Apache .htaccess Cheat Sheet

Posted on Monday, February 04th 2013 / by Eric Potvin
      300   5 Minutes
      600  10 Minutes
      900  15 Minutes
     1800  30 Minutes
     2700  45 Minutes
     3600   1 Hour
     7200   2 Hours
    10800   3 Hours
    14400   4 Hours
    18000   5 Hours
    36000  10 Hours
    39600  11 Hours
    43200  12 Hours
    46800  13 Hours
    50400  14 Hours
    54000  15 Hours
   86400   1 Day
  172800   2 Days
  259200   3 Days
  345600   4 Days
  432000   5 Days
  518400   6 Days
  604800   1 Week
 1209600   2 Weeks
 1814400   3 Weeks
 2419200   4 Weeks
 4838400   2 Months
 7257600   3 Months
 9676800   4 Months
12096000   5 Months
14515200   6 Months
16934400   7 Months
19353600   8 Months
21772800   9 Months
24192000  10 Months
26611200  11 Months
29030400  12 Months

Hide files in directory browsing

IndexIgnore *.gif *.jpg
IndexIgnore *

Enable / disable directory browsing

Options +Indexes

-or-

Options -Indexes

Customize Error Messages

ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.html

Change script extensions

AddType application/x-httpd-php .myext

Change Default Page (order is followed)

DirectoryIndex somefile.html index.html index.php

Configure allowed directives in .htaccess files (in main configuration file)

AllowOverride [ All | None ] | directive-list ...

AllowOverride All (AuthConfig, FileInfo, Indexes, Limit, Option)

Redirect request

Redirect [ status ] [ path ] [ url ]

Redirect oldpage.html /test/newpage.html
Redirect /olddir http://www.domainname.com/newdir/
Redirect permanent oldpage.html /test/newpage.html
Redirect temp oldpage.html newpage.html
Redirect gone oldpage.html

Block access from specific IP blocks/Domain

<limit GET POST PUT>
 order deny,allow
 deny from 1.2.3.4
 deny from 5.6.7.8
 deny from .spammers.com
 allow from all
</limit>

Allow access only from specific IP blocks

order deny,allow
deny from all
allow from 192.168.0.0/24
allow from 10.0.

Enable Gzip – Save Bandwidth

<ifmodule mod_deflate.c>
 AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</ifmodule>

Set an Expires header and enable Cache-Control

<ifmodule mod_expires.c>
 ExpiresActive On
 ExpiresDefault "access plus 1 seconds"
 ExpiresByType text/html "access plus 7200 seconds"
 ExpiresByType image/gif "access plus 518400 seconds"
 ExpiresByType image/jpeg "access plus 518400 seconds"
 ExpiresByType image/png "access plus 518400 seconds"
 ExpiresByType text/css "access plus 518400 seconds"
 ExpiresByType text/javascript "access plus 216000 seconds"
 ExpiresByType application/x-javascript "access plus 216000 seconds"
</ifmodule>

<ifmodule mod_headers.c>
<filesmatch "\.(ico|flv|jpg|jpeg|png|gif|css|swf)$">
 Header set Cache-Control "max-age=518400, public"
</filesmatch>
<filesmatch "\.(html|htm)$">
 Header set Cache-Control "max-age=7200, private, must-revalidate"
</filesmatch>
<filesmatch "\.(pdf)$">
 Header set Cache-Control "max-age=86400, public"
</filesmatch>
<filesmatch "\.(js)$">
 Header set Cache-Control "max-age=216000, private"
</filesmatch>
</ifmodule>

Block site from specific referrers

RewriteEngine on
RewriteCond %{HTTP_REFERER} badsite\.com [NC]
RewriteRule .* - [F]

Block Hot Linking/Bandwidth hogging

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ - [F]

Redirect to domain name without 'www' prefix

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

Redirect to domain name with 'www' prefix

RewriteEngine On
RewriteCond %{HTTP_HOST} ^mysite\.com$ [NC]
RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L]