实用的.htaccess用法大全

相信大部分的网站空间都支持.htaccess吧。

那么,什么是.htaccess呢?

概述来说,htaccess文件是Apache服务器中的一个配置文件,它负责相关目录下的网页配置。通过htaccess文件,可以帮我们实现:网页301重定向、自定义404错误页面、改变文件扩展名、允许/阻止特定的用户或者目录的访问、禁止目录列表、配置默认文档等功能。(摘自百度百科)

就比如落影无痕这个博客的404页面就是通过.htaccess来定义的。

今天落影无痕就给大家带来一些实用的.htaccess用法。这些代码大部分可以直接复制到你的.htaccess中使用,不过需要注意的是,部分代码需要修改后才能使用!

(ps:一堆的注释翻译了半天,部分注释不好翻译就保留了。)


强制 www

RewriteEngine on RewriteCond %{HTTP_HOST} ^example\.com [NC] RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]

强制 www通用方法

RewriteCond %{HTTP_HOST} !^$ RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteCond %{HTTPS}s ^on(s)| RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

这种方法可以使用在任何网站中。

强制 non-www

究竟是WWW好,还是non-www好,没有定论,如果你喜欢不带www的,可以使用下面的脚本:

RewriteEngine on RewriteCond %{HTTP_HOST} ^www\.example\.com [NC] RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]

强制 non-www通用方法

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.
RewriteCond %{HTTPS}s ^on(s)|off
RewriteCond http%1://%{HTTP_HOST} ^(https?://)(www\.)?(.+)$
RewriteRule ^ %1%3%{REQUEST_URI} [R=301,L]

强制 HTTPS

RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} # Note: It's also recommended to enable HTTP Strict Transport Security (HSTS)  # on your HTTPS website to help prevent man-in-the-middle attacks. # See https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" </IfModule>

强制 HTTPS 通过代理

如果你使用了代理,这种方法对你很有用。

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

强制添加末尾斜杠

RewriteCond %{REQUEST_URI} /+[^\.]+$ RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]

取掉末尾斜杠

RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)/$ /$1 [R=301,L]

重定向到一个页面

Redirect 301 /oldpage.html http://www.example.com/newpage.html Redirect 301 /oldpage2.html http://www.example.com/folder/

目录别名

RewriteEngine On
RewriteRule ^source-directory/(.*) target-directory/$1

脚本别名

FallbackResource /index.fcgi

This example has an index.fcgi file in some directory, and any requests within that directory that fail to resolve a filename/directory will be sent to the index.fcgi script. It’s good if you want baz.foo/some/cool/path to be handled by baz.foo/index.fcgi(which also supports requests to baz.foo ) while maintaining baz.foo/css/style.cssand the like. Get access to the original path from the PATH_INFO environment variable, as exposed to your scripting environment.

RewriteEngine On
RewriteRule ^$ index.fcgi/ [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.fcgi/$1 [QSA,L]

This is a less efficient version of the FallbackResource directive (because using mod_rewrite is more complex than just handling the FallbackResource directive), but it’s also more flexible.

重定向整个网站

Redirect 301 / http://newsite.com/

This way does it with links intact. That is www.oldsite.com/some/crazy/link.html will become www.newsite.com/some/crazy/link.html . This is extremely helpful when you are just “moving” a site to a new domain.

干净的URL

此代码段允许您使用“干净”网址,例如没有PHP扩展程序的网址。而不是example.com/users.php .

RewriteEngine On RewriteCond %{SCRIPT_FILENAME} !-d RewriteRule ^([^.]+)$ $1.php [NC,L]

Source

Security

拒绝所有访问

## Apache 2.2 Deny from all ## Apache 2.4 # Require all denied

But wait, this will lock you out from your content as well! Thus introducing…

拒绝所有访问(排除部分)

## Apache 2.2 Order deny,allow
Deny from all
Allow from xxx.xxx.xxx.xxx ## Apache 2.4 # Require all denied # Require ip xxx.xxx.xxx.xxx

xxx.xxx.xxx.xxx is your IP. If you replace the last three digits with 0/12 for example, this will specify a range of IPs within the same network, thus saving you the trouble to list all allowed IPs separately. Source

Now of course there’s a reversed version:

屏蔽爬虫/恶意访问

## Apache 2.2 Order deny,allow
Allow from all
Deny from xxx.xxx.xxx.xxx
Deny from xxx.xxx.xxx.xxy ## Apache 2.4 # Require all granted # Require not ip xxx.xxx.xxx.xxx # Require not ip xxx.xxx.xxx.xxy

