.htaccess Archives | Bravehartk2's Blog

Redirect all requests to the a preferred domain

4th April 2016 SheldonNo Comments

In many cases a website or web application should be accessible by multiple domains. The Problem is, that google could treat that as duplicated content (https://support.google.com/webmasters/answer/66359?hl=en) and also the trust is divided between all domains. That’s why google suggests to choose a preferred (canonical) destination URL and to redirect all requests to the a preferred domain (https://support.google.com/webmasters/answer/93633?hl=en). To achieve that, […]

Crossdomain crossite Ajax calls within a htaccess protected environment

8th March 20168th November 2018 SheldonNo Comments

Recently I had the challenge to implement crossdomain crossite Ajax calls within a htaccess protected environment (a crossover between Magento and Contao => both PHP-applications). But when the one application tried to call the other one via Ajax, I got the following error message in my developer console in Chrome and Firefox and the call didn’t took place: […]

Login to a htaccess restricted area via URL

27th January 2016 SheldonNo Comments

To login to a htaccess restricted area (see http://www.ask-sheldon.com/protect-folder-via-htaccess/) via URL ist pretty simple (but often forgotten):

http://user:password@www.ask-sheldon.com/protected/area

1	http://user:password@www.ask-sheldon.com/protected/area

Please keep in mind, that in this case username and password are transmitted as plain text. There is no encryption or something like that! So anyone who plays man-in-the-middle is able to steel your credentials easily by just […]

Apache directory listing settings

13th December 2015 SheldonNo Comments

Apache directory listing It is possible to let the webserver deliver a list of all files for a directory whenever a user navigates to it in the browser and there is no index file (f.e. index.html). The following Apache directory listing settings can achieve this behavior via entries in a .htaccess-file placed into the respective target folder. Enable

Options +Indexes
# or
IndexIgnore *

Options +Indexes

# or

IndexIgnore *

[…]

Redirect all traffic to another URL via htaccess

7th November 2015 SheldonNo Comments

To redirect all traffic to another URL, you can use the following Redirect-declaration in your .htaccess file.

Redirect 302 / https://de.linkedin.com/in/langemarcel

1	Redirect 302 / https://de.linkedin.com/in/langemarcel

For example this redirects all calls to my profile domain http://www.marcel-lange.info to my linkedin account.

Protect folder via .htaccess

14th April 2015 Sheldon2 Comments

Sometimes you want to protect a certain folder from being accessed via Apache. You can achieve this with the following entries in your .htaccess file:

Satisfy all
Order deny,allow
Deny from all

Satisfy all

Order deny,allow

Deny from all

Calls via shell are possible anyway.

Apache Cache Headers

20th March 201530th March 2015 SheldonNo Comments

Here are some nice Apache configuration entries that will increase your website performance. They can be placed in a .htaccess file:

<IfModule mod_headers.c>
  ##
  # Add a Vary Accept-Encoding header for the compressed resources. If you
  # modify the file types above, make sure to change them here accordingly.
  ##
  Header unset ETag
  #  Header set Cache-Control "no-cache" -> Cache aus
  <FilesMatch "\.(ico|jpg|jpeg|png|gif|js|css)$">
    Header unset Last-Modified
    Header append Cache-Control "public, max-age=3600"
  </FilesMatch>
  <FilesMatch "\.(html)$">
    Header unset Last-Modified
    Header append Cache-Control "public, max-age=60"
  </FilesMatch>
  #  <FilesMatch "\.(js|css|xml|gz)$">
  #    Header append Vary Accept-Encoding
  #  </FilesMatch>
  #  <FilesMatch "\.(ttf|otf|eot|woff|svg)$">
  #    Header set Access-Control-Allow-Origin "*"
  #  </FilesMatch>
</IfModule>
 
<IfModule mod_expires.c>
############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires
 
    ExpiresActive On

    # Attention: This line could cause unwanted caching behavior. 
    # It's better leave it and define every contenttype you want to cache):
    ExpiresDefault "access plus 1 day"

    ExpiresByType image/x-icon                  A86400
    ExpiresByType image/png                     A86400
    ExpiresByType image/gif                     A86400
    ExpiresByType image/jpg                     A86400
    ExpiresByType image/jpeg                    A86400
    ExpiresByType text/javascript               A86400
    ExpiresByType text/x-js                     A86400
    ExpiresByType application/x-javascript      A86400
    ExpiresByType application/javascript        A86400
    ExpiresByType text/css                      A86400
    ExpiresByType audio/mpeg                    A86400
 
 
    # Add correct content-type for fonts
    AddType application/vnd.ms-fontobject       .eot
    AddType font/ttf                            .ttf
    AddType font/otf                            .otf
    AddType font/x-woff                         .woff
    AddType image/svg+xml                       .svg
    AddType video/ogg                           .ogv
    AddType audio/ogg                           .ogg
 
