当前位置: 首页 >> 转载技术·攻城师 >> .htaccess 配置文件详解 >> 正文

.htaccess 配置文件详解

11年前 (2013-05-28)     作者:iMoke     分类:转载技术·攻城师     阅读次数:2621     评论(0)    

.htaccess文件设置基础教程 如果你设置好了比如常用的404页面 301重定向 页面还有500页面等会设置了 无非对你的seo技术有很大帮助那么 .htaccess文件到底怎么设置呢

.htaccess 文件(或者”分布式配置文件”)提供了针对目录改变配置的方法, 即,在一个特定的文档目录中放置一个包含一个或多个指令的文件, 以作用于此目录及其所有子目录.[1]作为用户,所能使用的命令受到限制.管理员可以通过Apache的AllowOverride指令来设置.


.htaccess文件设置基础教程 如果你设置好了比如常用的404页面 301重定向 页面还有500页面等会设置了 无非对你的seo技术有很大帮助那么 .htaccess文件到底怎么设置呢

.htaccess 文件(或者”分布式配置文件”)提供了针对目录改变配置的方法, 即,在一个特定的文档目录中放置一个包含一个或多个指令的文件, 以作用于此目录及其所有子目录.[1]作为用户,所能使用的命令受到限制.管理员可以通过Apache的AllowOverride指令来设置.

子目录中的指令会覆盖更高级目录或者主服务器配置文件中的指令.

.htaccess必须以ASCII模式上传,最好将其权限设置为644.


错误文档的定位

常用的客户端请求错误返回代码:

401 Authorization Required

403 Forbidden

404 Not Found

405 Method Not Allowed

408 Request Timed Out

411 Content Length Required

412 Precondition Failed

413 Request Entity Too Long

414 Request URI Too Long

415 Unsupported Media Type


常见的服务器错误返回代码:

500 Internal Server Error


用户可以利用.htaccess指定自己事先制作好的错误提醒页面.一般情况下,人们可以专门设立一个目录,例如errors放置这些页面.然后再.htaccess中,加入如下的指令:

ErrorDocument 404 /errors/notfound.html

ErrorDocument 500 /errors/internalerror.html


一条指令一行.上述第一条指令的意思是对于404,也就是没有找到所需要的文档的时候得显示页面为/errors目录下的notfound.html页面.不难看出语法格式为:

ErrorDocument 错误代码 /目录名/文件名.扩展名

如果所需要提示的信息很少的话,不必专门制作页面,直接在指令中使用HTML号了,例如下面这个例子:

ErrorDocument 401 ”

你没有权限访问该页面,请放弃!

文档访问的密码保护

要利用.htaccess对某个目录下的文档设定访问用户和对应的密码,首先要做的是生成一个.htpasswd的文本文档,例如:

zheng:y4E7Ep8e7EYV

这里密码经过加密,用户可以自己找些工具将密码加密成.htaccess支持的编码.该文档最好不要放在www目录下,建议放在www根目录文档之外,这样更为安全些.

有了授权用户文档,可以在.htaccess中加入如下指令了:

AuthUserFile .htpasswd的服务器目录

AuthGroupFile /dev/null (需要授权访问的目录)

AuthName EnterPassword

AuthType Basic (授权类型)

require user wsabstract (允许访问的用户,如果希望表中所有用户都允许,可以使用 require valid-user)

注,括号部分为学习时候自己添加的注释

拒绝来自某个IP的访问

如果我不想某个政府部门访问到我的站点的内容,那可以通过.htaccess中加入该部门的IP而将它们拒绝在外.

例如:

order allow,deny

deny from 210.10.56.32

deny from 219.5.45.

allow from all


(2)保护.htaccess文档

在使用.htaccess来设置目录的密码保护时,它包含了密码文件的路径.从安全考虑,有必要把.htaccess也保护起来,不让别人看到其中的内容.虽然可以用其他方式做到这点,比如文档的权限.不过,.htaccess本身也能做到,只需加入如下的指令:

order allow,deny

deny from all


URL转向

我们可能对网站进行重新规划,将文档进行了迁移,或者更改了目录.这时候,来自搜索引擎或者其他网站链接过来的访问就可能出错.这种情况下,可以通过如下指令来完成旧的URL自动转向到新的地址:

Redirect /旧目录/旧文档名 新文档的地址

或者整个目录的转向:

Redirect 旧目录 新目录

改变缺省的首页文件

一般情况下缺省的首页文件名有default、index等.不过,有些时候目录中没有缺省文件,而是某个特定的文件名,比如在pmwiki中是pmwiki.php.这种情况下,要用户记住文件名来访问很麻烦.在.htaccess中可以轻易的设置新的缺省文件名:

DirectoryIndex 新的缺省文件名

也可以列出多个,顺序表明它们之间的优先级别,例如:

DirectoryIndex filename.html index.cgi index.pl default.htm

防止盗链

如果不喜欢别人在他们的网页上连接自己的图片、文档的话,也可以通过htaccess的指令来做到.