保护隐藏文件和目录

隐藏的文件和目录(名称以一个圆点开头的文件和目录)应该是最安全的(如果不是全部的话)。 例如: .htaccess , .htpasswd , .git , .hg …

RewriteCond %{SCRIPT_FILENAME} -d [OR] RewriteCond %{SCRIPT_FILENAME} -f RewriteRule "(^|/)\." - [F]

或者,你可以提出一个未找到错误,让黑客找不到线索:

RedirectMatch 404 /\..*$

保护备份文件和源代码文件

这些文件可能由一些文本/ HTML编辑器(如Vi / Vim)留下,如果暴露给公众,会造成很大的安全隐患。

<FilesMatch "(\.(bak|config|dist|fla|inc|ini|log|psd|sh|sql|swp)|~)$">  ## Apache 2.2  Order allow,deny  Deny from all  Satisfy All  ## Apache 2.4  # Require all denied </FilesMatch> 


禁止目录浏览

Options All -Indexes

禁止图片盗链

RewriteEngine on # Remove the following line if you want to block blank referrer too RewriteCond %{HTTP_REFERER} !^$  RewriteCond %{HTTP_REFERER} !^http(s)?://(.+\.)?example.com [NC] RewriteRule \.(jpg|jpeg|png|gif|bmp)$ - [NC,F,L] # If you want to display a "blocked" banner in place of the hotlinked image,  # replace the above rule with: # RewriteRule \.(jpg|jpeg|png|gif|bmp) http://example.com/blocked.png [R,L]

禁止图片盗链(指定域名)

有的时候你想禁止图片盗链 .(我觉得这个没什么用,一般空间都有防盗链)

RewriteEngine on RewriteCond %{HTTP_REFERER} ^http(s)?://(.+\.)?badsite\.com [NC,OR] RewriteCond %{HTTP_REFERER} ^http(s)?://(.+\.)?badsite2\.com [NC,OR] RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L] # If you want to display a "blocked" banner in place of the hotlinked image,  # replace the above rule with: # RewriteRule \.(jpg|jpeg|png|gif|bmp) http://example.com/blocked.png [R,L]

密码保护目录

首先,你需要在系统中的某个位置创建一个.htpasswd文件:

htpasswd -c /home/fellowship/.htpasswd boromir

然后您可以使用它进行身份验证:

AuthType Basic
AuthName "One does not simply" AuthUserFile /home/fellowship/.htpasswd Require valid-user

密码保护文件

AuthName "One still does not simply"
AuthType Basic
AuthUserFile /home/fellowship/.htpasswd <Files "one-ring.o"> Require valid-user </Files> <FilesMatch ^((one|two|three)-rings?\.o)$> Require valid-user </FilesMatch>

通过Referrer过滤访客

这会拒绝所有来自(由特定网域)的使用者的存取权。

RewriteEngine on # Options +FollowSymlinks RewriteCond %{HTTP_REFERER} somedomain\.com [NC,OR] RewriteCond %{HTTP_REFERER} anotherdomain\.com RewriteRule .* - [F]

防止被别的网页嵌套

这防止网站被框架化(即放入iframe标签),当仍然允许为特定URI的成帧。

SetEnvIf Request_URI "/starry-night" allow_framing=true Header set X-Frame-Options SAMEORIGIN env=!allow_framing

Performance

压缩文件

<IfModule mod_deflate.c> # 强制 compression for mangled headers.
    # http://developer.yahoo.com/blogs/ydn/posts/2010/12/pushing-beyond-gzipping <IfModule mod_setenvif.c> <IfModule mod_headers.c> SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
            RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding </IfModule> </IfModule> # Compress all output labeled with one of the following MIME-types
    # (for Apache versions below 2.3.7, you don't need to enable `mod_filter`
    #  and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines
    #  as `AddOutputFilterByType` is still in the core directives). <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/atom+xml \   application/javascript \   application/json \   application/rss+xml \   application/vnd.ms-fontobject \   application/x-font-ttf \   application/x-web-app-manifest+json \   application/xhtml+xml \   application/xml \   font/opentype \   image/svg+xml \   image/x-icon \   text/css \   text/html \   text/plain \   text/x-component \   text/xml </IfModule> </IfModule> 


