25 Useful Apache ‘.htaccess’ Tricks to Secure and Customize Websites

13. Configuring a single file, the <files> option.

Usually the content in .htaccess files apply to all the files and folders inside the directory in which the file is placed, but you can also provide some special permissions to a special file, like denying access to that file only or so on.

For this you need to add <File> tag to your file in a way like this:

<files conf.html="">
Order allow, deny
Deny from 188.100.100.0
</files>

This is a simple case of denying a file ‘conf.html’ from access by IP 188.100.100.0, but you can add any or every feature described for .htaccess file till now including the features yet to be described to the file like: Cache-control, GZip compression.

This feature is used by most of the servers to secure .htaccess files which is the reason why we are not able to see the .htaccess files on the browsers. How the files are authenticated is demonstrated in subsequent heading.

14. Enabling CGI scripts to run outside of cgi-bin folder.

Usually servers run CGI scripts that are located inside the cgi-bin folder but, you can enable running of CGI scripts located in your desired folder but just adding following lines to .htaccess file located in the desired folder and if not, then creating one, appending following lines:

AddHandler cgi-script .cgi
Options +ExecCGI

15. How to enable SSI on Website with .htaccess

Server side includes as the name suggests would be related to something included at the server side. But what? Generally when we have many pages in our website and we have a navigation menu on our home page that displays links to other pages then, we can enable SSI (Server Size Includes) option that allows all the pages displayed in the navigation menu to be included with the home page completely.

The SSI allows inclusion of multiple pages as if content they contain is a part of a single page so that any editing needed to be done is done in one file only which saves a lot of disk space. This option is by default enabled on servers but for .shtml files.

In case you want to enable it for .html files you need to add following lines:

AddHandler server-parsed .html

After this following in the html file would lead to SSI.

<!--#inlcude virtual= “gk/document.html”-->

16. How to Prevent website Directory Listing

To prevent any client being able to list the directories of the website on the server at his local machine add following lines to the file inside the directory you don’t want to get listed.

Options -Indexes

17. Changing Default charset and language headers.

.htaccess files allow you to modify the character set used i.e. ASCII or UNICODE, UTF-8 etc. for your website along with the default language used for the display of content.

Following server’s global environment variables allow you to achieve above feature.

AddDefaultCharset UTF-8
DefaultLanguage en-US

Re-writing URL’s: Redirection Rules

Re-writing feature simply means replacing the long and un-rememberable URL’s with short and easy to remember ones. But, before going into this topic there are some rules and some conventions for special symbols used later on in this article.

Special Symbols:

Constants and their meaning:

18. Redirecting a non-www URL to a www URL.

Before starting with the explanation, lets first see the lines that are needed to be added to .htaccess file to enable this feature.

RewriteEngine ON
RewriteCond %{HTTP_HOST} ^abc\.net$
RewriteRule (.*) http://www.abc.net/$1 [R=301,L]

The above lines enable the Rewrite Engine and then in second line check all those URL’s that pertain to host abc.net or have the HTTP_HOST environment variable set to “abc.net”.

For all such URL’s the code permanently redirects them (as R=301 rule is enabled) to the new URL http://www.abc.net/$1 where $1 is the non-www URL having host as abc.net. The non-www URL is the one in bracket and is referred by $1.