Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by ChrisPepper: http://wiki.apache.org/httpd/ScratchPad/htaccess The comment on the change is: Massage wording (heavily) ------------------------------------------------------------------------------ - (!) THIS IS A SCRATCHPAD ONLY PAGE AT THE MOMENT, AND SHOULD NOT BE MOVED OUT OF SUCH (!) + (!) THIS IS A SCRATCHPAD ONLY PAGE AT THE MOMENT, AND SHOULD NOT BE MOVED OUT OF (!) (!) This document should be used to draft a new version of the [http://httpd.apache.org/docs/trunk/howto/htaccess.html official httpd howto docs] (!) ---- - '''The use of .htaccess files is strongly discouraged as they can have a detrimental effect on server performance. Only use them when strictly necessary.''' + '''The use of .htaccess files is discouraged as they can have a detrimental effect on server performance. Only use them when necessary.''' - == What's .htaccess files purpose? == + == What's the purpose of .htaccess files? == - The purpose of an .htaccess file is to provide a means to configure Apache for users that cannot modify the main configuration file (usually httpd.conf, see [["Info/DistrosDefaultLayout"]]). + The purpose of .htaccess files is to provide a means to configure Apache for users who cannot modify the main configuration file (usually httpd.conf; see [["Info/DistrosDefaultLayout"]]). == .htaccess myths == === .htaccess files mean password protection === - No, .htaccess files can be used to provide password protection the same way main configuration files can be used to provide password protection, nothing special about .htaccess here. + Not really; .htaccess files can be used to provide password protection the same way the main configuration files can be used to provide password protection; there is nothing special about .htaccess for this purpose. == When should I use .htaccess files? == - Only when you cannot edit directly the main configuration file! + Only when you cannot edit directly the main configuration files! - === But, it's ugly having all that stuff in the main config file! === + === But it's ugly having all that stuff in the main config file! === + Well, it might be, but you can use the Include directive to alleviate that if it really bothers you! Let's suppose you dislike huge config files and that, for instance, you want to provide password authentication for all your virtual hosts. You could put a .htaccess in the root of each virtual host, or you could create a - directory within the tree of apache's config files and create a config file per vhost with the proper directives, say /usr/local/apache2/conf/vhosts-protection. Then, in httpd.conf you can write + subdirectory within the Apache config directory, containing a config file per vhost with the proper directives -- such as /usr/local/apache2/conf/vhosts-protection. Then, in httpd.conf, you could write {{{ Include /usr/local/apache2/conf/vhosts-protection/*.conf }}} for all those directives to take effect. - '''/usr/local/apache2/cont/vhosts-protection/vhost-1.conf''' + '''/usr/local/apache2/conf/vhosts-protection/vhost-1.conf''' {{{ <Directory /var/www/html/vhost-1> AuthType Basic @@ -47, +48 @@ And so on for the rest of your virtual hosts. - Now let's suppose you really must use .htaccess files, the .htaccess file should be located in /var/www/html/vhost-1/ and it should read like: + Now let's suppose you really must use .htaccess files; the .htaccess file should be located in /var/www/html/vhost-1/ should look like: '''/var/www/html/vhost-1/.htaccess''' {{{ @@ -60, +61 @@ Allow from all }}} - As you can see, .htaccess files are restricted to the directory they're placed in, and thus you can think of .htaccess files as adding dynamically to Apache configuration a + As you can see, .htaccess files are restricted to the directory they're placed in, and thus you can think of .htaccess files as dynamically adding the following to the master Apache configuration: + {{{ <Directory /path/to/.htaccess> #.htaccess content goes here @@ -69, +71 @@ == How do I use .htaccess files? == - .htaccess files are used by placing valid Apache directives in the files. You might not get what you want due to Override configuration in the main config file. + .htaccess files are containers for (certain) Apache directives. Note that some directives might be ignored due to Override configuration in the main config files. - == How can I prevent users from using .htaccess, or how to define what can they do on them? == + == How can I prevent users from using .htaccess, or how define what can they do with them? == By setting AllowOverride properly. See [http://httpd.apache.org/docs/trunk/mod/core.html#allowoverride AllowOverride] docs. == How can I create a new .htaccess file? == Use your favourite editor to create a .htaccess file in the folder where you want it to take affect. - Making sure that the file can be read by the uid Apache runs as. + Make sure that the file can be read by Apache's UID. == What can I do with my .htaccess file? == - You are restricted from two fronts, what the administrator chooses to enable, and what Apache allows. To check the first one, contact your administrator (or hosting provider, or just try), to check the second one, find the directive you want to use in the documentation, and see the Context: section. If it says .htaccess, then it can be used, given that the admininstrator gave - you access to that. - == How do I troubleshoot my .htaccess file? == + You are restricted in two ways: what the administrator chooses to enable, and what Apache itself support. To check the first one, contact your administrator (or hosting provider, or just try); to check the second way, find the directive you want to use in the documentation, and see the "Context:" section. If it says .htaccess, then that directive is valid in .htaccess. - Try putting garbage in it. If it is being read, you'll get an Internal Server Error when accessing that URL. If it is being read see ["ScratchPad/htaccessGotchas"] to find more about what can be going wrong. + == How do I troubleshoot my .htaccess files? == + Try putting garbage in it. If it is being read, you'll get an Internal Server Error when accessing that URL. If it is being read, continue to ["ScratchPad/htaccessGotchas"] to find more about what might be wrong. +
