Mr. Apache: 04.08

Altaway Technologies, Inc : Mainframe-class virtual machines: "1 - Introduction to .htaccess files
2 - FileTypes
3 - Handlers
4 - URL Rewriting
5 - User authentication
6 - Host-based access control
7 - Directory indexing

Introduction to .htaccess files

Your Web directory and its subdirectories can contain per-directory configuration files called .htaccess files. Whenever Stronghold (our Web server) receives a request for a file, it first looks for a file called .htaccess in that directory and its parent directories. If one is present, Stronghold considers the configuration directives within it before responding to the request. A .htaccess file works like this:

* A .htaccess file must be a plain text file and contain no special formatting elements. Use a text editor to create your .htaccess file. If you create it with a word processor, be sure to save it as plain text.
* A .htaccess file contains a list of configuration directives and nothing else.
* If a .htaccess file contains any other information, it must be commented out in order to prevent errors
* A .htaccess file must be saved in the top directory to which you want it to apply. The directives apply to that directory and its subdirectories.
* If a subdirectory contains a .htaccess file, it overrides the .htaccess"

You can do many custom configurations for your site with the use of the .htaccess file. This is a plain text file that should be placed in your home directory on your site to achieve a variety of effects.

Included in this page are many directives you can use to do things like serve a custom .html page when a user types in a nonexistent page on your site rather than the default 404 error message.

To use these features, you will need to create a file named .htaccess in a plain ASCII editor, such as Windows notepad. Insert a line for the directive you wish to use from the list below. When you are finished, upload the file to your home directory. This is the root directory on your site (above the /www).

If you wish to password protect a directory, please use our web form under the 'password protection' link on http://help.mindspring.com /webhelp/

Apache directives

Action

Action

Syntax: Action mime-type cgi-script

This directive adds an action, which will activate cgi-script when a file of content type mime-type is requested. It sends the URL and file path of the requested document using the standard CGI PATH_INFO and PATH_TRANSLATED environment variables.

AddDescription

Syntax: AddDescription string file file...

This sets the description to display for a file, for FancyIndexing. File is a file extension, partial filename, wild-card expression or full filename for files to describe. String is enclosed in double quotes (").
Example:

AddDescription "The planet Mars" /web/pics/mars.gif

AddEncoding

Syntax: AddEncoding mime-enc extension extension...

The AddEncoding directive adds to the list of filename extensions which filenames may end in for the specified encoding type. Mime-enc is the mime encoding to use for documents ending in extension.
Examples:

AddEncoding x-gzip gz
AddEncoding x-compress Z

This will cause files ending in .gz to be marked as encoded using the x-gzip encoding, and .Z files to be marked as encoded with x-compress.

AddIcon

Syntax: AddIcon icon name name ...

This sets the icon to display next to a file ending in name for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Name is either ^^DIRECTORY^^ for directories, ^^BLANKICON^^ for blank lines (to format the list correctly), a file extension, a wildcard expression, a partial filename or a complete filename.
Examples:

AddIcon (IMG,/icons/image.xbm) .gif .jpg .xbm
AddIcon /icons/dir.xbm ^^DIRECTORY^^
AddIcon /icons/backup.xbm *~

AddIconByType should be used in preference to AddIcon, when possible.

AddIconByEncoding

Syntax: AddIconByEncoding icon mime-encoding mime-encoding ...

This sets the icon to display next to files with mime-encoding for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Mime-encoding is a wildcard expression matching required the content-encoding.
Example:

AddIconByEncoding /icons/compress.xbm x-compress

AddIconByType

Syntax: AddIconByType icon mime-type mime-type ...

This sets the icon to display next to files of type mime-type for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Mime-type is a wildcard expression matching required the mime types.
Example:

AddIconByType (IMG,/icons/image.xbm) image/*

AddType

Syntax: AddType type ext
Context: .htaccess

The AddType directive allows you to add a mime type to your site.

Example:

AddType application/x-httpd-xx xx

AuthDBMUserFile

Syntax: AuthDBMUserFile filename

The AuthDBMUserFile directive sets the name of a DBM file containing the list of users and passwords for user authentication. Filename is the absolute path to the user file.

The user file is keyed on the username. The value for a user is the crypt() encrypted password, optionally followed by a colon and arbitrary data. The colon and the data following it will be ignored by the server.

Security: make sure that the AuthDBMUserFile is stored outside the document tree of the web-server; do not put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBMUserFile.

Important compatibility note: The implementation of "dbmopen" in the apache modules reads the string length of the hashed values from the DBM data structures, rather than relying upon the string being NULL-appended. Some applications, such as the Netscape web server, rely upon the string being NULL-appended, so if you are having trouble using DBM files interchangeably between applications this may be a part of the problem.

ErrorDocument

Syntax: ErrorDocument error-code document

In the event of a problem or error, Apache can be configured to do one of four things,

behave like NCSA httpd 1.3

output a customized message

redirect to a local URL to handle the problem/error

redirect to an external URL to handle the problem/error

2-4 are configured using ErrorDocument, which is followed by the HTTP response code and a message or URL.

Messages in this context, begin with a single quote ("), which does not form part of the message itself. Apache will sometime offer additional information regarding the problem/error.

URLs will begin with a slash (/) for local URLs, or will be a full URL which the client can resolve.
Examples:

ErrorDocument 500 /cgi-bin/tester
ErrorDocument 404 /cgi-bin/bad_urls.pl
ErrorDocument 401 http://www2.foo.bar/subscription_info.html
ErrorDocument 403 "Sorry can't allow you access today

Syntax: ...

The directive provides for access control by filename. It is comparable to the directive and directives. It should be matched with a directive. Directives that apply to the filename given should be listed within. sections are processed in the order they appear in the configuration file, after the sections and .htaccess files are read, but before sections.

The filename argument should include a filename, or a wild-card string, where `?' matches any single character, and `*' matches any sequences of characters. Extended regular expressions can also be used, with the addition of the ~ character.
For example:

would match most common Internet graphics formats.

Note that unlike and sections, sections can be used inside .htaccess files. This allows users to control access to their own files, at a file-by-file level. When used in an .htaccess file, if the filename does not begin with a / character, the directory being applied will be prefixed automatically.

Redirect

Syntax: Redirect [ status ] url-path url

The status argument is only available in Apache 1.2 or later.

The Redirect directive maps an old URL into a new one. The new URL is returned to the client which attempts to fetch it again with the new address. Url-path a (%-decoded) path; any requests for documents beginning with this path will be returned a redirect error to a new (%-encoded) url beginning with url.
Example: