Apache Authentication in htaccess
Require password for 1 file only
<files login.php> Order deny,allow Deny from all AuthName "htaccess password prompt" AuthType Basic AuthUserFile /web/askapache.com/.htpasswd Require valid-user </Files>
Protect multiple files:
<FilesMatch "^(exec|env|doit|phpinfo|w).*$"> Order deny,allow Deny from all AuthName "htaccess password prompt" AuthUserFile /.htpasswd AuthType basic Require valid-user </FilesMatch>
Using the Apache Allow Directive in htaccess
network/netmask pair
Order deny,allow Deny from all Allow from 10.1.0.0/255.255.0.0
IP address
Order deny,allow Deny from all Allow from 10.1.2.3
More than 1 IP address
Order deny,allow Deny from all Allow from 192.168.1.104 192.168.1.205
Partial IP addresses, first 1 to 3 bytes of IP, for subnet restriction
Order deny,allow Deny from all Allow from 10.1 Allow from 10 172.20 192.168.2
network/nnn CIDR specification
Order deny,allow Deny from all Allow from 10.1.0.0/16
IPv6 addresses and subnets
Order deny,allow Deny from all Allow from 2001:db8::a00:20ff:fea7:ccea Allow from 2001:db8::a00:20ff:fea7:ccea/10
Deny subdomains
Order Allow,Deny Allow from apache.org Deny from wireshark.apache.org
Allow from IP without password prompt, and also allow from any address with password prompt
Order deny,allow Deny from all AuthName "htaccess password prompt" AuthUserFile /web/askapache.com/.htpasswd AuthType Basic Require valid-user Allow from 172.17.10.1 Satisfy Any
Skeleton .htaccess file to start with
I use this when I start a new site, and uncomment or delete parts of the file depending on the sites needsUltimate htaccess file sample
#
# DEFAULT SETTINGS
#
Options +ExecCGI -Indexes
DirectoryIndex index.php index.html index.htm
ErrorDocument 400 /cgi-bin/error.php
ErrorDocument 401 /cgi-bin/error.php
ErrorDocument 403 /cgi-bin/forbidden.cgi
ErrorDocument 404 /404.html
ErrorDocument 405 /cgi-bin/error.php
ErrorDocument 406 /cgi-bin/error.php
ErrorDocument 409 /cgi-bin/error.php
ErrorDocument 413 /cgi-bin/error.php
ErrorDocument 414 /cgi-bin/error.php
ErrorDocument 500 /cgi-bin/error.php
ErrorDocument 501 /cgi-bin/error.php
### DEFAULTS
ServerSignature Off
AddType video/x-flv .flv
AddType application/x-shockwave-flash .swf
AddType image/x-icon .ico
AddDefaultCharset UTF-8
AddLanguage en-US .html .htm .txt .xml .php
SetEnv TZ America/Indianapolis
SetEnv SERVER_ADMIN webmaster@askapache.com
### PHPINI-CGI
#AddHandler php-cgi .php
#Action php-cgi /cgi-bin/php5.cgi
### FAST-CGI
#AddHandler fastcgi-script .fcg .fcgi .fpl
#AddHandler php5-fastcgi .php
#Action php5-fastcgi /cgi-bin/fastcgi.fcgi
#
# HEADERS and CACHING
#
# 1 YEAR
<FilesMatch ".(flv|ico|pdf)$">
Header set Cache-Control "max-age=29030400, public"
</FilesMatch>
# 1 WEEK
<FilesMatch ".(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
# 3 HOUR
<FilesMatch ".(txt|xml|js|css)$">
Header set Cache-Control "max-age=10800"
</FilesMatch>
# 1 MIN
<FilesMatch ".(html|htm|php)$">
Header set Cache-Control "max-age=0, private, no-store, no-cache, must-revalidate"
Header set P3P "policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS""
Header set imagetoolbar "no"
</FilesMatch>
#
# REWRITES AND REDIRECTS
#
### SEO REDIRECTS
#Redirect 301 /ssl-ns.html /2006/htaccess/apache-ssl-in-htaccess-examples.html
#Redirect 301 /ht.tml
#Redirect 301 /index.html /
#RedirectMatch 301 /2006/htaccess-forum/(.*) /2006/htaccess/$1
#RedirectMatch 301 /(.*)rfc2616(.*) http://rfc.askapache.com/rfc2616/rfc2616.html
#RedirectMatch 301 /phpmanual(.*) /manual/en/$1
### REWRITES
RewriteEngine On
RewriteBase /
### WORDPRESS
#<ifModule mod_rewrite.c>
#RewriteEngine On
#RewriteBase /
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule . /index.php [L]
#</ifModule>
### REQUIRE WWW
#RewriteCond %{HTTP_HOST} !^www.askapache.com$ [NC]
#RewriteRule ^(.*)$ /$1 [R=301,L]
### STOP LOOP CODE
#RewriteCond %{ENV:REDIRECT_STATUS} 200
#RewriteRule ^.*$ - [L]
### REDIRECT BLOG FEED TO FEEDBURNER
#RewriteCond %{HTTP_USER_AGENT} !^.*(FeedBurner|FeedValidator|Recent) [NC]
#RewriteRule ^feed/?.*$ http://feeds.feedburner.com/apache/htaccess [L,R=302]
### BLOCK WGET
#RewriteCond %{HTTP_USER_AGENT} ^Wget.* [NC]
#RewriteRule .* /cgi-bin/forbidden.cgi [L]
#
# AUTHENTICATION
#
### BASIC PASSWORD PROTECTION
#AuthName "Prompt"
#AuthUserFile /web/askapache.com/.htpasswd
#AuthType basic
#Require valid-user
### UNDER CONSTRUCTION PROTECTION
#AuthName "Under Development"
#AuthUserFile /web/askapache.com/.htpasswd
#AuthType basic
#Require valid-user
#Order Deny,Allow
#Deny from all
#Allow from 23.23.23.1 w3.org googlebot.com google.com google-analytics.com
#Satisfy Any
Subscribe to:
Post Comments
(
Atom
)
No comments :
Post a Comment