site http://www.site.ru, c. htaccess you must specify:

Redirect / http://www.site.ru

To be continued...