Search For rewritecond

Advanced WordPress wp-config.php Tweaks

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

Tagged: admin, advanced, Cookies, debugging, htaccess, mod_rewrite, PHP, phpinfo, WordPress, wp-config.php | 4 Comments | Continue...

---

---

---

Protecting Files with Advanced Mod_Rewrite Anti-Hotlinking

If you have files on your site that you don’t want indexed by malicious search engines, grabbed and leeched by malicious spammers, or stolen and made available elsewhere, you can use mod_rewrite to drastically reduce or totally reduce that activity.

1 Comment | Continue...

---

Crazy Advanced Mod_Rewrite Tutorial

Note: Extremely ILL Content
Find the key to unlocking mod_rewrite and you WILL be sick.. sick with a diamond disease on your wrist!

Tagged: advanced, askapache, cheatsheet, howto, htaccess, htaccess rewrite, mod_rewrite, tutorial | 19 Comments | Continue...

---

mod_rewrite Fix for Caching Updated Files

Web Developers sometimes use file.ext?v=004 as a version control system to force visitors to use updated files. This is terrible. Instead link to apache-003.css and set it to be cached forever. When you change the file you just change the links to apache-004.css. That eliminates millions of bandwidth and resource robbing If-Modified-Since requests. You only need Apache with mod_rewrite, and 1-10 minutes!

Tagged: Cache, Cache-Control, caching, htaccess, If-Modified-Since, mod_rewrite | 2 Comments | Continue...

---

An AskApache Plugin Upgrade to Rule them All

So my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last… So for all of you who’ve helped me out by sending me suggestions and notifying me of errors and sticking with it… Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I’ve been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.

Tagged: AskApache Google 404, AskApache Password Protection, Fsockopen, WordPress Plugins, wordpress security | 1 Comment | Continue...

---

PHP and AJAX shell console

Ever wanted to execute commands on your server through php? Now you can. I’m calling this file (see below) shell.php and it allows you to run commands on your web server with the same permissions that your php executable has.

Tagged: Ajax, bash, console, Hacking, htaccess, Javascript, linux, mod_rewrite, PHP, Security, Shell, shell console, Shell Scripting | 14 Comments | Continue...

---

Advanced Htaccess Demo/Example using Cookies, Headers, Rewrites

Whoa pretty sweet huh? Bet you’ve never seen that before! As I explain the htaccess code that achieves this, keep in mind this is merely one simple application for this code. It’s much more advanced than your basic htaccess trick, notice how this htaccess acts like a php script, very unusual.. I really wanted to share this trick after I created it for one of my clients because this is the tip of the iceberg. Another use would be to display an alternate style sheet depending on a users theme preference. The coolest thing about this example IMHO is that it uses multiple advanced .htaccess ideas in order for it to work, most htaccess code on the net is very singular. This code uses mod_headers to set the Content-Disposition header for forcing a download and uses mod_rewrite to do the rest.

Tagged: htaccess, htaccess rewrites, http headers, Javascript, pdf, PHP | 7 Comments | Continue...

---

Advanced Htaccess – SSI, ErrorDocuments, DirectoryIndexing SEO

3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site’s error handling to the next level, enhanced ErrorDocuments that go beyond 404’s.

Tagged: Apache Htaccess, errordocument, htaccess, htaccess rewrite, mod_include, Server Side Includes, SSI, SymLinks | 1 Comment | Continue...

---

Ultimate Htaccess Tutorial for .htaccess files

This is not an introduction to .htaccess… This is the evolution of .htaccess… The BEST, the ORIGINAL, the NEWEST, and the most HIGHEST, FLYEST .htaccess tricks I can find.

Originally known as the “Ultimate .htaccess Guide”, its changed over the years by adding new .htaccess tricks and .htaccess examples to it.. I also add my favorite .htaccess links, the best .htaccess articles on AskApache, the coolest .htaccess experiments, the Web’s best .htaccess hacks, and update this article on the regular.

Tagged: .htaccess examples, Apache, Cache, caching, Files, FilesMatch, Google, Hacking, howto, htaccess, htaccess guide, htaccess help, htaccess howto, htaccess rewrite, htaccess tricks, htaccess tutorial, httpd, litespeed, mod_rewrite, Mod_Security, rewritecond, rewriterule, sample .htaccess, Security, SEO, seo secrets, SetEnvIf, ssl, ultimate htaccess | 56 Comments | Continue...

