Cheatsheet
cheatsheet for the .htaccess file †ディレクトリ参照を許可 †Options +Indexes ## block a few types of files from showing IndexIgnore *.wmv *.mp4 *.avi ディレクトリ参照を不可 †Options All -Indexes エラーメッセージのカスタマイズ †ErrorDocument 403 /forbidden.html ErrorDocument 404 /notfound.html ErrorDocument 500 /servererror.html HTML/SHTMLでのSSI動作 †AddType text/html .html AddType text/html .shtml AddHandler server-parsed .html AddHandler server-parsed .shtml # AddHandler server-parsed .htm デフォルトページの変更 †定義順に従う DirectoryIndex myhome.htm index.htm index.php 他サイトからのアクセスをブロック †<limit GET POST PUT> order deny,allow deny from 202.54.122.33 deny from 8.70.44.53 deny from .spammers.com allow from all </limit> LANユーザのみ許可 †order deny,allow deny from all allow from 192.168.0.0/24 新ページ/ディレクトリへ訪問者をリダイレクト †Redirect oldpage.html http://www.domainname.com/newpage.html Redirect /olddir http://www.domainname.com/newdir/ 特定のリファラによる他サイトからのアクセスをブロック †RewriteEngine on RewriteCond %{HTTP_REFERER} site-to-block\.com [NC] RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC] RewriteRule .* - [F] Block Hot Linking/Bandwidth hogging †RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC] RewriteRule \.(gif|jpg)$ - [F] Want to show a “Stealing is Bad” message too? †Add this below the Hot Link Blocking code: RewriteRule \.(gif|jpg)$ http://www.mydomain.com/dontsteal.gif [R,L] .htaccess(またはその他のファイル)を参照不可に †<files file-name> order allow,deny deny from all </files> 500 Errorを回避 †# Avoid 500 error by passing charset AddDefaultCharset utf-8 ディレクトリにCGIアクセス権を付与 †Options +ExecCGI AddHandler cgi-script cgi pl # To enable all scripts in a directory use the following # SetHandler cgi-script ディレクトリをパスワードで保護 †Use the .htaccess Password Generator and follow the brief instructions! スクリプトの拡張子を変更 †AddType application/x-httpd-php .gne gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc. MD5ダイジェストを使用 †Performance may take a hit but if thats not a problem, this is a nice option to turn on. ContentDigest On ディレクティブのスペルチェック †From Jens Meiert: CheckSpelling corrects simple spelling errors (for example, if someone forgets a letter or if any character is just wrong). Just add CheckSpelling On to your htaccess file. The ContentDigest Directive As the Apache core features documentation says: “This directive enables the generation of Content-MD5 headers as defined in RFC1864 respectively RFC2068. The Content-MD5 header provides an end-to-end message integrity check (MIC) of the entity-body. A proxy or client may check this header for detecting accidental modification of the entity-body in transit. Note that this can cause performance problems on your server since the message digest is computed on every request (the values are not cached). Content-MD5 is only sent for documents served by the core, and not by any module. For example, SSI documents, output from CGI scripts, and byte range responses do not have this header.” To turn this on, just add ContentDigest On. 帯域を保持 †# Only if you use PHP <ifmodule mod_php4.c> php_value zlib.output_compression 16386 </ifmodule> magic_quotes_gpcはoff †# Only if you use PHP <ifmodule mod_php4.c> php_flag magic_quotes_gpc off </ifmodule> |