所需要的指令如下:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]

RewriteRule \.(gif|jpg)$ – [F]

如果觉得让别人的页面开个天窗不好看,那可以用一张图片来代替:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]

RewriteRule \.(gif|jpg)$ http://www.mydomain.com/替代图片文件名 [R,L]

 

(3).htaccess is a very useful way to accomplish things that HTML and CSS can’t, however it is very rarely allowed on free-servers. You should check with your system administrator to make sure that .htaccess is allowed/enabled before trying out these tutorials.

1.error pages: customize your 404 error pages.

We all know what a 404 “Not Found” error page looks like. This tutorial will show you how to make those error pages anything you desire.

First you’ll need to create your error pages. Just make some normal HTML pages, one for each error type. The error types and their definitions are:

400: Bad Request. The server doesn’t understand the request.

401: Authentication Failed. The password was not accepted.

403: Access Forbidden. Access to the area is forbidden.

404: File Not Found. The requested file could not be found.

500: Internal Server Error. Usually the result of a misconfigured script.

Once you’ve made your error pages, upload them to a directory called error or something of the sort.

Now the important part. Create a file called htaccess.txt in Notepad. Add these lines to the file:

ErrorDocument 400 http://iiwnet.com/error/400.html

ErrorDocument 401 http://iiwnet.com/error/401.html

ErrorDocument 403 http://iiwnet.com/error/403.html

ErrorDocument 404 http://iiwnet.com/error/404.html

ErrorDocument 500 http://iiwnet.com/error/500.html

Change iiwnet.com to the location of your website. Save the file and upload it to your top-most web directory. Once it’s there, rename it with your FTP program to .htaccess – complete with the dot starting it out, and with no .txt extension this time.

If the .htaccess file is in your top-most web directory, then all errors that occur in that directory and all its subdirectories will be referred to the appropriate error page.

That’s it! Try it out by going to a page on your website that you know doesn’t exist.


2.private directories: password protect your private folders.

Ever wanted a password protected directory? Click here for an example, use kali as your username and green as the password. With .htaccess and .htpasswd you can create as many users and passwords as you need.

To have one of your own, download this cgi script: password.cgi.

To use it, unzip the script and upload it to your cgi-bin.

CHMOD it 755 and run it from your web-browser.

Instructions will be detailed in the script.


3.anti-leech: stop people from linking to your image files.

If you’ve ever gone through your site logs and found someone hotlinking to your image files, stealing your bandwidth, then you need the following lines in your .htaccess file:

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://iiwnet.com/.*$ [NC]

RewriteCond %{HTTP_REFERER} !^http://www.iiwnet.com/.*$ [NC]

RewriteRule .*\.(gif|GIF|jpg|JPG|bmp|BMP)$ – [F]

Change “iiwnet.com” to your own URL, and upload the .htaccess file to the directory containing your images. Once it is in place, only people coming from “iiwnet.com” will be able to view the images; everyone else will only see a broken image placeholder. If you have an image you’d like to display instead of the placeholder, use the version below.

RewriteEngine On

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://iiwnet.com/ [NC]

RewriteCond %{HTTP_REFERER} !^http://www.iiwnet.com/ [NC]

RewriteCond %{REQUEST_URI} !^/theif.gif [NC]

RewriteRule \.(gif|GIF|jpg|JPG)$ [R]

”theif.gif” is the image you want to load whenever someone attempts to hotlink an image from your server. You only need to add the RewriteCond %{REQUEST_URI} !^/theif.gif [NC] line if the image you want to load is in a directory that the .htaccess file effects. Otherwise you can remove the line, and it will still function.

本文来源于剑心通明的资料库:http://jxtm.bsdlover.cn 转载请保留原文地址:http://jxtm.bsdlover.cn/?p=825

除非注明,发表在“傲孤漠客”的文章『.htaccess 配置文件详解』版权归iMoke所有。 转载请注明出处为“本文转载于『傲孤漠客』原地址https://www.imoke.org/post/htaccess.html

评论

发表评论   

昵称*

E-mail*(建议输入,以便收到博主回复的提示邮件)

网站