En lightning talk av Morten Bergset
Hva er .htaccess
• det er en fil en kan overstyre det som Apache i httpd.conf tillater
• endringen gjelder i den mappen .htaccess filen er lagret, og underliggende mapper
• med veldig lite kode kan man gjøre store endringer!
Error dokumenter
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.html
Passord beskytte fil/mappe
AuthUserFile /usr/local/you/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user valid-user
Redirect vs RewriteRule
• Redirect er nesten samme som RewriteRule
• Redirect er enkel
• RewriteRule er kraftig (regex)
Redirects
# Ny url på en mappe: Redirect /old /new
# Redirecte hele website til ny url (301=permanent) Redirect 301 / http://test.com/
# Ny url på fil:Redirect /dir/oldfile.php /newfile.php
RewriteRules
Example:RewriteRule ^dir/([0-9]+)/?$ /index.php?id=$1 [L]
Pattern: ^dir/([0-9]+) /?$Rewrite: /index.php?id=$1 Command Flag: [L]
Betingelser# Turn on the rewrite engine RewriteEngine on
# If the request doesn't end in .php, continue processing rules RewriteCond %{REQUEST_URI} !\.php$ [NC]
# If the request doesn't end in a slash continue processing the rulesRewriteCond %{REQUEST_URI} [^/]$
# Rewrite the request with a .php extension. L means this is the 'Last' ruleRewriteRule ^(.*)$ $1.php [L]
Redirect http til https
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://sub.profundo.no/$1 [R,L]
Få den siste delen av url som parameter
RewriteEngine On RewriteRule ^(\w+)$ ./index.php?id=$1
————————————————————————————————————————————-
I PHP kode:
<?= $_GET["id"] ?>
Vise innhold i annen folder uten å gå til annen URL
Options +FollowSymLinks -MultiViews
RewriteEngine On
RewriteBase /
RewriteRule ^kunde$ /kunde/ [QSA,L,R=301,NC]
RewriteRule ^kunde?(.*)$ /app/$1 [QSA,L,NC]
Fjerne www i URL
RewriteEngine On
RewriteCond %{HTTP_HOST} !^your-site.com$ [NC]
RewriteRule ^(.*)$ https://your-site.com/$1 [L,R=301]
Dette bruker jeg i mitt MVC prosjekt hjemme
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?route=$1 [L,NC,QSA]
Alle requester går via index.php, unntatt filer som er tilgjengelig i public folder
AddDefaultCharset utf-8 AddCharset utf-8 .html .css .php .txt .js RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php
Flagg
• QSA = preserve existing query parameters (query string append)
• L = last rule
• R = force redirect
• NC = no case, case-insensitive
Tvinge download av filterer
<Files *.xls>
ForceType application/octet-stream
Header set Content-Disposition attachment
</Files>
Hindre tilgang i en mappe
deny from all
eller
order deny,allowdeny from allallow from xxx.xxx.xxx.xxx
Hindre tilgang til filer
<FilesMatch ".(htaccess|htpasswd|ini|fla|psd|log|sh)$"> Order Allow,DenyDeny from all </FilesMatch>
Directory listing
# liste opp filerOptions +Indexes
# liste opp alle unntatt gif og jpg IndexIgnore *.gif *.jpg
# IKKE liste opp filer Options -Indexes
Optimalisere statiske filer
AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html
Browser caching <IfModule mod_expires.c> ExpiresActive On ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType text/css "access 1 month" ExpiresByType application/pdf "access 1 month" ExpiresByType text/x-javascript "access 1 month" ExpiresByType application/x-shockwave-flash "access 1 month" ExpiresByType image/x-icon "access 1 year" ExpiresDefault "access 2 days" </IfModule>
Automatisk UTF-8 charset på filer
<FilesMatch "\.(htm|html|css|js)$">
AddDefaultCharset UTF-8
</FilesMatch>
Sette caching av filer: optimalisering
<FilesMatch ".(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$">
Header set Cache-Control "max-age=28800"
</FilesMatch>
Maintenance page
RewriteCond %{REMOTE_ADDR} !your_ip_address
RewriteCond %{REMOTE_ADDR} !127.0.0.1
RewriteRule !offline.php$ http://www.example.com/back_soon.html [L,R=307]
Logge PHP errors
# display no errs to user php_flag display_startup_errors offphp_flag display_errors off php_flag html_errors off
# log to filephp_flag log_errors onphp_value error_log /location/to/php_error.log
Compress output: GZIP<IfModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*</IfModule>
Shorter URLs
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^files/(.+)/(.+).zip download.php?type=$1&file=$2 [nc]