h4x3d.com

- h4x3d.com

By: jez
12-09-2005
code, Oldskool
Share

.htaccess cheat sheet

Here is a simple cheatsheet for the .htaccess file:

Enable Directory Browsing

Options +Indexes
## block a few types of files from showing
IndexIgnore *.wmv *.mp4 *.aviDisable Directory Browsing

Options All -IndexesCustomize Error Messages

ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.htmlGet SSI working with HTML/SHTML

AddType text/html .html
AddType text/html .shtml
AddHandler server-parsed .html
AddHandler server-parsed .shtml
# AddHandler server-parsed .htmChange Default Page (order is followed!)

DirectoryIndex myhome.htm index.htm index.php Block Users from accessing the site
order deny,allow
deny from 202.54.122.33
deny from 8.70.44.53
deny from .spammers.com
allow from all Allow only LAN usersorder deny,allow
deny from all
allow from 192.168.0.0/24Redirect Visitors to New Page/Directory

Redirect oldpage.html http://www.domainname.com/newpage.html
Redirect /olddir http://www.domainname.com/newdir/Block site from specific referrers

RewriteEngine on
RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]
RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]
RewriteRule .* – [F]Block Hot Linking/Bandwidth hogging

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ – [F]Want to show a ?Stealing is Bad? message too?

Add this below the Hot Link Blocking code:

RewriteRule \.(gif|jpg)$ http://www.mydomain.com/dontsteal.gif [R,L]Stop .htaccess (or any other file) from being viewed

order allow,deny
deny from all
Avoid the 500 Error

# Avoid 500 error by passing charset
AddDefaultCharset utf-8Grant CGI Access in a directory

Options +ExecCGI
AddHandler cgi-script cgi pl
# To enable all scripts in a directory use the following
# SetHandler cgi-scriptSave Bandwidth

# Only if you use PHP

php_value zlib.output_compression 16386
Password Protecting Directories

Use the .htaccess Password Generator and follow the brief instructions!

The CheckSpelling Directive

From Jens Meiert: CheckSpelling corrects simple spelling errors (for example, if someone forgets a letter or if any character is just wrong). Just add CheckSpelling On to your htaccess file.

The ContentDigest Directive

As the Apache core features documentation says: ?This directive enables the generation of Content-MD5 headers as defined in RFC1864 respectively RFC2068. The Content-MD5 header provides an end-to-end message integrity check (MIC) of the entity-body. A proxy or client may check this header for detecting accidental modification of the entity-body in transit.

Note that this can cause performance problems on your server since the message digest is computed on every request (the values are not cached). Content-MD5 is only sent for documents served by the core, and not by any module. For example, SSI documents, output from CGI scripts, and byte range responses do not have this header.?

To turn this on, just add Content Digest On.

Source: the net / google

From the newsstand

After a recent breach in first layer security I wiped the domain to be safe and restored to a clean working copy. It will take some weeks to seed out the nasty bits and pieces that lead to this situation. Please bare with this not too bad 'default' theme in the meantime (I am on holiday till Mid July). Best, jz.

Recent entries

Categories

Recent comments

0 comments
Submit yours
Submit comment

© 2011 h4x3d.com.

2,251 comments on this temporary theme for two weeks | thanks.