htaccess

FREE THOUGHT · FREE SOFTWARE · FREE WORLD

.htaccess (Hypertext Access) is the default name of Apache's directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions. ".htaccess iis" for windows, ".htaccess windows" and also look at sample .htaccess files to really get good at creating htaccess files.

The directive quick reference (below) shows the usage, default, status, and context of each Apache configuration directive. For more information about each of these, see the Directive Dictionary.

More .htaccess: Htpasswd, Htaccess Redirection, Htaccess Generators, Htaccess Redirect, Htaccess File FTP No Password, 302 Htaccess, Htaccess Instructions

Advanced WordPress wp-config.php Tweaks

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

· config · RSS | 3:23 AM

Protecting Files with Advanced Mod_Rewrite Anti-Hotlinking

If you have files on your site that you don’t want indexed by malicious search engines, grabbed and leeched by malicious spammers, or stolen and made available elsewhere, you can use mod_rewrite to drastically reduce or totally reduce that activity.

· block hotlinking · RSS | 1:09 AM

Crazy Advanced Mod_Rewrite Tutorial

Note: Extremely ILL Content
Find the key to unlocking mod_rewrite and you WILL be sick.. sick with a diamond disease on your wrist!

· cheatsheet · RSS | 12:55 PM

mod_rewrite Fix for Caching Updated Files

Web Developers sometimes use file.ext?v=004 as a version control system to force visitors to use updated files. This is terrible. Instead link to apache-003.css and set it to be cached forever. When you change the file you just change the links to apache-004.css. That eliminates millions of bandwidth and resource robbing If-Modified-Since requests. You only need Apache with mod_rewrite, and 1-10 minutes!

· apache · RSS | 9:20 AM

An AskApache Plugin Upgrade to Rule them All

So my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last… So for all of you who’ve helped me out by sending me suggestions and notifying me of errors and sticking with it… Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I’ve been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.

· Password Protection Plugin · RSS | 1:59 PM

PHP and AJAX shell console

Ever wanted to execute commands on your server through php? Now you can. I’m calling this file (see below) shell.php and it allows you to run commands on your web server with the same permissions that your php executable has.

· console · RSS | 9:01 PM

Advanced Htaccess Demo/Example using Cookies, Headers, Rewrites

Whoa pretty sweet huh? Bet you’ve never seen that before! As I explain the htaccess code that achieves this, keep in mind this is merely one simple application for this code. It’s much more advanced than your basic htaccess trick, notice how this htaccess acts like a php script, very unusual.. I really wanted to share this trick after I created it for one of my clients because this is the tip of the iceberg. Another use would be to display an alternate style sheet depending on a users theme preference. The coolest thing about this example IMHO is that it uses multiple advanced .htaccess ideas in order for it to work, most htaccess code on the net is very singular. This code uses mod_headers to set the Content-Disposition header for forcing a download and uses mod_rewrite to do the rest.

· content-type · RSS | 11:07 PM

Htaccess SEO Trends by Google

htaccess vs. httpd.conf

RSS | 2:10 AM

Advanced Htaccess – SSI, ErrorDocuments, DirectoryIndexing SEO

3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site’s error handling to the next level, enhanced ErrorDocuments that go beyond 404’s.

RSS | 4:02 AM

Password Protection Plugin Status

I wanted to address why the update to the AskApache Password Protection plugin didn’t happen pre-2009 as I had hoped.. Mostly due to my job but I thought I could at least fill you in. Oh and this is going to get very boring very fast, unless you’re ready to rumble in the zone.

· htaccess security · RSS | 1:39 PM

Ultimate Htaccess Tutorial for .htaccess files

This is not an introduction to .htaccess… This is the evolution of .htaccess… The BEST, the ORIGINAL, the NEWEST, and the most HIGHEST, FLYEST .htaccess tricks I can find.

Originally known as the “Ultimate .htaccess Guide”, its changed over the years by adding new .htaccess tricks and .htaccess examples to it.. I also add my favorite .htaccess links, the best .htaccess articles on AskApache, the coolest .htaccess experiments, the Web’s best .htaccess hacks, and update this article on the regular.

