Manipulating HTTP Headers with htaccess

FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Manipulating HTTP Headers with htaccess

Apache .htaccess and httpd.conf have the power to send and manipulate HTTP Header Requests and responses like sending P3P privacy headers, Content-Type: UTF-8, Content-Language: en-US, etc. The power is immense and you can do some really cool stuff with HTTP Headers!

Check out my advanced HTTP Header Viewer and Manipulator – Free Online Tool.

| .htaccess Tutorial Index |

Custom HTTP Headers

Any time you see a meta tag of type “http-equiv” you can replace it with a real header in htaccess

100% Prevent Files from being cached

This is similar to how google ads employ the header Cache-Control: private, x-gzip-ok="" to prevent caching of ads by proxies and clients.

<FilesMatch "\.(html|htm|js|css)$">
FileETag None
<IfModule mod_headers.c>
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"
</IfModule>
</FilesMatch>

Remove IE imagetoolbar

<FilesMatch "\.(html|htm)$">
<IfModule mod_headers.c>
Header set imagetoolbar "no"
</IfModule>
</FilesMatch>

Add P3P Privacy Headers to your site

Adding a P3P header to your site is a good idea, do this.

<IfModule mod_headers.c>
Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"NOI DSP COR NID CUR ADM DEV OUR BUS\""
# OR THIS, SIMPLER
Header set P3P "policyref=\"/w3c/p3p.xml\""
</IfModule>

Add a “en-US” language header and “UTF-8″ without meta tags!

Article: Setting Charset in htaccess

AddDefaultCharset UTF-8
AddLanguage en-US .html .htm .css .js

Using AddType

AddType 'text/html; charset=UTF-8' .html

Using the Files Directive

Article: Using ‘Files’ in htaccess

<Files ~ "\.(htm|html|css|js)$">
AddDefaultCharset UTF-8
DefaultLanguage en-US
</Files>

Using the FilesMatch Directive

Article: Using ‘FilesMatch’ in htaccess

<FilesMatch "\.(htm|html|css|js)$">
AddDefaultCharset UTF-8
DefaultLanguage en-US
</FilesMatch>

htaccess Guide Sections

| .htaccess Tutorial Index |

«
»

Skip to Comments

Add Your Opinion

Reader Comments

  1. Tylan ~

    Does this work for EXE files as well?

  2. Tylan ~

    Will the Prevent Caching 100% work for executables? I have an EXE on our site that I use for remote support. I frequently update it, but I want to make sure that that my end users always download the current version, and not one in their cache.

    Tylan

  3. WiserX ~

    I surf the net for an easy to understand guide on htaccess.

    Finally i have a deeper idea on htaccess with your guide.

    Intelligent work. Thanks.

  4. AskApache ~

    @ Jackson

    Thanks for spotting that, I updated the .htaccess example code above to use the IfModule directive to prevent the 500 Errors, nice one bro.

  5. Mike ~

    Thank you for this amazing wealth of knowledge! It’s more definitive (and easier to understand) than the main apache and php.net forums.

    QUESTION:
    You suggest “prevent file caching” to speed up a site. Doesn’t turning OFF caching slow down the site? Seems it’s faster to pull a file from cache than request it …unless I’m missing or confusing this with something else?

    Thanks again! -Mike

  6. Jackson ~

    Just a note for “100% Prevent Files from being cached“:
    You need to enable mod_headers otherwise it drops

    500 Internal Server Error

  7. Brian’s Web Design ~

    I’m just wondering about this P3P. I read about it, and was wondering if any browser implements this?

  8. johnny ~

    I have multiple folders inside an assets folder that contain mp3 & swf files that I do not want to cache. this is my htaccess code not sure if im using it correctly

    RewriteEngine on
rewritecond %{http_host} ^ninjatactics.net [nc]
rewriterule ^(.*)$ http://www.ninjatactics.net/$1 [r=301,nc]
 
FileETag None
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, private"
Header set Pragma "no-cache"
Header set Expires "0"
  9. AskApache ~

    @ johnny

    use the http header viewer tool to see if its working, if not then paste your .htaccess

  10. johnny ~

    i am using the “100% Prevent Files from being cached” htaccess code but not sure i am using it correctly. I created the file in placed it in the root directory. do i need to specify where my files are locate in the htaccess file?

  11. AskApache ~

    @ Daniel

    Works for me.. the http-equiv meta tag literally means http header equivelant. http header is better of course.

  12. Daniel ~

    imagetoolbar = no
    doesn’t works, you have to specify the “http-equiv” explicitly. Why that?

  13. karel ~

    Does ‘100% Prevent Files from being cached’ also works for websites displaying ads in an php environment instead of html?


It's very simple - you read the protocol and write the code. -Bill Joy

HTML | DCMI | GRDDL | XOXO | XDMP | XFN | DOM | XML | XHTML 1.1 Strict | CSS 2.1 | W3C | TLDP | WAI | DISA | ICSI | GIAC | SANS RR | GHOST | DEFCON | NIST | DHS CYBER | NIST | .:: Phrack Magazine ::.

↑ TOPExcept where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. HTTPD based on NCSA HTTPd

Site Map | Contact Webmaster | Email AskApache | Glossary | License and Disclaimer | Terms of Service