I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. The only avenue on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it's almost as powerful as httpd.conf itself

The post Htaccess – The Ultimate Guide appeared first on AskApache.

Quick and easy method to get a list of all Apache Modules currently loaded, a list of all the directives each module provides, a list of currently used directives, etc... These directives can be used in httpd.conf and/or .htaccess files so it is definately useful to know which ones are available and which ones are currently being used.

The post Mod_Status tricks to View Apache Module Directives appeared first on AskApache.

Problem: WordPress shows pages, categories, author pages, etc. without an ending '/'.
/about instead of /about/.
/category/htaccess instead of /category/htaccess/.

Solution: Either hook into the user_trailingslashit filter, or use some htaccess RedirectMatch

The post Adding a Trailing "/" to WordPress Permalinks appeared first on AskApache.

There are a total of 57 HTTP Status Codes recognized by the Apache Web Server. Wouldn't you like to see what all those headers and their output, ErrorDocuments look like?

The post HTTP Status Codes and Htaccess ErrorDocuments appeared first on AskApache.

SetEnv, SetEnvIf, and SetEnvIfNoCase directives conditionally set environment variables accessible by scripts and apache based on HTTP Headers, Variables, and Request information.

• Unique mod_setenvif Variables
• Populates HTTP_MY_ Variables with mod_setenvif variable values
• Set REMOTE_HOST to HTTP_HOST
• Allows only if HOST Header is present in request
• Add values from HTTP Headers
• Set the REDIRECT_STATUS for Interpreter Security

The post Htaccess SetEnvIf and SetEnvIfNoCase Examples appeared first on AskApache.

1 minute Install!
Turns every 404 Not Found error into a SEO traffic generating event! Now you have many unique users with unique IP addresses and cookies searching your blog on all of the Google Indexes... Sweet!

«Take My 404 for a Test-Drive

The post SEO Boost from Google 404 Plugin appeared first on AskApache.

Mod_Security rivals Mod_Rewrite in the amount of features it provides. I decided to go ahead and post what I learned about it today, even though its tough to give away such awesome htaccess and apache tricks.. Learn how to control spam once and for all, conditionally log/deny/allow/redirect requests based on IP, username, etc.. Mod_Security is so fine!

The post Mod_Security .htaccess tricks appeared first on AskApache.

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "google.com"
ErrorDocument 403 https://google.com

Some of the Ins and Outs of using SSL Connections with Apache.

The post Apache SSL in htaccess examples appeared first on AskApache.

If you have a Powweb Webhosting account, you will appreciate this simple skeleton .htaccess file for use on their systems.

The post Skeleton .htaccess file for Powweb Hosting appeared first on AskApache.

Before
After trick
I am often logged in to my servers via SSH, and I need to download a file like a WordPress plugin. I've noticed many sites now employ a means of blocking robots like wget from accessing their files. Most of the time they use .htaccess to do this. So a permanent workaround has wget mimick a normal browser.

The post Wget Trick to Download from Restrictive Sites appeared first on AskApache.