htaccess Cheatsheet (the jackol’s den)

cheatsheet for the .htaccess file


Options +Indexes
## block a few types of files from showing
IndexIgnore *.wmv *.mp4 *.avi


Options All -Indexes


ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.html


AddType text/html .html
AddType text/html .shtml
AddHandler server-parsed .html
AddHandler server-parsed .shtml
# AddHandler server-parsed .htm



DirectoryIndex myhome.htm index.htm index.php


<limit GET POST PUT>
order deny,allow
deny from
deny from
deny from
allow from all


order deny,allow
deny from all
allow from


Redirect oldpage.html
Redirect /olddir


RewriteEngine on
RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]
RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]
RewriteRule .* - [F]

Block Hot Linking/Bandwidth hogging

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]

Want to show a “Stealing is Bad” message too?

Add this below the Hot Link Blocking code:

RewriteRule \.(gif|jpg)$ [R,L]


<files file-name>
order allow,deny
deny from all

500 Errorを回避

# Avoid 500 error by passing charset
AddDefaultCharset utf-8


Options +ExecCGI
AddHandler cgi-script cgi pl
# To enable all scripts in a directory use the following
# SetHandler cgi-script


Use the .htaccess Password Generator and follow the brief instructions!


AddType application/x-httpd-php .gne

gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc.


Performance may take a hit but if thats not a problem, this is a nice option to turn on.

ContentDigest On


From Jens Meiert: CheckSpelling corrects simple spelling errors (for example, if someone forgets a letter or if any character is just wrong). Just add CheckSpelling On to your htaccess file.

The ContentDigest Directive

As the Apache core features documentation says: “This directive enables the generation of Content-MD5 headers as defined in RFC1864 respectively RFC2068. The Content-MD5 header provides an end-to-end message integrity check (MIC) of the entity-body. A proxy or client may check this header for detecting accidental modification of the entity-body in transit.

Note that this can cause performance problems on your server since the message digest is computed on every request (the values are not cached). Content-MD5 is only sent for documents served by the core, and not by any module. For example, SSI documents, output from CGI scripts, and byte range responses do not have this header.”

To turn this on, just add ContentDigest On.


# Only if you use PHP
<ifmodule mod_php4.c>
php_value zlib.output_compression 16386


# Only if you use PHP
<ifmodule mod_php4.c>
php_flag magic_quotes_gpc off

トップ   編集 凍結 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS
Last-modified: 2011-03-23 (水) 20:19:43 (2193d)