.htaccess is an additional configuration file for the Apache web server. Allows you to set a large number of additional parameters and permissions for the operation of the web server for individual users (as well as on various directories of individual users), such as controlled access to directories, reassignment of file types, etc., without providing access to the main configuration file those. without affecting the operation of the entire service.
As a rule, .htaccess is located in the root directory of the hosting site.
If there is no file in the root directory of the site, you can create it yourself.
Entries made to .htaccess are called directives. Directives affect all files in the current directory and all its subdirectories (unless these directives are overridden by directives in underlying .htaccess files).
The following discusses options for writing some directives.
1. Simple redirection directive (redirect)
Suppose you need to redirect a site user to another site (URL), for this you need to add the following line to the .htaccess file:
Redirect 301 / http://www.example.com
where http://www.example.com is the URL to which the redirect goes
2. Complex redirection directives (mod_rewrite).
The mod_rewrite module is a powerful, intelligent URL rewrite tool. Almost all types of transformations are possible with it, which can be performed or not depending on various conditions and factors.
Some examples of using this directive:
- if your site supports both a regular connection (http) and an encrypted one (https), then it often becomes necessary to redirect all http traffic to https without the user noticing.
To do this, we prescribe the following rule:
- Redirect to https without www
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L]
RewriteCond %{SERVER_PORT} !^443
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ https://yourdomain.by%{REQUEST_URI} [R=301,L]
RewriteCond %{HTTP:X-SSL-Emu} !on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
- Redirect to https from www
RewriteEngine On
# Redirect to www
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
RewriteCond %{SERVER_PORT} !^443
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ https://www.yourdomain.com%{REQUEST_URI} [R=301,L]
- we close access to the website during business hours;
RewriteEngine on
RewriteCond %{TIME_HOUR}%{TIME_MIN} > 900
RewriteCond %{TIME_HOUR}%{TIME_MIN} < 1800
RewriteRule.* - [F]
- the site was moved from one domain to another from domain.com to domain2.com.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.domain\.com$ [R=301,1]
RewriteRule ^(.*)$ http://www.domain2.com/
3. Error handling
Errors sometimes occur during server operation; it would be more correct to call them not server failures, but standard return codes. In simple terms: the server responds to the user with an unfulfilled request with a return code, knowing the value of which you can understand what exactly is causing the error when requesting information from the server.
Codes starting with 4xx and 5xx are classified as errors.
If a 4xx or 5xx error occurs, a visitor to your site will see a message from the server in the browser, which can hardly be called extremely understandable to the average user. Apache provides the opportunity to present, instead of ascetic technical text that is not full of details, your own page where you can explain to the user in human language what happened and what to do.
An example of overriding error pages is given below:
- a situation when a visitor accesses a non-existent page;
ErrorDocument 404 http://domain.com/error/404.htm
- in the case when access to the page is limited;
ErrorDocument 403 http://domain.com/error/403.htm
- a syntax error was detected in the visitor's request;
ErrorDocument 400 http://domain.com/error/400.htm
- any internal server error that is not included in the scope of other class errors.
ErrorDocument 500 http://domain.com/error/500.htm
4. Encoding
Sometimes the user's browser cannot correctly determine the encoding type of the output document. To solve this problem, the encoding used is specified in the Apache Web server settings and in the header of the transmitted document. Moreover, for correct recognition these encodings must match. Our servers use UTF-8 encoding by default.
Below are some options for .htaccess settings:
- specifying the default encoding;
AddDefaultCharset UTF-8
or
AddDefaultCharset WINDOWS-1251
- a situation where all files uploaded to the server will be automatically recoded into the specified format.
CharsetSourceEnc UTF-8
5. Setting the maximum size of uploaded files in PHP.
The maximum size of uploaded files is specified in .htaccess using two directives:
php_value upload_max_filesize 20M
php_v