17 tùy biến .htaccess để cấu hình lại website, cấu hình lại appache để website bạn chạy theo ý muốn mình

Khi bạn muốn cấu hình lại website: thay đổi url trang web cho thân thiện, cấu hình lại hosting, cấu hình hình là trang web, ... Nếu chạy website trên linux hay nói chính xác hơn website bạn được viết bằng PHP và chạy trên appache thì chúng ta tùy biến nó dễ dàng bằng .htaccess

1. Cấm không cho chạy file php

Để cấm code PHP chạy trên 1 thư mục nào đó, chúng ta tạo 1 file .htaccess với nội dung như sau:

    <Files ~ ".*\.php$">
    Order deny,allow
    Deny from all

Hoặc với cú pháp như sau:

    <Directory /home/*/public_html>
    php_admin_flag engine off

Những tình huống áp dụng như là thư mục uploads/ chẳng hạn.

2. Tùy biến lỗi 404 - Page not found, 403 forbidden, ...

<Files .htaccess>
order allow,deny
deny from all
ErrorDocument 404 /error404.htm
ErrorDocument 403 /error403.htm

Với file error404.htm, error403.htm là file chúng ta tạo ra để hiển thị lỗi 404 hay 403 tương ứng. Đặt ngang hàng với file .htaccess nhé.

Tương tự cho các báo lổi khác nhé: 400, 401,402, 500, ...

3. Block IPs Using htaccess: Khóa địa chỉ IP truy cập bằng .htaccess

allow from all
deny from
deny from 124.15

Như vậy, khi truy cập máy có địa chỉ IP là: hoặc địa chỉ IP bắt đầu với 2 lớp: 124.15 đều bị cấm truy cập. Lúc này sẽ báo lổi 403

4. How to set the timezone on your server

SetEnv TZ America/Houston

5. SEO Friendly 301 permanent redirects for bad/old links and moved links

Redirect 301 /d/file.html http://www.htaccesselite.com/r/file.html

6. Set the Email Address for the Server Administrator - Using this code you can specifying the default email address for the server administrator.

ServerSignature EMail
SetEnv SERVER_ADMIN [email protected]

7. Hotlinking protection with .htaccess.

is very important because anyone can hot link to your images and eat up all your bandwith of your server. The following code will help you to prevent that.

Options +FollowSymlinks
# Protect Hotlinking
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domainname\.com/ [nc]
RewriteRule .*\.(gif|jpg|png)$ http://domainname.com/img/hotlink_f_o.png [nc]

8. Block all requests from user agent by creating a perfect .htaccess ban list, you can block all of unwanted user agents that will keep your server load down. Also Check out this interesting thread on webmaster world about the 228 user agents ban list.

## .htaccess Code :: BEGIN
## Block Bad Bots by user-Agent
SetEnvIfNoCase user-Agent ^FrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Java.* [NC,OR]
SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR]
SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR]
SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR]
SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR]
SetEnvIfNoCase user-Agent ^Zeus [NC]
Order Allow,Deny
Allow from all
Deny from env=bad_bot
## .htaccess Code :: END

9 Redirect everyone to different site except few IP -If you want to redirect all the visitors to a different IP. Also give access to certain few IPs. You can use the code below 

ErrorDocument 403 http://www.youdomain.com
Order deny,allow
Deny from all
Allow from
Allow from

10. Don’t want to display download request - Usually when you try to download something from a web server you get a request asking whether you want to save the file or open it. To avoid that you can use the below code on your .htaccess file.

AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mo

11. Change the file type - Make any file be a certain kind of file type Makes image.jpg, index.html, default.cgi all act as php

<Files test>
ForceType application/x-httpd-php
SetHandler application/x-httpd-php

12. Block access to your .htaccess file - By adding he following code to your htaccess file will prevent attempts to access your htaccess file. This extra layer of security protects your htaccess file by displaying a 403 error message on the browser.

# secure htaccess file
<Files .htaccess>
order allow,deny
deny from all

13. Protect access to certain specific file on your server - this can be done by adding the below mentioned code. For example you want to block with the file name default.jpg This will prevent the viewing of this file.

# prevent access of a certain file
<files default.jpg>
order allow,deny
deny from all

14. Prevent access to unauthorized browsing - Protecting specific directory browsing can be done by intructing the server to serve a Forbidden and Authorization required message while anyone requests to view that particular directory. Usually if you site doesn’t have a default index page any files within that directory is accessible to the visitors. To avoid that use the following code in the .htaccess file.

# disable directory browsing
Options All -Indexes

15. Setting the default page - You can set the default page of a directory to any page you like. For example in this code the default page is set as about.html instead of index.html

# serve alternate default index page
DirectoryIndex about.html

16. Password protect your directories and files - You can create authentication for certain files and directories from being access. The code has examples of both password protection for a single file and password protection for a entire directory.

# to protect a file
<Files secure.php>
AuthType Basic
AuthName “Prompt”
AuthUserFile /home/path/.htpasswd
Require valid-user
# password-protect a directory
AuthType basic
AuthName “This directory is protected”
AuthUserFile /home/path/.htpasswd
AuthGroupFile /dev/null
Require valid-user

17. Redirect an old domain to a new domain - Using htaccess file you can redirect a old domain name to a new domain by adding the following code into the htaccess file. Basically what it does is it will remap the old domain to the new one.

# redirect from old domain to new domain
RewriteEngine On
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [R=301,L]

As htaccess files are very powerful, even a slightest syntax error can cause sever malfunction of your server. So it is crucial to take the backup copies of everything before you try the hacks and tricks on your hypertext access files. Post your thoughts with a comment.