---

Advanced .htaccess Tricks for Securing Sites

This is all new, experimental, and very very cool. It literally uses .htaccess techniques to create several virtual “locked gates” that require a specific key to unlock, in a specific order that cannot be bypassed. It uses whitelisting .htaccess tricks to specify exactly what is allowed, instead of trying to specify everything that isn’t allowed. Also, by setting specific cookies/tokens after successfully passing through a gate, we can then require the exact cookie/token from the previous gate, which stops an attacker from skipping or bypassing gates.

Tagged: advanced, Hacking, htaccess, mod_rewrite, phpBB, Security, ssl | 7 Comments | Continue...

---

Apache HTTPD and Module API Versions

A list of API Versions and the corresponding HTTPD Version, for use in determining the version of Apache currently running without having to rely on the often inaccurate SERVER_SOFTWARE Header.

Tagged: Apache, Apache Modules, httpd, Module API | 1 Comment | Continue...

---

.htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog

Well what can I say, other than this is sooo DOPE! Here is a list of the modules this plugin (version 4.7 unreleased) will automatically detect. I compiled the list myself using every module included with any default Apache installation for ALL the versions listed below, 1.3 to 2.2+

Want to know something else I’m including in this plugin? For each and every module that is detected, this plugin can then detect ALL of the modules .htaccess Directives! For instance, RewriteRule, AccessFileName, AddHandler, etc.. are each a directive belonging to a module that is allowed to be used from within .htaccess files.

Talk about sick.. these tricks have the diamond disease!

Tagged: Hacking, htaccess, htaccess rewrites, mod_rewrite, Security | 38 Comments | Continue...

---

.htaccess trick to show Alternate CSS file based on IP

This past week I updated my sites apache.css file for a site-redesign. I wanted to make changes to the .css file that only I could see, so that my regular traffic and site-visitors would still see the old version. Here’s the elegant solution I came up with using .htaccess and mod_rewrite that works so well I’m sharing it with all you wonderful and incredible people reading my blog :)

Tagged: CSS, htaccess, mod_rewrite, trick, tutorial | 4 Comments | Continue...

---

Mod_Rewrite Variables Cheatsheet

We’ve figured out what mod_rewrite variables look like, a cheatsheet of the actual value.

Tagged: cheatsheet, htaccess, mod_rewrite, mod_rewrite cheatsheet, rewritecond, rewriterule | 4 Comments | Continue...

---

Pimp out your FeedBurner Count

I’ve had a lot of people ask about the FeedBurner FeedCount image on AskApache. Specifically how to set it up with custom messages and different colors each page view… It is pretty sweet..

Tagged: feed, FeedBurner, FeedCount, htaccess | Continue...

---

Notes from Apache HTTPD Source Code

thought I’d take a break from coding and post about how open-source is such a great tool for finding the best answers to the toughest questions,

/** is the status code informational */
#define ap_is_HTTP_INFO(x)         (((x) >= 100)&&((x) < 200))
/** is the status code OK ?*/
 
#define ap_is_HTTP_SUCCESS(x)      (((x) >= 200)&&((x) < 300))
/** is the status code a redirect */
#define ap_is_HTTP_REDIRECT(x)     (((x) >= 300)&&((x) < 400))
 
/** is the status code a error (client or server) */
#define ap_is_HTTP_ERROR(x)        (((x) >= 400)&&((x) < 600))
/** is the status code a client error  */
 
#define ap_is_HTTP_CLIENT_ERROR(x) (((x) >= 400)&&((x) < 500))
/** is the status code a server error  */
#define ap_is_HTTP_SERVER_ERROR(x) (((x) >= 500)&&((x) < 600))
 
/** is the status code a (potentially) valid response code?  */
#define ap_is_HTTP_VALID_RESPONSE(x) (((x) >= 100)&&((x) < 600))

Tagged: httpd.conf, source code | Continue...

---

Securing php.ini and php.cgi with .htaccess

If you have a php.cgi or php.ini file in your /cgi-bin/ directory or other pub directory, try requesting them from your web browser. If your php.ini shows up or worse you are able to execute your php cgi, you’ll need to secure it ASAP. This shows several ways to secure these files, and other interpreters like perl, fastCGI, bash, csh, etc.

