.Htaccess mit Onkel Bello
|
Informationen über: .HTACCESS : MOD_REWRITE : URL-REWRITE : 301 REDIRECT |
|
man kann mit dem folgenden einfachen htaccess Code die Seite außer
eigene IP-Adresse sperren. Die anderen Besucher sehen nur Wartungs.html
(die in Rootverzeichnis des Shops angelegt ist) RewriteEngine On RewriteCond %{REMOTE_ADDR} !=87.202.450.94 RewriteCond %{REQUEST_URI} !=/wartung.html [NC] RewriteRule ^(.*)$ /wartung.html [R=302,NC,L] (IP-Adresse gegen eigene IP ersetzen) |
|
Informationen über: .HTACCESS : MOD_REWRITE : URL-REWRITE : 301 REDIRECT |
Gleich vorweg.: die GELÄUFIGSTE Variante für die Shopbetreiber von Ecombase
ist die "301 Redirect Permanent". Die schaut dann so aus.
|
RewriteEngine on
|
Für Menschen mit "Sehschwäche"....
|
RewriteEngine on
|
Man trägt das OBEN in die Datei ".htaccess" ein, die auf dem Shop Root Verzeichniss liegt !
Damit verhindert man doppelten Content und die "Redirect Permanent" Anweisung gibt den
oft doppelten PR dann an die EINE Zieldomain weiter. Geht auch ohne Permanent, dann dauert das halt nen Moment.
|
Informationen über: .HTACCESS : MOD_REWRITE : URL-REWRITE : 301 REDIRECT |
Die HTACCESS kann aber wie gesagt noch mehr. Eines der Probleme die man mit der .htaccess lösen kann ist es,
die Proxy Server in die gerne die Konkurenz mal die eigene Seite einträgt und dann wo Bookmarkt per .htaccess zu
blocken. So werden Fremdzugriffe diverser Server [PROXYS] gesperrt und man spart sich das Ärgern über DC [Doppelter
Content] der so entstehen kann.
Praktisch sieht der Teil der .htaccess dann so aus.:
|
Order deny,allow |
|
Informationen über: .HTACCESS : MOD_REWRITE : URL-REWRITE : 301 REDIRECT |
Eine weitere Möglichkeit diverse Spammer, Seiten die man nicht haben will auszusperren sieht so aus.
|
RewriteEngine On RewriteCond %{HTTP_HOST} ^ecombase\.de$ [NC] RewriteRule .* http://www.google.de/ [L,NC,QSA] |
Spassig vor allem. Selbst Yasni & Co können gerne Daten sammel wie sie wollen, in dem Moment wo Google
und Spider dem Yasni Link folgen, werden die einfach wieder zurück nach Google oder sonstwo geleitet - der
BOT/SPIDER merkt also, dass da was nicht stimmen kann. Besucher werden nach der Yasni Dubletten Sammlung
der eigenen Seite dann über Google zu Deiner Seite kommen. Alle Leute die zB von Yasni kommen - SEHEN NIX
und werden sich fragen, was das soll.
|
Informationen über: .HTACCESS : MOD_REWRITE : URL-REWRITE : 301 REDIRECT |
|
|
.HTACCESS + .HTPASSWD :: HELP FOR ALL SCRIPTS!
.htaccess .htpasswd help and examples!
I hope this helps those having issues with either Nulled! or Purchased scripts!
Please have a read of the resources below. They will definetly shine some light on issues you may be having.
If you like what you find here, please take the time to show your appreciation by either clicking thanks, or downloading this thread as a file.
Cheers!
Bandwidth Meter 3.2.0.699 + Fix - 1.1mb
Building Telephony Systems with Asterisk eBook - 0.8mb
Building Websites With Joomla eBook - 7mb
----------------------------------------------------------
:: Primary Resources ::
Create HTACCESS files + HTPASSWD files, visit this link:
http://www.htaccesseditor.com/en.shtml
or for something a little more advanced, try this page:
http://www.linuxkungfu.org/tools/htaccesser/
https://www.login.mtu.edu/tools/public/htac...r/htaccess.html
|
|
Here is a REALLY REALLY good resource for .HTACCESS and .HTPASSWD:
htaccess Cheatsheet
Here is a simple cheatsheet for the .htaccess file:
Enable Directory Browsing
Options +Indexes
## block a few types of files from showing
IndexIgnore *.wmv *.mp4 *.avi
Disable Directory Browsing
Options All -Indexes
Customize Error Messages
ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.html
Get SSI working with HTML/SHTML
AddType text/html .html
AddType text/html .shtml
AddHandler server-parsed .html
AddHandler server-parsed .shtml
# AddHandler server-parsed .htm
Change Default Page (order is followed!)