· tricks · RSS | 9:05 AM

Advanced .htaccess Tricks for Securing Sites

This is all new, experimental, and very very cool. It literally uses .htaccess techniques to create several virtual “locked gates” that require a specific key to unlock, in a specific order that cannot be bypassed. It uses whitelisting .htaccess tricks to specify exactly what is allowed, instead of trying to specify everything that isn’t allowed. Also, by setting specific cookies/tokens after successfully passing through a gate, we can then require the exact cookie/token from the previous gate, which stops an attacker from skipping or bypassing gates.

· security · RSS | 10:28 PM

Apache HTTPD and Module API Versions

A list of API Versions and the corresponding HTTPD Version, for use in determining the version of Apache currently running without having to rely on the often inaccurate SERVER_SOFTWARE Header.

· API_VERSION · RSS | 4:35 PM

.htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog

Well what can I say, other than this is sooo DOPE! Here is a list of the modules this plugin (version 4.7 unreleased) will automatically detect. I compiled the list myself using every module included with any default Apache installation for ALL the versions listed below, 1.3 to 2.2+

Want to know something else I’m including in this plugin? For each and every module that is detected, this plugin can then detect ALL of the modules .htaccess Directives! For instance, RewriteRule, AccessFileName, AddHandler, etc.. are each a directive belonging to a module that is allowed to be used from within .htaccess files.

Talk about sick.. these tricks have the diamond disease!

RSS | 10:18 AM

.htaccess trick to show Alternate CSS file based on IP

This past week I updated my sites apache.css file for a site-redesign. I wanted to make changes to the .css file that only I could see, so that my regular traffic and site-visitors would still see the old version. Here’s the elegant solution I came up with using .htaccess and mod_rewrite that works so well I’m sharing it with all you wonderful and incredible people reading my blog :)

RSS | 5:17 PM

Optimize a Website for Speed, Security, and Easy Management

Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I’m piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.

· web host · RSS | 8:45 PM

SEO Secrets of AskApache Part 2

This is part II of the Advanced SEO used on AskApache.com Series and describes how to control which urls are indexed by Search Engines and how to move them higher up in Search Results.

· advanced · RSS | 5:44 PM

Mod_Rewrite Variables Cheatsheet

We’ve figured out what mod_rewrite variables look like, a cheatsheet of the actual value.

· rewrite · RSS | 1:05 AM

Pimp out your FeedBurner Count

I’ve had a lot of people ask about the FeedBurner FeedCount image on AskApache. Specifically how to set it up with custom messages and different colors each page view… It is pretty sweet..

· Count · RSS | 4:50 AM

Notes from Apache HTTPD Source Code

thought I’d take a break from coding and post about how open-source is such a great tool for finding the best answers to the toughest questions,

/** is the status code informational */
#define ap_is_HTTP_INFO(x)         (((x) >= 100)&&((x) < 200))
/** is the status code OK ?*/
 
#define ap_is_HTTP_SUCCESS(x)      (((x) >= 200)&&((x) < 300))
/** is the status code a redirect */
#define ap_is_HTTP_REDIRECT(x)     (((x) >= 300)&&((x) < 400))
 
/** is the status code a error (client or server) */
#define ap_is_HTTP_ERROR(x)        (((x) >= 400)&&((x) < 600))
/** is the status code a client error  */
 
#define ap_is_HTTP_CLIENT_ERROR(x) (((x) >= 400)&&((x) < 500))
/** is the status code a server error  */
#define ap_is_HTTP_SERVER_ERROR(x) (((x) >= 500)&&((x) < 600))
 
/** is the status code a (potentially) valid response code?  */
#define ap_is_HTTP_VALID_RESPONSE(x) (((x) >= 100)&&((x) < 600))

· httpd.c · RSS | 3:08 AM

Securing php.ini and php.cgi with .htaccess

If you have a php.cgi or php.ini file in your /cgi-bin/ directory or other pub directory, try requesting them from your web browser. If your php.ini shows up or worse you are able to execute your php cgi, you’ll need to secure it ASAP. This shows several ways to secure these files, and other interpreters like perl, fastCGI, bash, csh, etc.

RSS | 11:01 PM

Smart HTTP and HTTPS .htaccess Rewrite

This is freaking sweet if you use SSL I promise you! Basically instead of having to check for HTTPS using a RewriteCond %{HTTPS} =on for every redirect that can be either HTTP or HTTPS, I set an environment variable once with the value “http” or “https” if HTTP or HTTPS is being used for that request, and use that env variable in the RewriteRule.