Tagged: htaccess | 2 Comments | Continue...

---

Smart HTTP and HTTPS .htaccess Rewrite

This is freaking sweet if you use SSL I promise you! Basically instead of having to check for HTTPS using a RewriteCond %{HTTPS} =on for every redirect that can be either HTTP or HTTPS, I set an environment variable once with the value “http” or “https” if HTTP or HTTPS is being used for that request, and use that env variable in the RewriteRule.

Tagged: htaccess, htaccess rewrite, HTTPS, mod_rewrite, ssl | 13 Comments | Continue...

---

SEO Secrets of AskApache.com

Learn how in a year, with no previous blogging experience this blog was able to rank so high in search engines and achieve 15,000 unique visitors every day. Uses combination of tricks and tips from throughout AskApache.com for Search Engine Optimization.

Tagged: askapache, SEO, seo secrets | 5 Comments | Continue...

---

Mod_Security .htaccess tricks

Mod_Security rivals Mod_Rewrite in the amount of features it provides. I decided to go ahead and post what I learned about it today, even though its tough to give away such awesome htaccess and apache tricks.. Learn how to control spam once and for all, conditionally log/deny/allow/redirect requests based on IP, username, etc.. Mod_Security is so fine!

Tagged: Hacking, htaccess, Mod_Security, Security | 8 Comments | Continue...

---

.Htaccess rewrites, Mod_Rewrite Tricks and Tips

htaccess rewrite / Mod_Rewrite Tips and Tricks is as glamorous as it sounds! htaccess rewrite mod_rewrite is just possibly one of the most useful Apache modules and features. The ability to rewrite requests internally as well as externally is extremely powerful.

Tagged: htaccess, htaccess rewrite, mod_rewrite, Redirecting URLS, rewrite, Rewrite Tricks, rewritecond, rewriterule | 57 Comments | Continue...

---

Blocking Bad Bots and Scrapers with .htaccess

Want to block a bad robot or web scraper using .htaccess files? Here are 2 methods that illustrate blocking 436 various user-agents.

Tagged: Blocking, htaccess, mod_rewrite, Robot, Security, SetEnvIf | 17 Comments | Continue...

---

Apache SSL in htaccess examples

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com

Some of the Ins and Outs of using SSL Connections with Apache.

Tagged: apache ssl | 9 Comments | Continue...

---

Fresh .htaccess Examples: Cookies, Variables, Custom Headers

Fresh .htaccess code for you! Check out the Cookie Manipulation and environment variable usage with mod_rewrite! I also included a couple Mod_Security .htaccess examples. Enjoy!

Tagged: Cookies, Headers, htaccess, mod_rewrite | 7 Comments | Continue...

---

Advanced HTTP Redirection

Learn about the 7 different HTTP response codes specifically reserved for redirection. 301, 302, 303, 304, 305, and 307.

Tagged: experiments, http, redirection, robots.txt | 2 Comments | Continue...

---

Instruct Search Engines to come back to site after you finish working on it

Nifty SEO tip to get Search Engine Bots to check your site every hour until you finish working on it and tell them you are finished.

Tagged: 503, Google, htaccess, mod_rewrite | 10 Comments | Continue...

---

.htaccess mod_rewrite rewrite examples

A hit-list of some of my favorite mod_rewrite code snippets for .htaccess files

Tagged: htaccess rewrites, mod_rewrite examples | 3 Comments | Continue...

---

Hacking WP Super Cache for Speed

A plugin built to generate static files from php+mysql for Apache to serve the way its supposed to be.. My dream. Conclusion: Needs some improvement, pretty sweet though.

11 Comments | Continue...

---

Log all .htaccess/.htpasswd logins

Learn how to log and debug usernames and passwords used to login to a htaccess basic authorization protected website using php. This article is BOSS and will show you how to fully take control of this aspect of security using php and .htaccess, I don’t believe you will find instructions to do this anywhere else on the net.

Tagged: 401, authorization, basic, htaccess, htpasswd, htpasswd login, password, username | 3 Comments | Continue...

---

Skeleton .htaccess file for Powweb Hosting

If you have a Powweb Webhosting account, you will appreciate this simple skeleton .htaccess file for use on their systems.

Continue...

