- Accidental Creative
- Adapting to Web Standards: CSS and Ajax for Big Sites
- Art of Non-Conformity
- Art of Readable Code
- Back to the User: Creating User-Focused Web Sites
- Beginning PHP6, Apache, MySQL Web Development
- Books to Read
- Born For This
- Complete E-Commerce Book
- Content Inc
- Core PHP Programming
- CSS3: Pushing the Limits
- Dealing with Difficult People
- Defensive Design for the Web
- Deliver First Class Web sites
- Design for Hackers: Reverse-Engineering Beauty
- Designing Web Interfaces
- Designing Web sites that Work: Usability for the Web
- Designing with Progressive Enhancement
- Developing Large Web Applications
- Eat That Frog
- Economics of Software Quality
- Elements of User Experience
- Epic Content Marketing
- Extending Bootstrap
- Flexible Web Design
- Flexible Web Layouts
- Inmates Are Running the Asylum
- jQuery Pocket Reference
- Letting Go of the Words
- Making Every Meeting Matter
- Manage Your Day to Day
- Official Ubuntu Book
- Organized Home
- PHP In a NutShell
- PHP Refactoring
- PHP5 CMS Framework Development
- PHP6 and MySQL Bible
- Privacy Policy
- Responsive Web Design
- Responsive Web Design with HTML and CSS3
- Rules of Thumb
- Saleable Software
- Securing PHP Web Applications
- Simple and Usable Web, Mobile and Interaction Design
- Smart Organizing
- Submit Now: Designing Persuasive Web sites
- The Life-changing Magic of Tidying up
- UI and UX and Design
- Web site Usability
- Web Site Usability: A Designer's Guide
- Web Word Wizardy
- Work for Money, Design for Love
- Blogs
- Checklists I Have Collected or Created
- Color in Web Design
- Crafts To Do
- Database and Data Relations Checklist
- Ecommerce Website Checklist
- My Front End UI Checklist
- New Client Needs Analysis
- Newsletters I Read
- Puzzles
- Style Guides
- User Review Questions
- Web Designer's SEO Checklist
- Web site Review
- Website Code Checklist
- Website Final Approval Form
- Writing Content For Your Website
- Writing Styleguide
- Writing Tips
- Complete Book of Potatoes
- Creating Custom Soil Mixes for Healthy, Happy Plants
- Edible Forest Garden
- Garden Design
- Gardening Tips and Tricks
- Gardens and History
- Herbs
- Houseplants
- Light Candle Levels
- My Garden
- My Garden To Plant
- Organic Fertilizers
- Organic Gardening in Alberta
- Plant Nurseries
- Planting Tips and Ideas
- Root Cellaring
- Way We Garden Now
- Beautiful No-Mow Lawns
- Beginner's Guide to Heirloom Vegetables
- Best of Lois Hole
- Eradicate Invasive Plants
- Gardening Books to Read
- Grow Organic
- Guerilla Gardening
- Indoor Gardening: The Organic Way
- Real Gardens Grow Natives
- Seed Underground
- Thrifty Gardening from the Ground Up
- Veggie Garden Remix
- Weeds
- What Grows Here
- Activities for Kids
- Baking & Cooking Tips
- Can I Get that on Sale?
