.htaccess使用說(shuō)明

發(fā)表于 1,638 PV

.htaccess可以做大量范圍的事情,包括:文件夾密碼保護(hù)、用戶自動(dòng)重新指向、自定義錯(cuò)誤頁(yè)面、變更你的文件擴(kuò)展名、屏蔽特定的用戶IP地址、只允許特定的IP地址、停止目錄表以及使用其他文件作為index文件,等等……

1. Introduction 介紹
文件名 .htaccess 屬性 644 (RW-R–R–)
htaccess會(huì)影響它所在目錄下的所有子目錄
注意大多數(shù)內(nèi)容都要求保持在一行之內(nèi),不要換行,否則會(huì)引起錯(cuò)誤

2. Error Documents 錯(cuò)誤文檔
Official document: ErrorDocument Directive
ErrorDocument code document
例子
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 404 http://yoursite/errors/notfound.html
ErrorDocument 401 “Authorization Required”
(注意之后內(nèi)容如果出現(xiàn)的雙引號(hào)需要轉(zhuǎn)義為 \”)
常見HTTP狀態(tài)碼
Successful Client Requests
200 OK
201 Created
202 Accepted
203 Non-Authorative Information
204 No Content
205 Reset Content
206 Partial Content
Client Request Redirected
300 Multiple Choices
301 Moved Permanently
302 Moved Temporarily
303 See Other
304 Not Modified
305 Use Proxy
Client Request Errors
400 Bad Request
401 Authorization Required
402 Payment Required (not used yet)
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable (encoding)
407 Proxy Authentication Required
408 Request Timed Out
409 Conflicting Request
410 Gone
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
Server Errors
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported

3. Password Protection 密碼保護(hù)
Official document: Authentication, Authorization and Access Control
假設(shè)密碼文件為.htpasswd
AuthUserFile /usr/local/safedir/.htpasswd (這里必須使用全路徑名)
AuthName EnterPassword
AuthType Basic
兩種常見驗(yàn)證方式:
Require user windix
(僅允許用戶windix登陸)
Require valid-user
(所有合法用戶都可登陸)
Tip: 如何生成密碼文件
使用htpasswd命令(apache自帶)
第一次生成需要?jiǎng)?chuàng)建密碼文件
htpasswd -c .htpasswd user1
之后增加新用戶
htpasswd .htpasswd user2

4. Enabling SSI Via htaccess 通過(guò)htaccess允許SSI(Server Side Including)功能
AddType text/html .shtml
AddHandler server-parsed .shtml
Options Indexes FollowSymLinks Includes
DirectoryIndex index.shtml index.html

5. Blocking users by IP 根據(jù)IP阻止用戶訪問(wèn)
order allow,deny
deny from 123.45.6.7
deny from 12.34.5. (整個(gè)C類地址)
allow from all

6. Blocking users/sites by referrer 根據(jù)referrer阻止用戶/站點(diǎn)訪問(wèn)
需要mod_rewrite模塊
例1. 阻止單一referrer: badsite.com
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badsite\.com [NC]
RewriteRule .* – [F]
例2. 阻止多個(gè)referrer: badsite1.com, badsite2.com
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badsite1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} badsite2\.com
RewriteRule .* – [F]
[NC] – 大小寫不敏感(Case-insensite)
[F] – 403 Forbidden
注意以上代碼注釋掉了”O(jiān)ptions +FollowSymlinks”這個(gè)語(yǔ)句。如果服務(wù)器未在 httpd.conf 的 段落設(shè)置 FollowSymLinks, 則需要加上這句,否則會(huì)得到”500 Internal Server error”錯(cuò)誤。

7. Blocking bad bots and site rippers (aka offline browsers) 阻止壞爬蟲和離線瀏覽器
需要mod_rewrite模塊
壞爬蟲? 比如一些抓垃圾email地址的爬蟲和不遵守robots.txt的爬蟲(如baidu?)
可以根據(jù) HTTP_USER_AGENT 來(lái)判斷它們
(但是還有更無(wú)恥的如”中搜 zhongsou.com”之流把自己的agent設(shè)置為 “Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)” 太流氓了,就無(wú)能為力了)
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* – [F,L]
[F] – 403 Forbidden
[L] – ?

8. Change your default directory page 改變?nèi)笔∧夸涰?yè)面
DirectoryIndex index.html index.php index.cgi index.pl

9. Redirects 轉(zhuǎn)向
單個(gè)文件
Redirect /old_dir/old_file.html http://yoursite.com/new_dir/new_file.html
整個(gè)目錄
Redirect /old_dir http://yoursite.com/new_dir
效果: 如同將目錄移動(dòng)位置一樣
http://yoursite.com/old_dir -> http://yoursite.com/new_dir
http://yoursite.com/old_dir/dir1/test.html -> http://yoursite.com/new_dir/dir1/test.html
Tip: 使用用戶目錄時(shí)Redirect不能轉(zhuǎn)向的解決方法
當(dāng)你使用Apache默認(rèn)的用戶目錄,如 http://mysite.com/~windix,當(dāng)你想轉(zhuǎn)向 http://mysite.com/~windix/jump時(shí),你會(huì)發(fā)現(xiàn)下面這個(gè)Redirect不工作:
Redirect /jump http://www.google.com
正確的方法是改成
Redirect /~windix/jump http://www.google.com
(source: .htaccess Redirect in “Sites” not redirecting: why?
)

10. Prevent viewing of .htaccess file 防止.htaccess文件被查看
order allow,deny
deny from all

11. Adding MIME Types 添加 MIME 類型
AddType application/x-shockwave-flash swf
Tips: 設(shè)置類型為 application/octet-stream 將提示下載

12. Preventing hot linking of images and other file types 防盜鏈
需要mod_rewrite模塊
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www/\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|js|css)$ – [F]
解析:
若 HTTP_REFERER 非空 (來(lái)源為其他站點(diǎn),非直接連接) 并且
若 HTTP_REFERER 非(www.)mydomain.com開頭(忽略大小寫[NC]) (來(lái)源非本站)
對(duì)于所有含有 .gif/.jpg/.js/.css 結(jié)尾的文件給出 403 Forbidden 錯(cuò)誤[F]
也可指定響應(yīng),如下例顯示替換圖片
RewriteRule \.(gif|jpg)$
[R,L]
[R] – 轉(zhuǎn)向(Redirect)
[L] – 連接(Link)

13. Preventing Directory Listing 防止目錄列表時(shí)顯示
IndexIgnore *
IndexIgnore *.jpg *.gif
Tips:
允許目錄列表顯示: Options +Indexes
禁止目錄列表顯示: Options -Indexes
顯示提示信息: 頁(yè)首 文件HEADER, 頁(yè)尾 文件README

轉(zhuǎn)自:21Andy.com