Redirect all requests to the a preferred domain

In many cases a website or web application should be accessible by multiple domains.  The Problem is, that google could treat that as duplicated content (https://support.google.com/webmasters/answer/66359?hl=en) and also the trust is divided between all domains.  That’s why google suggests to choose a preferred (canonical) destination URL and to redirect all requests to the a preferred domain (https://support.google.com/webmasters/answer/93633?hl=en). To achieve that, […]

Crossdomain crossite Ajax calls within a htaccess protected environment

Recently I had the challenge to implement crossdomain crossite Ajax calls within a htaccess protected environment (a crossover between Magento and Contao => both PHP-applications). But when the one application tried to call the other one via Ajax, I got the following error message in my developer  console in Chrome and Firefox and the call didn’t took place: […]

Login to a htaccess restricted area via URL

To login to a htaccess restricted area (see http://www.ask-sheldon.com/protect-folder-via-htaccess/) via URL ist pretty simple (but often forgotten): http://user:password@www.ask-sheldon.com/protected/area Please keep in mind, that in this case username and password are transmitted as plain text. There is no encryption or something like that! So anyone who plays man-in-the-middle is able to steel your credentials easily by just […]

Apache directory listing settings

Apache directory listing It is possible to let the webserver deliver a list of all files for a directory whenever a user navigates to it in the browser and there is no index file (f.e. index.html). The following Apache directory listing settings can achieve this behavior via entries in a .htaccess-file placed into the respective target folder. Enable Options […]

Force HTTPS for WordPress Installations

Just add this snippet to the beginning of your rewrite section of your .htaccess file to force HTTPS: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On # FORCE HTTPS: RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] … </IfModule> # END WordPress As you can see, I placed it directly under “RewriteEngine On”. Or you can also […]

Apache Cache Headers

Here are some nice Apache configuration entries that will increase your website performance. They can be placed in a .htaccess file: <IfModule mod_headers.c> ## # Add a Vary Accept-Encoding header for the compressed resources. If you # modify the file types above, make sure to change them here accordingly. ## Header unset ETag # Header set […]

Apache – Allow crossite calls

To Allow crossite calls via Ajax or for Fonts and so one, from specific subdomains: <IfModule mod_headers.c> SetEnvIfNoCase Origin “https?://(www\.|sub1\.|sub2\.|sub3\.|sub4\.)?(ask-sheldon\.com)(:\d+)?$” AccessControlAllowOrigin=$0 Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin Header set Access-Control-Allow-Credentials true </IfModule> Or you can place a crossdomain.xml in your DocumentRoot (does not work everywhere) <?xml version=”1.0″?> <cross-domain-policy> <allow-access-from domain=”*.ask-another-sheldon.com” /> <allow-access-from domain=”*.ask-anothernother-sheldon.com” /> </cross-domain-policy>