DirectoryIndex myhome.htm index.htm index.php
Block Users from accessing the site
<limit GET POST PUT>
order deny,allow
deny from 202.54.122.33
deny from 8.70.44.53
deny from .spammers.com
allow from all
</limit>
Allow only LAN users
order deny,allow
deny from all
allow from 192.168.0.0/24
Redirect Visitors to New Page/Directory
Redirect oldpage.html http://www.domainname.com/newpage.html
Redirect /olddir http://www.domainname.com/newdir/
|
|
Block site from specific referrers
RewriteEngine on
RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]
RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]
RewriteRule .* - [F]
Block Hot Linking/Bandwidth hogging
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]
Want to show a “Stealing is Bad” message too?
Add this below the Hot Link Blocking code:
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/dontsteal.gif [R,L]
Stop .htaccess (or any other file) from being viewed
<files file-name>
order allow,deny
deny from all
</files>
Avoid the 500 Error
# Avoid 500 error by passing charset
AddDefaultCharset utf-8
Grant CGI Access in a directory
Options +ExecCGI
AddHandler cgi-script cgi pl
# To enable all scripts in a directory use the following
# SetHandler cgi-script
Password Protecting Directories
Use the .htaccess Password Generator and follow the brief instructions!
Change Script Extensions
AddType application/x-httpd-php .gne
gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc.
Use MD5 Digests
Performance may take a hit but if thats not a problem, this is a nice option to turn on.
ContentDigest On
The CheckSpelling Directive
From Jens Meiert: CheckSpelling corrects simple spelling errors (for example, if someone forgets a letter or if any character is just wrong). Just add CheckSpelling On to your htaccess file.
|
|
The ContentDigest Directive
As the Apache core features documentation says: “This directive enables the generation of Content-MD5 headers as defined in RFC1864 respectively RFC2068. The Content-MD5 header provides an end-to-end message integrity check (MIC) of the entity-body. A proxy or client may check this header for detecting accidental modification of the entity-body in transit.
Note that this can cause performance problems on your server since the message digest is computed on every request (the values are not cached). Content-MD5 is only sent for documents served by the core, and not by any module. For example, SSI documents, output from CGI scripts, and byte range responses do not have this header.”
To turn this on, just add ContentDigest On.
Save Bandwidth
# Only if you use PHP
<ifmodule mod_php4.c>
php_value zlib.output_compression 16386
</ifmodule>
Turn off magic_quotes_gpc
# Only if you use PHP
<ifmodule mod_php4.c>
php_flag magic_quotes_gpc off
</ifmodule>
----------------------------------------------------------
Additional resource 1:
http://www.clockwatchers.com/htaccess_tool.html
----------------------------------------------------------
Additional resource 2:
See this - http://uk.php.net/function.fopen
Then this - http://uk.php.net/manual/en/function.fwrite.php
And this - http://uk.php.net/manual/en/function.fclose.php
----------------------------------------------------------
Example 1:
https://scripts.34sp.com/htpasswd/index.php
----------------------------------------------------------
Example 2:
http://cwebd.co.uk/tools.php
|
|
Example 3:
Simple User/pass generator
http://support.kkeim.com/utilities/htaccess/index.html
----------------------------------------------------------
F.A.Q.
Frequently Asked Questions
Q: What should I enter as the path?
A: ".htpasswd" is a text file that is used to contain your usernames and encrypted passwords. Enter the path you will be placing your .htpasswd file (which contains the usernames/passwords) on the server. It should be a non user accessible location, such as directly above your public HTML folder. This is to prevent visitors from directly viewing this file in their web browser.
Q: How can I find out my server path?
A: If you're on a Linux server and have access to telnet/ssh, simply login and type the command "pwd." This will output your current absolute path, giving you enough information to construct the rest. Or simply ask your web host for this information.
Q: What should I enter to protect, if anything?
A: If you wish your .htaccess file to password protect individual files within a directory, instead of the entire directory (default), enter the files names in this field, each separated by a comma if more than 1 file. Otherwise, leave blank as is.
Q: I've uploaded my .htaccess and .htpasswd files to the correct locations, but when I try and enter my username/password to enter the protected area, it still wouldn't let me in!
A: Make sure you've in fact uploaded your .htpasswd to the location as specified in the "AuthUserFile" line inside .htaccess. For example:
AuthUserFile /home/mysite/.htpasswd
As mentioned, in Linux you can type "pwd" in telnet/SSH to find out your server's root directory (ie: /home/mysite). If the location is incorrect and your server can't properly locate .htpasswd, the username and password contained within this file won't be recognized either, and you are locked out. Regardless, you can reverse any changes and unpassword protect your directory simply by deleting the .htaccess file you uploaded to that directory.
[b]Q: How come after I've uploaded my .htaccess file via FTP, I can no longer see it in FTP?
A: Depending on your server configuration, files such as .htaccess may be hidden from view in FTP. In WS_FTP for example, there is a blank box on the upper right of the screen (right under the "MkDIr" button) that allows you to input optional parameters. Simply enter "-a" and Refresh the view again to reveal your .htaccess file.
Q: Where can I learn more about .htaccess and its other features?
A: For an excellent tutorial on .htaccess, see: Comprehensive Guide to .htaccess.
http://www.javascriptkit.com/howto/htaccess.shtml