---

Redirecting RSS to Feedburner

FeedBurner is so RAD! I love it. Here’s an alternative method to redirect scrapers and feed requests to your feedburner url, in my case, I use Branding by feedburner, which is so hot, taking advantage of CNAMEs in your DNS record.

Tagged: FeedBurner, htaccess, Redirect, rewrite, WordPress | 7 Comments | Continue...

---

SetEnvIf and SetEnvIfNoCase Examples

SetEnv, SetEnvIf, and SetEnvIfNoCase directives conditionally set environment variables accessible by scripts and apache based on HTTP Headers, Variables, and Request information.

Tagged: Examples, htaccess, mod_rewrite, mod_setenvif, SetEnv, SetEnvIf | 4 Comments | Continue...

---

WordPress Plugin for Apache .htaccess Security

1. gzip’s previous .htaccess file and sends it as an attachment to the logged in users email account along with password user setup.
2. Now also works for sites running on SSL (PHP version >4.3.0)
3. Rewrote the security module code in the form of snort, nessus, and mod_security rules and signatures
4. Added a *real* check to see if mod_rewrite is installed
5. Added Modules that remove directoryindexes
6. Much more on the way..

1 Comment | Continue...

---

A better way to use PDF files online

.htaccess and php example serves .pdf files to give visitors the choice to open in an external program or save to disk without having to open it in the browser

PDF Before and after Fix – Firefox

8 Comments | Continue...

---

Request Method Security Scanner

Also See: 27 Request Methods and HTTP Status Codes.
GET
The GET method indicates that the script should produce a document based on the meta-variable values. By convention, the GET method is ’safe’ and ‘idempotent’ and SHOULD NOT have the significance of taking an action other than producing a document.
The meaning of the GET method may be modified and refined by protocol-specific meta-variables.
POST
The POST method is used to request the script perform processing and produce a document based on the data in the request message-body, in addition to meta-variable values. A common use is form submission in HTML [18], intended to initiate processing by the script that has a permanent affect, such a change in a database.
The script MUST check the value of the CONTENT_LENGTH variable before reading the attached message-body, and SHOULD check the CONTENT_TYPE value before processing it.
HEAD
The HEAD method requests the script to do sufficient processing to return the response header fields, without providing a response message-body. The script MUST NOT provide a response message-body for a HEAD request. If it does, then the server MUST discard the message-body when reading the response from the script.
OPTIONS
The OPTIONS method represents a request for information about the communication options available on the request/response chain identified by the Request-URI. This method allows the client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval.
Responses to this method are not cacheable.
If the OPTIONS request includes an entity-body (as indicated by the presence of Content-Length or Transfer-Encoding), then the media type MUST be indicated by a Content-Type field. Although this specification does not define any use for such a body, future extensions to HTTP might use the OPTIONS body to make more detailed queries…

1 Comment | Continue...

---

Downloading Multiple Files with Curl Simultaneously

Wouldn’t it be great if you could use php and curl to download multiple files simultaneously using built-in curl functions? You can!

11 Comments | Continue...

---

Redirect index.php to root

WordPress blogs show the same duplicate content for http://www.askapache.com/index.php and http://www.askapache.com/. If you’ve read about using a robots.txt file for WordPress SEO, than you already understand this setup results in Duplicate Content penalties being levied against your Blog and Web Site by Search Engines.

Tagged: htaccess, htaccess rewrite, mod_rewrite, rewriterule | 8 Comments | Continue...

---

Apache Variable Fun in htaccess

Server and Environment Variables are used by The Apache HTTP Server by provides a mechanism for storing information. This information can be used to control various operations such as logging or access control.

3 Comments | Continue...

---

htaccess HTTPS / SSL Tips, Tricks, and Hacks

Apache has the best SSL/HTTPS support and can be controlled by the httpd.conf file or other HTTPD server configuration file. This htaccess tutorial has htaccess example code to make it easy to secure and use HTTPS and SSL with Apache.

1 Comment | Continue...

---

Security with Apache htaccess Tutorial

Apache Security tips and tricks for securing Apache Web Servers using htaccess, httpd.conf, and other built-in techniques to thwart attackers. This really should be required reading for any Apache admin or user because these little tricks are so easy to do.

Tagged: Hacking, htaccess, mod_python, Security | 2 Comments | Continue...

---