This page has been robot translated, sorry for typos if any. Original content here.

.Htaccess server access configuration file

Website building

Server access configuration file. htaccess

Author: Maxim Prikhodko
Published November 30, 2005

Since the Unix operating system is the most popular among server systems, the most common server is not MS IIS , but Apache (a version of which, however, exists for Windows ).

When the name of your site is entered in the browser line, it is the server that decides which files to display and how. And you can control the operation of the server in relation to the website by manipulating the configuration file. htaccess , any change of which immediately takes effect.

Syntax htaccess has a rigid structure, non-observance of which leads to server errors, so the following two requirements must be met:

  1. Paths to files (directories) are specified from the server root. For example: / opt / home / www.mysite.ru / htdocs / config /. htpasswords

  2. Domains are indicated with the protocol. For example: Redirect / http://www.site.ru

The file should be called the htaccess dot and be written in UNIX format. In FAR, for example, when editing, you can press Shift + F2 and select the menu item "Save as UNIX text".

We give simple examples of controlling access to a site using a file. htaccess :

Deny all files:

deny from all

Here, all means "everything."

Allow access from a specific IP address (for example, 192.13.237.14):

order allow deny
deny from all
allow from 192.13.237.14

Deny access from a specific IP address (for example, 192.13.237.14):

order allow deny
allow from all
deny from 192.13.237.14

Ban on a group of files by mask:

<Files "\ . ( Inc | sql | other extensions ) $ ">
order allow, deny
deny from all
</Files>

In this example, the Apache web server itself can access files with the specified extensions.

You can set a ban on a specific file by its full name ( for example , config.inc.php ):

<Files config.inc.php >
order allow , deny
deny from all
</Files>

Password on directory :

AuthName "Private zone"
AuthType Basic
AuthUserFile / pub / home / login /. htpasswd
require valid-user
</Files>

AuthName will be displayed to the visitor and can be used to clarify the authorization request. The value AuthUserFile indicates the place where the password file is stored to access this directory. This file is created by the htpasswd.exe special utility.

For example, in a directory that we protect with a password, we create it. htaccess with the following content:

AuthName "For Registered Users Only"
AuthType Basic
AuthUserFile / pub / home / yoursite.ru/.htpasswd
require valid-user
</Files>

In this example, the visitor when requesting the directory will see the phrase " For Registered Users Only ", the file with passwords for access should be in the directory / pub / yoursite.ru / and named. htapasswd . The directory is specified from the server root. If you specify the directory incorrectly, then Apache will not be able to read the file. htpasswd and no one will get access to this directory.

Similarly to protecting an entire directory, you can set a password on only one file. For example, to protect the file private.zip is needed in the file. htaccess provide the following information:

<Files private.zip >
AuthName "Users zone"
AuthType Basic
AuthUserFile / pub / home / login /. htpasswd
</Files>

Similarly, using the command < Files "\. ( Inc | sql | other extensions) $">, you can specify passwords by file mask. For example, to set a password to access all files with the extension. sql, you must provide the following information:

<Files "\ . ( Sql ) $">
AuthName "Users zone"
AuthType Basic
AuthUserFile / pub / home / yoursite.ru/.htpasswd
</Files>

In order to redirect the visitor to the site http://www.site.ru, c. htaccess must be specified:

Redirect / http://www.site.ru

To be continued...