- Cleaning Tips and Tricks
- Compound Time
- Crafts
- Crafts for Kids
- Household Tips
- Inspiration
- Interesting
- Interior Design
- Latin Phrases
- Laundry Tips
- Learn Something New
- Links, Information, and Cool Videos - Stuff for My Kids
- Organizing
- Quotes
- Reading List
- Renovations
- Silly Sites
- Videos to Watch
- YouTube Hacks
- Accessibility
- CSS Frameworks
- CSS Reading List
- htaccess files
- HTML Tips and Tricks
- Javascript (and jQuery)
- Landing Page Tips
- More Information on CSS
- MySQL and Databases
- Navigation
- Responsive Design
- Robots.txt File
- Security and Secure Websites
- Web Design and Development
- Web Design Tools
- Website Testing Checklist
- Writing for the Web
- Writing Ideas for your website
- Animations and Interactions
- Being a Better Designer
- Bootstrap Resources
- Colour
- CSS Preprocessors: Sass and Less
- CSS Tips Tricks
- Designing User Interfaces
- Font & Typographical Inspiration
- Fonts, Typography, Letters & Symbols
- Icons
- Logo Designs
- Photoshop Tips and Tricks
- Sketch
- UX and UI and Design Reading List
- Web Forms
Block Access to Hidden Files and Directories
We try to push our code to productions servers without hidden files and directors, like our revision system directors, but that doesn't always happen. This snippet prevents those files from being accessible:
RewriteCond %{SCRIPT_FILENAME} -d [OR] RewriteCond %{SCRIPT_FILENAME} -f RewriteRule "(^|/)\." - [F]
General Tips
This lets google crawl the page, lets me access without a password, and lets my client access the page WITH a password. It also allows for XHTML and CSS validation! (w3.org)
AuthName "Under Development"
AuthUserFile /web/sitename.com/.htpasswd
AuthType basic
Require valid-user
Order deny,allow
Deny from all
Allow from 208.113.134.190 w3.org htmlhelp.com googlebot.com
Satisfy Any
Redirect non-https requests to https server and ensure that .htpasswd authorization can only be entered across HTTPS
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "askapache.com"
ErrorDocument 403 https://askapache.com
block visitors referred from indicated domains
RewriteEngine on
RewriteCond %{HTTP_REFERER} scumbag\.com [NC,OR]
RewriteCond %{HTTP_REFERER} wormhole\.com [NC,OR]
RewriteRule .* - [F]
Redirect to a New File
Redirect 301 /old/file.html http://www.askapache.com/new/file.html
SSL wildcard use with subdomains
In the .htaccess file in your public_html directory, for each subdomain that needs an SSL certificate, you will need to add the following:
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^sub\.domain\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/sub/
RewriteRule ^(.*) /sub/$1
You'll want to replace sub with the appropriate data, of course.
For each subfolder you need the same lines, for example for sub1 and sub2
RewriteEngine on
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^sub1\.domain\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/sub1/
RewriteRule ^(.*) /sub1/$1
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST} ^sub2\.domain\.com$ [NC]
RewriteCond %{REQUEST_URI} !^/sub2/
RewriteRule ^(.*) /sub2/$1
In case you need to redirect all HTTP request to HTTPS you can add after rewriteengine on
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
Securing Your sites - good htaccess ideas
Web Designer Issue 210
//step10//
//code//
order allow,deny
deny from all
//code//
# prevent directory browsing
Options -Indexes
//step17//
//code//
# return 403 Forbidden when someone puts script tags or GLOBALS or _REQUEST stuff in the URL
#
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
Use htaccess file to secure configuration files
Options -Indexes
order allow,deny
deny from all
order allow,deny
deny from all
Further Reading
The Answers to all your concerns about the Spam in Google Analytics
Advanced PHP Error Handling via htaccess : Perishable Press
Stupid htaccess Tricks | Perishable Press
Book Store | .htaccess made easy this is a book
- .Htaccess Redirect Generator
- Free htaccess redirect generator for directory, pages, apache https to http, 301 redirects,302, 404, password, 500, ip blocking,hotlinks, error pages rewrite rules online.
- How do I Force my Website to use SSL? | Web Hosting Hub
- Redirect customers to the secure https version of your website, you can modify your .htaccess to handle the redirect.
-
http://www.askapache.com/htaccess/apache-ssl-in-htaccess-examples.html
http://www.askapache.com/htaccess/ssl-example-usage-in-htaccess.html#redirect-http-to-https
This page contains information I gathered and thought were very useful. See more notes on the web.
Just to let you know, this page was last updated Monday, Feb 18 19