Apache General .htaccess Tricks Cheatsheet - everything you need to know

Apache General .htaccess Tricks Cheatsheet

Table of contents for this Cheat sheet: How to hide directory listing in .htaccess?How to Enable Directory Listings in Apache with .htaccessHow to hide certain file types from directory listingsHow to set the timezone to UTC in .htaccessHow to make Apache force download of files (in .htaccess)How to hide the server signature (hide Apache info) from HTTP headers with .htaccessHow to have a whitelist of IP addresses that can access files in .htaccessHow to set custom HTTP headers in Apache (by editing .htaccess)How to set up custom error pages in .htaccess for your Apache server (ErrorDocument)How to force gzip compression in Apache with .htaccessSet PHP config Variables (like ini_set) with .htaccessHow to add the default charset to UTF-8 in .htaccessHow to disable file hotlinking in Apache with .htaccessHow to set the Expires header in .htaccessHow to block access to certain referrers in Apache using .htaccessHow to set up an alias to map one directory to another destination

How to hide directory listing in .htaccess?

  1. Options -Indexes
View More Details (and 5 discussions about this topic) Here...

How to Enable Directory Listings in Apache with .htaccess

If you want to show the contents of directories then you can add this to your .htaccess rules

  1. Options All +Indexes
View More Details (and 10 discussions about this topic) Here...

How to hide certain file types from directory listings

If you have Directory Listings enabled but want to hide certain file types from being shown you can use these htaccess config lines

  1. IndexIgnore *.backup *.zip *.gz
View More Details (and 11 discussions about this topic) Here...

How to set the timezone to UTC in .htaccess

Use the following code in your .htaccess to change the timezone to UTC. You can also change 'UTC' to another valid time zone'

  1. SetEnv TZ UTC
View More Details (and 12 discussions about this topic) Here...

How to make Apache force download of files (in .htaccess)

If you want to force the download of files (octet-stream), you can use this code. Edit the file types as required.

  1. AddType application/octet-stream .doc .docx .xls .pdf

You can use this to force PDFs to download and not show in the browser:

  1. AddType application/octet-stream .pdf

If you want to force other file types (such as Word Document, Excel, etc) just edit the file type

View More Details (and 3 discussions about this topic) Here...

How to hide the server signature (hide Apache info) from HTTP headers with .htaccess

If you don't want to publicly announce in the HTTP headers what version of Apache that your website is using, add this code to hide it:

  1. ServerSignature Off
View More Details (and 10 discussions about this topic) Here...

How to have a whitelist of IP addresses that can access files in .htaccess

If you want Apache to only allow access to files/directories that match a set of IP addresses you can use this:

  1. <Files admin_panel.php>
  2. Order deny,allow
  3. Deny from all
  4. Allow from x.x.x.x localhost
  5. </Files>

Remember to change admin_panel.php and X.X.X.X to your details

View More Details (and 11 discussions about this topic) Here...

How to set custom HTTP headers in Apache (by editing .htaccess)

  1. Header always set YOURHEADERNAME "Your Header Value"
  2. Header always set Referrer-Policy "strict-origin-when-cross-origin"
  3. Header set Content-Language "en-gb"
View More Details (and 4 discussions about this topic) Here...

How to set up custom error pages in .htaccess for your Apache server (ErrorDocument)

If you want to set up a custom error page (for example when a 404 error happens) you can define what file to serve in your .htaccess file

  1. ErrorDocument 500 "Show a plain text message"
  2. ErrorDocument 401 http://redirect.com/to/a/url.html
  3. ErrorDocument 404 /error_files/your_404_error_file.htm
View More Details (and 8 discussions about this topic) Here...

How to force gzip compression in Apache with .htaccess

You can force Apache to compress data before sending it by adding a few lines of code to your .htaccess file.

  1. <ifModule mod_gzip.c>
  2.     mod_gzip_on Yes
  3.     mod_gzip_dechunk Yes
  4.  
  5.     mod_gzip_item_include file .(html?|txt|css|js|php)$
  6.     mod_gzip_item_include mime ^application/x-javascript.*
  7.     mod_gzip_item_include mime ^text/.*
  8.     mod_gzip_item_exclude mime ^image/.*
  9.  
  10.     mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
  11. <\/ifModule>
View More Details (and 5 discussions about this topic) Here...