    # Add a far future Expires header for fonts
    ExpiresByType application/vnd.ms-fontobject     "access plus 1 day"
    ExpiresByType font/ttf                          "access plus 1 day"
    ExpiresByType font/otf                          "access plus 1 day"
    ExpiresByType font/x-woff                       "access plus 1 day"
    ExpiresByType image/svg+xml                     "access plus 1 day"
    ExpiresByType video/ogg                         "access plus 1 day"
    ExpiresByType video/ogg                         "access plus 1 day"
    # ^ All static resources will be cached in the client-browser and proxies for 1 day
 
</IfModule>
FileETag none

# Add a Vary Accept-Encoding header for the compressed resources. If you

# modify the file types above, make sure to change them here accordingly.

Header unset ETag

# Header set Cache-Control "no-cache" -> Cache aus

Header unset Last-Modified

Header append Cache-Control "public, max-age=3600"

</FilesMatch>

Header unset Last-Modified

Header append Cache-Control "public, max-age=60"

</FilesMatch>

# <FilesMatch "\.(js|css|xml|gz)$">

# Header append Vary Accept-Encoding

# </FilesMatch>

# <FilesMatch "\.(ttf|otf|eot|woff|svg)$">

# Header set Access-Control-Allow-Origin "*"

# </FilesMatch>

</IfModule>

############################################

## Add default Expires header

## http://developer.yahoo.com/performance/rules.html#expires

ExpiresActive On

# Attention: This line could cause unwanted caching behavior.

# It's better leave it and define every contenttype you want to cache):

ExpiresDefault "access plus 1 day"

ExpiresByType image/x-icon A86400

ExpiresByType image/png A86400

ExpiresByType image/gif A86400

ExpiresByType image/jpg A86400

ExpiresByType image/jpeg A86400

ExpiresByType text/javascript A86400

ExpiresByType text/x-js A86400

ExpiresByType application/x-javascript A86400

ExpiresByType application/javascript A86400

ExpiresByType text/css A86400

ExpiresByType audio/mpeg A86400

# Add correct content-type for fonts

AddType application/vnd.ms-fontobject .eot

AddType font/ttf .ttf

AddType font/otf .otf

AddType font/x-woff .woff

AddType image/svg+xml .svg

AddType video/ogg .ogv

AddType audio/ogg .ogg

# Add a far future Expires header for fonts

ExpiresByType application/vnd.ms-fontobject "access plus 1 day"

ExpiresByType font/ttf "access plus 1 day"

ExpiresByType font/otf "access plus 1 day"

ExpiresByType font/x-woff "access plus 1 day"

ExpiresByType image/svg+xml "access plus 1 day"

ExpiresByType video/ogg "access plus 1 day"

# ^ All static resources will be cached in the client-browser and proxies for 1 day

</IfModule>

FileETag none

Deactivate htaccess login via crontab

8th December 201429th March 2015 SheldonNo Comments

Lets imagine you had a .htaccess authentication like that:

AuthUserFile /var/www/vhosts/ask-sheldon.com/.htpasswd
AuthGroupFile /dev/null
AuthName "Sheldons Secret"
AuthType Basic
<Limit GET>
 require valid-user
</Limit>

AuthUserFile /var/www/vhosts/ask-sheldon.com/.htpasswd

AuthGroupFile /dev/null

AuthName "Sheldons Secret"

AuthType Basic

require valid-user

</Limit>

… and a corresponding password file, you can deactivate the password prompt on 31.12.2014 at 23:59 automatically with this crontab entry:

# remove htaccess password protection on 31.12.2014
MAILTO = mustang@snsconsulting.de
59 23 31 12 * sed -i 's/require valid-user/#require valid-user/g' /var/www/vhosts/ask-sheldon.com/.htaccess

# remove htaccess password protection on 31.12.2014

MAILTO = mustang@snsconsulting.de

59 23 31 12 * sed -i 's/require valid-user/#require valid-user/g' /var/www/vhosts/ask-sheldon.com/.htaccess

Enable REST-API in .htaccess

25th November 201429th March 2015 SheldonNo Comments

To use the Magento REST_AP it is necessary to set the following configurations in .htaccess: change Options +FollowSymLinks to Options +FollowSymLinks -MultiViews insert RewriteRule ^api api.php?type=rest [QSA,L] directly under #RewriteBase /magento/

Change delivery character set

27th April 20105th September 2015 SheldonNo Comments

The charset the Apache delivers the content with can be changed really easy. Just add the following line to the respective .htaccess or your Apache configuration to force the UTF-8 character set:

AddDefaultCharset UTF-8

1	AddDefaultCharset UTF-8

Bravehartk2's Blog

- next level braining -

Tag: .htaccess

Redirect all requests to the a preferred domain

Crossdomain crossite Ajax calls within a htaccess protected environment

Login to a htaccess restricted area via URL

Apache directory listing settings

Redirect all traffic to another URL via htaccess

Protect folder via .htaccess

Apache Cache Headers

Enable REST-API in .htaccess

Change delivery character set

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: