How to check whether mod_rewrite is enable on server?
from the command line, type sudo a2enmod rewrite if the rewrite mode is already enabled, it will tell you so!
.htaccess
Remove .php extension with .htaccess
Gumbo’s answer in the Stack Overflow question How to hide the .html extension with Apache mod_rewrite should work fine. Re 1) Change the .html to .php Re a.) Yup, that’s possible, just add #tab to the URL. Re b.) That’s possible using QSA (Query String Append), see below. This should also work in a sub-directory … Read more
deny directory listing with htaccess
Options -Indexes should work to prevent directory listings. If you are using a .htaccess file make sure you have at least the “allowoverride options” setting in your main apache config file.
.htaccess redirect http to https
I use the following to successfully redirect all pages of my domain from http to https: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Note this will redirect using the 301 ‘permanently moved’ redirect, which will help transfer your SEO rankings. To redirect using the 302 ‘temporarily moved’ change [R=302,L]
How to deny access to a file in .htaccess
Within an htaccess file, the scope of the <Files> directive only applies to that directory (I guess to avoid confusion when rules/directives in the htaccess of subdirectories get applied superceding ones from the parent). So you can have: <Files “log.txt”> Order Allow,Deny Deny from all </Files> For Apache 2.4+, you’d use: <Files “log.txt”> Require all … Read more
deny direct access to a folder and file by htaccess
I would just move the includes folder out of the web-root, but if you want to block direct access to the whole includes folder, you can put a .htaccess file in that folder that contains just: deny from all That way you cannot open any file from that folder, but you can include them in … Read more
Make .git directory web inaccessible
Put this in an .htaccess file at the root of your web server: RedirectMatch 404 /\.git This solution is robust and secure: it works for all .git directories in your site, even if there are more than one, also hides other Git files like .gitignore and .gitmodules works even for newly-added .git directories, and doesn’t … Read more
How to prevent http file caching in Apache httpd (MAMP)
Tried this? Should work in both .htaccess, httpd.conf and in a VirtualHost (usually placed in httpd-vhosts.conf if you have included it from your httpd.conf) <filesMatch “\.(html|htm|js|css)$”> FileETag None <ifModule mod_headers.c> Header unset ETag Header set Cache-Control “max-age=0, no-cache, no-store, must-revalidate” Header set Pragma “no-cache” Header set Expires “Wed, 11 Jan 1984 05:00:00 GMT” </ifModule> </filesMatch> … Read more
URL rewriting with PHP
You can essentially do this 2 ways: The .htaccess route with mod_rewrite Add a file called .htaccess in your root folder, and add something like this: RewriteEngine on RewriteRule ^/?Some-text-goes-here/([0-9]+)$ /picture.php?id=$1 This will tell Apache to enable mod_rewrite for this folder, and if it gets asked a URL matching the regular expression it rewrites it … Read more
Apache: client denied by server configuration
Apache 2.4.3 (or maybe slightly earlier) added a new security feature that often results in this error. You would also see a log message of the form “client denied by server configuration”. The feature is requiring an authorized user identity to access a directory. It is turned on by DEFAULT in the httpd.conf that ships … Read more