· redirection · RSS | 12:34 PM

Mod_Security .htaccess tricks

Mod_Security rivals Mod_Rewrite in the amount of features it provides. I decided to go ahead and post what I learned about it today, even though its tough to give away such awesome htaccess and apache tricks.. Learn how to control spam once and for all, conditionally log/deny/allow/redirect requests based on IP, username, etc.. Mod_Security is so fine!

· MODSEC · RSS | 2:17 AM

.Htaccess rewrites, Mod_Rewrite Tricks and Tips

htaccess rewrite / Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.

· Tips · RSS | 10:05 AM

Blocking Bad Bots and Scrapers with .htaccess

Want to block a bad robot or web scraper using .htaccess files? Here are 2 methods that illustrate blocking 436 various user-agents.

RSS | 11:04 AM

Apache SSL in htaccess examples

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com

Some of the Ins and Outs of using SSL Connections with Apache.

RSS | 9:31 PM

Fresh .htaccess Examples: Cookies, Variables, Custom Headers

Fresh .htaccess code for you! Check out the Cookie Manipulation and environment variable usage with mod_rewrite! I also included a couple Mod_Security .htaccess examples. Enjoy!

RSS | 12:46 PM

PHP Sessions/Cookies On The Fly

This article shows how to save and modify php session data, cookies, do anything really… without using ajax or iframes or forcing the user make a request.

· Sessions · RSS | 6:08 AM

Speed Tips: Add Cache-Control Headers

Using Cache-Control headers you can specify which types of proxies can cache certain content, and how long files should be cached.

RSS | 11:53 PM

Faster Form Submission and Processing with fsockopen

Part II: Example illustrating how to speed up GET/POST form submissions. Uses fsockopen to initiate a server-side background request to process the submitted data, so that the result page of the form is displayed to the client lightningly quick.

· php · RSS | 11:18 PM

Instruct Search Engines to come back to site after you finish working on it

Nifty SEO tip to get Search Engine Bots to check your site every hour until you finish working on it and tell them you are finished.

RSS | 12:35 AM

.htaccess mod_rewrite rewrite examples

A hit-list of some of my favorite mod_rewrite code snippets for .htaccess files

RSS | 3:38 PM

Preload flash .flv files into browser cache

How I was able to preload many flash flv and swf files on one of my clients sites that has a lot of online video and relatively small traffic. Their site visitors would usually watch 3-10 videos per visit and so to make the videos load almost instantly on every page I came up with a way to preload the top 10 .flv files and the swf flv player files as soon as the visitor successfully started watching the 1st video. Of course I also setup .htaccess caching on the server so that once they downloaded the files into their cache they would never request them from the server again. I was having fun with this so its pretty funky and uses some really cool combinations of javascript, swf preloader from xml, css classes to help automate it all..

· flash · RSS | 10:15 AM

Hacking WP Super Cache for Speed

A plugin built to generate static files from php+mysql for Apache to serve the way its supposed to be.. My dream. Conclusion: Needs some improvement, pretty sweet though.

· htaccess · RSS | 9:41 AM

Log all .htaccess/.htpasswd logins

Learn how to log and debug usernames and passwords used to login to a htaccess basic authorization protected website using php. This article is BOSS and will show you how to fully take control of this aspect of security using php and .htaccess, I don’t believe you will find instructions to do this anywhere else on the net.

· 401 · RSS | 9:20 PM

Skeleton .htaccess file for Powweb Hosting

If you have a Powweb Webhosting account, you will appreciate this simple skeleton .htaccess file for use on their systems.

· webhost · RSS | 5:05 AM

Redirecting RSS to Feedburner

FeedBurner is so RAD! I love it. Here’s an alternative method to redirect scrapers and feed requests to your feedburner url, in my case, I use Branding by feedburner, which is so hot, taking advantage of CNAMEs in your DNS record.

· feedburner · RSS | 8:05 PM

SetEnvIf and SetEnvIfNoCase Examples

SetEnv, SetEnvIf, and SetEnvIfNoCase directives conditionally set environment variables accessible by scripts and apache based on HTTP Headers, Variables, and Request information.

· setenvif · RSS | 1:36 PM

HTTP Status Codes and .htaccess ErrorDocuments

There are a total of 57 HTTP Status Codes recognized by the Apache Web Server. Wouldn’t you like to see what all those headers and their output, ErrorDocuments look like?