设置过期头信息

Expires标头告诉浏览器他们应该从服务器请求特定文件还是只从缓存中抓取它。 建议将静态内容的过期标题设置为远期。

如果您不使用基于文件名的缓存无效化控制版本控制,请考虑将缓存时间缩短为像1周之类的CSS和JS等资源。


<IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 1 month" # CSS ExpiresByType text/css "access plus 1 year" # Data interchange ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # Favicon (cannot be renamed!) ExpiresByType image/x-icon "access plus 1 week" # HTML components (HTCs) ExpiresByType text/x-component "access plus 1 month" # HTML ExpiresByType text/html "access plus 0 seconds" # JavaScript ExpiresByType application/javascript "access plus 1 year" # Manifest files ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" # Media ExpiresByType audio/ogg "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" # Web feeds ExpiresByType application/atom+xml "access plus 1 hour" ExpiresByType application/rss+xml "access plus 1 hour" # Web fonts ExpiresByType application/font-woff2 "access plus 1 month" ExpiresByType application/font-woff "access plus 1 month" ExpiresByType application/vnd.ms-fontobject "access plus 1 month" ExpiresByType application/x-font-ttf "access plus 1 month" ExpiresByType font/opentype "access plus 1 month" ExpiresByType image/svg+xml "access plus 1 month" </IfModule>

关闭eTags标志

By removing the ETag header, you disable caches and browsers from being able to validate files, so they are forced to rely on your Cache-Control and Expires header.

<IfModule mod_headers.c> Header unset ETag </IfModule> FileETag None

Miscellaneous

设置PHP变量

php_value <key> <val> # For example:
php_value upload_max_filesize 50M
php_value max_execution_time 240

Custom Error Pages

ErrorDocument 500 "Houston, we have a problem." ErrorDocument 401 http://error.example.com/mordor.html ErrorDocument 404 /errors/halflife3.html

强制下载

有时你想强制浏览器下载一些内容,而不是显示它。

<Files *.md> ForceType application/octet-stream
    Header set Content-Disposition attachment </Files>

Now there is a yang to this yin:

阻止下载

有时你想强制浏览器显示一些内容,而不是下载它。

<FilesMatch "\.(tex|log|aux)$"> Header set Content-Type text/plain </FilesMatch>

运行跨域字体引用

cdn提供的Web字体可能无法在Firefox或IE中正常工作。 此代码段解决了该问题。

<IfModule mod_headers.c> <FilesMatch "\.(eot|otf|ttc|ttf|woff|woff2)$"> Header set Access-Control-Allow-Origin "*" </FilesMatch> </IfModule>

Source

Auto UTF-8 Encode

你的文字内容将始终使用utf8编码(注:可以用来解决一些国外空间的兼容性问题。)

# Use UTF-8 encoding for anything served text/plain or text/html
AddDefaultCharset utf-8 # 强制 UTF-8 for a number of file formats
AddCharset utf-8 .atom .css .js .json .rss .vtt .xml

Source

切换PHP版本

如果你在共享主机上,有可能安装了多个版本的PHP,有时你的网站想要使用一个特定的版本。 例如使用PHP >= 5.4。 以下代码段应为您切换PHP版本。

AddHandler application/x-httpd-php55 .php

# Alternatively, you can use AddType
AddType application/x-httpd-php55 .php

禁止IE兼容视图

IE中的兼容性视图可能会影响某些网站的显示方式。 以下代码段应强制IE使用边缘渲染引擎并禁用兼容性视图。

<IfModule mod_headers.c> BrowserMatch MSIE is-msie
    Header set X-UA-Compatible IE=edge env=is-msie </IfModule>

支持WebP图片格式

如果支持WebP图像,并且在与要提供的jpg / png图像相同的位置找到具有.webm扩展名和相同名称的图像,则将改为提供WebP图像。

RewriteEngine On RewriteCond %{HTTP_ACCEPT} image/webp RewriteCond %{DOCUMENT_ROOT}/$1.webp -f RewriteRule (.+)\.(jpe?g|png)$ $1.webp [T=image/webp,E=accept:1]


本博客所有文章如无特别注明均为原创。作者:admin复制或转载请以超链接形式注明转自 无痕博客
原文地址《实用的.htaccess用法大全
分享到:更多

相关推荐

  • blogger

发表评论

路人甲 表情
Ctrl+Enter快速提交

网友评论(0)