Useful file .htaccess rules

I represent to your attention — a compilation of rules for .htaccess

When properly used, the configuration file of Apache web server — .htaccess (hypertext access) is a very powerful tool in a developer’s Toolbox. The usual, the file is located in the root directory of your web server (also may attend individual files in each folder — for access control) and can be corrected by using any text editor. In this article I will show you the most useful rules for .htaccess and explain why to use them.

Remember, that the following rules depends on the settings of your web server specified by the hoster. Some directives may be prohibited and does not work.

For these files you can use .htaccess, you must have set up a master configuration file (set the AllowOverride directive must be set to All). As a rule, the vast majority of hosters allow their htaccess files.
Forbid downloading of images from external sites

You are bored with people who post pictures published on your site — on their resources, thereby wasting your traffic and creating unnecessary load on your hosting? The code placed in the end of your .htaccess file will prevent loading your images from third-party sites
Options + FollowSymlinks # Forbid file downloads from external sites RewriteEngine On RewriteCond% {HTTP_REFERER}! ^ $ RewriteCond% {HTTP_REFERER}! ^ http://(www.)? domainname.com/[nc] RewriteRule. *.(gif | jpg | png) $ http://domainname.com/img/stop_stealing_bandwidth.gif [nc]

Options + FollowSymlinks
# Do not allow downloading of files from external websites
RewriteEngine On
RewriteCond% {HTTP_REFERER}! ^ $
RewriteCond% {HTTP_REFERER}! ^ http://(www.)? domainname.com/[nc]
Rewriterule. *.(gif | jpg | png) $ http://domainname.com/img/stop_stealing_bandwidth.gif [nc]

Do not forget to change the domainname.com on your domain name and create an image that will be displayed stop_stealing_bandwidth.gif instead of the requested image.
Create a blacklist of IP addresses (the ip ban)

Tired of spam comments, or a specific user? Just block the IP using the following code, you add to your .htaccess file.
# Create a blacklist of IP addresses allow from all deny from 145.186.14.122 deny from 124.15.

# Create a blacklist of IP addresses
allow from all
Deny from 145.186.14.122
Deny from 124.15.

Find IP address of commenters can or in the Apache logs or with services statistics. For WordPress, IP addresses of commentators can be seen in the Administrative Panel.
SEO-Friendly 301 Redirect

If you have transferred your domain name or want to redirect the user to a specific page (page), without sanction by the search engines, use this code:
# Set up the SEO-Friendly 301 Redirect Redirect 301/d/file.html http://www.domainname.com/r/file.html

# Set up the SEO-Friendly 301 Redirect
Redirect 301/d/file.html http://www.domainname.com/r/file.html

Don’t forget to change your domainname.com domain name and/d/file.html and/r/file.html to the relevant directories and pages.
Create custom error pages

Are you bored with the standard error pages? No problem, use the following code, you can easily create your page and show it to the user:
An ErrorDocument 401/error/401.html
An ErrorDocument 403/error/403.html
An ErrorDocument 404/error/404.html
An ErrorDocument 500/error/500.html

Don’t forget to create in the root directory of your server error folder and place it in the appropriate files.
Protect access to a file or directory

The following code allows you to deny access to any file — when you request an error 403 will be issued. For example, I closed the access to the .htaccess file, increasing the level of security of the site.
# Secure .htaccess file .htaccess files > < order allow, deny deny from all </files>

# Secure .htaccess file
< files > .htaccess
order allow, deny
Deny from all
</files>

Set default page

Usually the default page is index.html, but by using this code, you can set up a default any other page.
# Set alternative default page DirectoryIndex about.html

# Set alternative default page
DirectoryIndex about.html

Redirect from old domain to new

Using .htaccess, you can adjust the SEO-Friendly redirection from the old to the new domain name by adding the following code:
# Redirect from your old domain to the new RewriteEngine On RewriteRule ^ (. *) $ http://www.domainname.com/$ 1 [R = 301, L]

# Redirect from your old domain to the new
RewriteEngine On
RewriteRule ^ (. *) $ http://www.domainname.com/$ 1 [R = 301, L]

Uses a redirect if you transfer your existing site to a new domain name. In this case, any user who obtains the address bar http://www.olddomainname.com will be redirected to the http://www.domainname.com
Do not allow comments from users without Referrer on WordPress

Most spam bots directly to the file wp-comments-post.php, without going to the page of your blog entries. The code below allows you to lock the comments sent by users that came “out of nowhere”, allowing you to annotate those readers who have moved to a page on your blog with any other pages (for example, Google search results).
# Do not allow comments from users without Referrer RewriteEngine On RewriteCond% {, REQUEST_METHOD} POST RewriteCond% {REQUEST_URI}! wp-comments-post\.php * RewriteCond% {HTTP_REFERER}!.* yourblog.com. * [OR] RewriteCond% {HTTP_USER_AGENT} ^ $ RewriteRule ^ (. *) http://% {REMOTE_ADDR} $/[R = 301, L]

# Do not allow comments from users without Referrer
RewriteEngine On
RewriteCond% {, REQUEST_METHOD} POST
RewriteCond% {REQUEST_URI}! wp-comments-post\.php *
RewriteCond% {HTTP_REFERER}!.* yourblog.com. * [OR]
RewriteCond% {HTTP_USER_AGENT} ^ $
RewriteRule (. *) ^ http://% {REMOTE_ADDR} $/[R = 301, L]

Do not forget to replace yourblog.com on the domain name of your blog.
Protect website from hacker attacks

This code allows you to protect your site from scripts and unwanted modifications enjection _REQUEST and/or GLOBALS
# Include tracking SIM Options + FollowSymLinks reference # url_rewriting RewriteEngine On # run the Block all links that contain the <script> RewriteCond% {QUERY_STRING} (\ <|%3C).*script.*(\> |% 3E) [NC, OR] # Block all scripts that attempt to change PHP variables, Globals: RewriteCond% {QUERY_STRING} GLOBALS (= | \ [| \% [0-9A-Z] {0.2}) [OR] # Block all scripts that attempt to modify the variable _REQUEST: RewriteCond% {QUERY_STRING} _REQUEST (= | \ [| \% [0-9A-Z] {0.2}) # Redirect all of these to main page RewriteRule ^ (. *) $/[(F), L]
1

# Include tracking SIM links
Options + FollowSymLinks
# Url_rewriting Start
RewriteEngine On
# Block all links that contain the <script>
RewriteCond% {QUERY_STRING} (\ <|%3C).*script.*(\> |% 3E) [NC, OR]
# Block all scripts that attempt to change PHP Globals variables:
RewriteCond% {QUERY_STRING} GLOBALS (= | \ [| \% [0-9A-Z] {0.2}) [OR]
# Block all scripts that attempt to modify the variable _REQUEST:
RewriteCond% {QUERY_STRING} _REQUEST (= | \ [| \% [0-9A-Z] {0.2})
# Redirect all of these to the main page
Rewriterule ^ (. *) $/[F, L]

Enabling PHP in .HTML files

Another directive allows you to remove the default mapping .html and .htm files files with Hypertext Markup, and add their handling of php are.
RemoveHandler .html .htm AddType application/x-httpd-php .php .htm .html .phtml

RemoveHandler .html .htm
AddType application/x-httpd-php .php .htm .html .phtml

Protection from direct links to images with .htaccess

Hotlink (Hotlink) to insert a direct link images or files from one site to the other. This technique is used quite often, so for example, you have not enough space on the server to store the images and you are using a free service for storing image files, that is, upload a picture, get the URL and paste it into your website. In summary: you save a place for your site and use the bandwidth hosting