· Apache Status Codes · RSS | 3:56 PM

301 Redirect Cheatsheet

Ultimate Redirect Cheatsheet for multiple programming languages. Redirecting Users with Javascript redirect, meta refresh redirect, and php redirect, also htaccess methods, python, coldfusion, asp, perl, etc.

· redirection · RSS | 9:48 PM

AcceptPathInfo On|Off|Default: Resources accept trailing pathname information
Action action-type cgi-script [virtual]: Activates a CGI script for a particular handler or content-type
addalt: Alternate text to display for a file, instead of an icon selected by filename
AddAltByEncoding string MIME-encoding [ MIME-encoding ]: Alternate text to display for a file instead of an icon selected by MIME-encoding
addaltbytype: Alternate text to display for a file, instead of an icon selected by MIME content-type
AddCharset charset extension [ extension ]: Maps the given filename extensions to the specified content charset
adddefaultcharset: Default charset parameter to be added when a response content-type is text/plain or text/html
AddDescription string file [ file ]: Description to display for a file
addencoding: Maps the given filename extensions to the specified encoding type
AddHandler handler-name extension [ extension ]: Maps the filename extensions to the specified handler
addicon: Icon to display for a file selected by name
AddIconByEncoding icon MIME-encoding [ MIME-encoding ]: Icon to display next to files selected by MIME content-encoding
addiconbytype: Icon to display next to files selected by MIME content-type
AddInputFilter filter [; filter ...] extension [ extension ]: Maps filename extensions to the filters that will process client requests
addlanguage: Maps the given filename extension to the specified content language
addoutputfilter: Maps filename extensions to the filters that will process responses from the server
AddOutputFilterByType filter [; filter ...] MIME-type [ MIME-type ]: assigns an output filter to a particular MIME-type
addtype: Maps the given filename extensions onto the specified content type
Allow from all| host |env= env-variable [ host |env= env-variable ]: Controls which hosts can access an area of the server
Anonymous user [ user ]: Specifies userIDs that are allowed access without password verification
Anonymous_LogEmail On|Off: Sets whether the password entered will be logged in the error log
Anonymous_MustGiveEmail On|Off: Specifies whether blank passwords are allowed
Anonymous_NoUserID On|Off
Anonymous_VerifyEmail On|Off: Sets whether to check the password field for a correctly formatted email address
AuthBasicAuthoritative On|Off: Sets whether authorization and authentication are passed to lower level modules
AuthBasicProvider provider-name [ provider-name ]
AuthDBMGroupFile file-path: Sets the name of the database file containing the list of user groups for authorization
AuthDBMType default|SDBM|GDBM|NDBM|DB: Sets the type of database file that is used to store passwords
AuthDBMUserFile file-path: Sets the name of a database file containing the list of users and passwords for authentication
AuthDefaultAuthoritative On|Off: Sets whether authentication is passed to lower level modules
AuthDigestAlgorithm MD5|MD5-sess: Selects the algorithm used to calculate the challenge and response hashes in digest authentication
authdigestdomain: URIs that are in the same protection space for digest authentication
AuthDigestNonceFormat format
AuthDigestNonceLifetime seconds: How long the server nonce is valid
AuthDigestProvider provider-name [ provider-name ]
AuthDigestQop none|auth|auth-int [auth|auth-int]: Determines the quality-of-protection to use in digest authentication
AuthGroupFile file-path: Sets the name of a text file containing the list of user groups for authorization
AuthLDAPBindDN distinguished-name
AuthLDAPBindPassword password: Password used in conjuction with the bind DN
AuthLDAPCompareDNOnServer on|off: Use the LDAP server to compare the DNs
AuthLDAPDereferenceAliases never|searching|finding|always
AuthLDAPGroupAttribute attribute: LDAP attributes used to check for group membership
AuthLDAPGroupAttributeIsDN on|off: Use the DN of the client username when checking for group membership
AuthLDAPRemoteUserAttribute uid: Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable
AuthLDAPRemoteUserIsDN on|off: Use the DN of the client username to set the REMOTE_USER environment variable
AuthLDAPUrl url [NONE|SSL|TLS|STARTTLS]: URL specifying the LDAP search parameters
authname: Authorization realm for use in HTTP authentication
AuthType Basic|Digest
AuthUserFile file-path: Sets the name of a text file containing the list of users and passwords for authentication
AuthzDBMType default|SDBM|GDBM|NDBM|DB: Sets the type of database file that is used to store list of user groups
AuthzDefaultAuthoritative On|Off: Sets whether authorization is passed to lower level modules