Set PHP config Variables (like ini_set) with .htaccess

If you need to set some PHP config variables (the same as in php.ini or via ini_set()) you can do this in .htaccess

  1. php_value upload_max_filesize 150M
  2. php_value  include_path  ".:/usr/local/lib/php"
  3. php_value error_log  "/log/location/php_errors.log"

If you need to switch something from on to off (true/false) then you must use php_flag:

  1. php_flag display_errors off

If apache is run in CGI mode this will not work.

View More Details (and 10 discussions about this topic) Here...

How to add the default charset to UTF-8 in .htaccess

If you want to define the default charset to UTF-8, you can do this in one line in .htaccess

  1. AddDefaultCharset UTF-8
View More Details (and 10 discussions about this topic) Here...

How to disable file hotlinking in Apache with .htaccess

If you want to ensure that every image requested comes with a HTTP referrer of your own site's URL then this anti image hotlinking .htaccess rule will help you out:

  1. RewriteCond %{HTTP_REFERER} !^$
  2. RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?YOURSITE.com [NC]
  3. RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]

Don't forget that you will probably need to enable the rewrite engine for these rules to work. Click the button below to find out how to do this.

View More Details (and 6 discussions about this topic) Here...

How to set the Expires header in .htaccess

Setting the expires header is a great way to enable browser based caching, which should help make some pages load faster. Here is the code how to do it in .htaccess.

  1. <IfModule mod_expires.c>
  2.         ExpiresActive on
  3.  
  4.         ExpiresDefault                                    "access plus 1 month"
  5.  
  6.  
  7.     # TEXT STUFF
  8.        ExpiresByType text/css                            "access plus 1 year"
  9.         ExpiresByType application/json                    "access plus 0 seconds"
  10.         ExpiresByType application/xml                     "access plus 0 seconds"
  11.         ExpiresByType text/xml                            "access plus 0 seconds"
  12.  
  13.     # FAVICON
  14.        ExpiresByType image/x-icon                        "access plus 1 week"
  15.  
  16.     # HTML
  17.        ExpiresByType text/html                           "access plus 0 seconds"
  18.  
  19.     # JAVASCRIPT
  20.        ExpiresByType application/javascript              "access plus 1 year"
  21.  
  22.     # FONTS
  23.        ExpiresByType application/font-woff2              "access plus 1 month"
  24.         ExpiresByType application/font-woff               "access plus 1 month"
  25.         ExpiresByType application/vnd.ms-fontobject       "access plus 1 month"
  26.         ExpiresByType application/x-font-ttf              "access plus 1 month"
  27.         ExpiresByType font/opentype                       "access plus 1 month"
  28.         ExpiresByType image/svg+xml                       "access plus 1 month"
  29.  
  30.  
  31.         ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
  32.         ExpiresByType text/cache-manifest                 "access plus 0 seconds"
  33.  
  34.         ExpiresByType audio/ogg                           "access plus 1 month"
  35.         ExpiresByType image/gif                           "access plus 1 month"
  36.         ExpiresByType image/jpeg                          "access plus 1 month"
  37.         ExpiresByType image/png                           "access plus 1 month"
  38.         ExpiresByType video/mp4                           "access plus 1 month"
  39.         ExpiresByType video/ogg                           "access plus 1 month"
  40.         ExpiresByType video/webm                          "access plus 1 month"
  41.  
  42.         ExpiresByType application/atom+xml                "access plus 1 hour"
  43.         ExpiresByType application/rss+xml                 "access plus 1 hour"
  44.  
  45. </IfModule>
View More Details (and 9 discussions about this topic) Here...

How to block access to certain referrers in Apache using .htaccess

Here are the rules you need if you want to block access to any request that contains a certain referring URL

  1. RewriteCond %{HTTP_REFERER} bad-site-linking-to-your\.com [NC,OR]
  2. RewriteCond %{HTTP_REFERER} another-bad-site-linking-to-you\.com [NC]
  3. RewriteRule .* - [F]
View More Details (and 9 discussions about this topic) Here...

How to set up an alias to map one directory to another destination

  1. RewriteRule ^from/(.*) to/$1

Don't forget that you will probably need to enable the rewrite engine for these rules to work. Click the button below to find out how to do this.

View More Details (and 12 discussions about this topic) Here...