AuthMergeRules on | off: Set to 'on' to allow the parent's <Directory> or <Location> authz rules to be merged into the current <Directory> or <Location>. Set to 'off' to disable merging. If set to 'off', only the authz rules defined in the current <Directory> or <Location> block will apply.
browsermatch: Sets environment variables conditional on HTTP User-Agent
browsermatchnocase: Sets environment variables conditional on User-Agent without respect to case
CGIMapExtension cgi-path .extension: Technique for locating the interpreter for CGI scripts
CharsetDefault charset
CharsetOptions option [ option ]: Configures charset translation behavior
CharsetSourceEnc charset
CheckCaseOnly on|off: Limits the action of the speling module to case corrections
CheckSpelling on|off: Enables the spelling module
ContentDigest On|Off: Enables the generation of Content-MD5 HTTP Response headers
CookieDomain domain: The domain to which the tracking cookie applies
CookieExpires expiry-period
CookieName token
CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965: Format of the cookie header field
CookieTracking on|off
defaulticon: Icon to display for files when no specific icon is configured
DefaultLanguage MIME-lang: Sets all files in the given scope to the specified language
defaulttype: MIME content-type that will be sent if the server cannot determine a type in any other way
Deny from all| host |env= env-variable [ host |env= env-variable ]: Controls which hosts are denied access to the server
DirectoryIndex local-url [ local-url ]: List of resources to look for when the client requests a directory
DirectorySlash On|Off: Toggle trailing slash redirects on or off
EnableMMAP On|Off: Use memory-mapping to read files during delivery
EnableSendfile On|Off
ErrorDocument error-code document: What the server will return to the client in case of an error
Example: Demonstration directive to illustrate the Apache module API
ExpiresActive On|Off
ExpiresByType: Value of the Expires header configured by MIME type
ExpiresDefault
fileetag: File attributes used to create the ETag HTTP response header
<Files filename > ... </Files>: Contains directives that apply to matched filenames
> ... </FilesMatch>: Contains directives that apply to regular-expression matched filenames
FilterChain [+=-@!] filter-name ...: Configure the filter chain
FilterDeclare filter-name [type]
FilterProtocol filter-name [ provider-name ] proto-flags: Deal with correct HTTP protocol handling
FilterProvider filter-name provider-name [req|resp|env]= dispatch match
ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback]: Action to take if a single acceptable document is not found
ForceType MIME-type |None: Forces all matching files to be served with the specified MIME content-type
header: Configure HTTP response headers
headername: Name of the file that will be inserted at the top of the index listing
> ... </IfDefine>: Encloses directives that will be processed only if a test is true at startup
> ... </IfModule>: Encloses directives that are processed conditional on the presence or absence of a specific module
> ... </IfVersion>: contains version dependent configuration
ImapBase map|referer| URL: [ http://servername/ | hsvd | B ]
imapdefault: Default action when an imagemap is called with coordinates that are not explicitly mapped
ImapMenu none|formatted|semiformatted|unformatted: Action if no coordinates are given when calling an imagemap
IndexIgnore file [ file ]: Adds to the list of files to hide when listing a directory
indexoptions: Various configuration settings for directory indexing
IndexOrderDefault Ascending|Descending Name|Date|Size|Description: Sets the default ordering of the directory index
IndexStyleSheet url-path
ISAPIAppendLogToErrors on|off: Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
ISAPIAppendLogToQuery on|off: Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
ISAPIFakeAsync on|off
ISAPILogNotSupported on|off: Log unsupported feature requests from ISAPI extensions
isapireadaheadbuffer: Size of the Read Ahead Buffer sent to ISAPI extensions
languagepriority: The precendence of language variants for cases where the client does not express a preference
LDAPTrustedClientCert type directory-path/filename/nickname [password]: Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
] ... > ... </Limit>: Restrict enclosed access controls to only certain HTTP methods
] ... > ... </LimitExcept>: Restrict access controls to all HTTP methods except the named ones
limitrequestbody: Restricts the total size of the HTTP request body sent from the client
LimitXMLRequestBody bytes
MetaDir directory: Name of the directory to find CERN-style meta information files
MetaFiles on|off
MetaSuffix suffix: File name suffix for the file containg CERN-style meta information
MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters]: The types of files that will be included when searching for a matching file with MultiViews
options: Configures what features are available in a particular directory
order: Controls the default access state and the order in which Allow and Deny are evaluated.
passenv: Passes environment variables from the shell
readmename: Name of the file that will be inserted at the end of the index listing
Redirect [ status ] URL-path URL: Sends an external redirect asking the client to fetch a different URL
redirectmatch: Sends an external redirect based on a regular expression match of the current URL
RedirectPermanent URL-path URL: Sends an external permanent redirect asking the client to fetch a different URL
redirecttemp: Sends an external temporary redirect asking the client to fetch a different URL
Reject entity-name [ entity-name ]: Rejects authenticated users or host based requests from accessing a resource
removecharset: Removes any character set associations for a set of file extensions
removeencoding: Removes any content encoding associations for a set of file extensions
removehandler: Removes any handler associations for a set of file extensions
removeinputfilter: Removes any input filter associations for a set of file extensions
removelanguage: Removes any language associations for a set of file extensions
removeoutputfilter: Removes any output filter associations for a set of file extensions
removetype: Removes any content type associations for a set of file extensions
RequestHeader set|append|merge|add|unset|edit header [ value ] [ replacement ] [early|env=[!] variable ]: Configure HTTP request headers
require: Selects which authenticated users can access a resource
RewriteBase URL-path: Sets the base URL for per-directory rewrites
RewriteCond TestString CondPattern
RewriteEngine on|off: Enables or disables runtime rewriting engine
RewriteOptions Options
RewriteRule Pattern Substitution [flags]: Defines rules for the rewriting engine
|max]: Limits the CPU consumption of processes launched by Apache children
RLimitMEM bytes |max [ bytes |max]: Limits the memory consumption of processes launched by Apache children
|max]: Limits the number of processes that can be launched by processes launched by Apache children
Satisfy Any|All: Interaction between host-level access control and user authentication
<SatisfyAll> ... </SatisfyAll>: Enclose a group of authorization directives that must all be satisfied in order to grant access to a resource. This block allows for 'AND' logic to be applied to various authorization providers.
<SatisfyOne> ... </SatisfyOne>: Enclose a group of authorization directives that must satisfy at least one in order to grant access to a resource. This block allows for 'OR' logic to be applied to various authorization providers.
ScriptInterpreterSource Registry|Registry-Strict|Script: Technique for locating the interpreter for CGI scripts
ServerSignature On|Off|EMail: Configures the footer on server-generated documents
SetEnv env-variable value: Sets environment variables
setenvif: Sets environment variables based on attributes of the request
setenvifnocase: Sets environment variables based on attributes of the request without respect to case
None: Forces all matching files to be processed by a handler
SetInputFilter filter [; filter ...]: Sets the filters that will process client requests and POST input
setoutputfilter: Sets the filters that will process responses from the server
SSIEnableAccess on|off: Enable the -A flag during conditional flow control processing.
ssierrormsg: Error message displayed when there is an SSI error
ssitimeformat: Configures the format in which date strings are displayed
SSIUndefinedEcho string
sslciphersuite: Cipher Suite available for negotiation in SSL handshake
SSLOptions [+|-]option: Configure various SSL engine run-time options
sslproxyciphersuite: Cipher Suite available for negotiation in SSL proxy handshake
SSLProxyVerify level: Type of remote server Certificate verification
sslproxyverifydepth: Maximum depth of CA Certificates in Remote Server Certificate verification
sslrequire: Allow access only when an arbitrarily complex boolean expression is true
SSLRequireSSL: Deny access when SSL is not used for the HTTP request
SSLUserName varname
SSLVerifyClient level: Type of Client Certificate verification
sslverifydepth: Maximum depth of CA Certificates in Client Certificate verification
unsetenv: Removes variables from the environment
XBitHack on|off|full: Parse SSI directives in files with the execute bit set

Someone's Reading

Good Causes

I'm Reading

Newest Posts

Random

Tech Topics

htaccess Guide

Website Speed Tips Series

Donate

Please consider donating to support active development of the free software and articles here.

The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect. Tim Berners-Lee

It's very simple - you read the protocol and write the code. -Bill Joy

↑ TOPExcept where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. HTTPD based on NCSA HTTPd