The Apache Web server utilizes a per-directory access and configuration system. Users can modify operation of their Web site by creating ".htaccess" files. These files are commonly used for per-directory access control, but can be used to accomplish a lot more. Using ".htaccess" files, users can setup MIME types, Directory Indexes, error documents, redirects, and using the Apache rewrite module (mod_rewrite), accomplish much more involved tasks, such as redirecting a visitor based on environmental variables. More detailed information can be found at http://www.apache.org.
1. Access Control
Most commonly, ".htaccess" files are used to restrict access to directories, in order to restrict access, you must first create the .htaccess file. Follow these steps in order to restrict access to a directory named "members".
1. Create a plain text file named ".htaccess".
2. Enter the following information (Lines beginning with a pound sign are comments):
#Declare authorization type as basic.
AuthType Basic
#Define location of users, and groups.
#In this case, we won't use a group file.
AuthUserFile /home/username/userfile
AuthGroupFile /dev/null
#Define the name of the resource --
#this is what users will see in the "password" dialog box.
AuthName "Our Members Only Section"
#Tell the Web server to which directory you want to limit access.
Require valid-user
3. Place this file in the directory you want to protect.
Now when a visitor tries to enter the members directory, he/she is prompted for a username and password. These passwords are stored in the file "/home/username/userfile". This userfile is simply a text database of usernames to passwords (one combination per line). Passwords are encrypted using the crypt(3) function. To create this file, you will use the "htpasswd" program. On Interland Web servers, this program is located in the "/usr/local/apache/bin" directory. Follow these steps to create your username and password database.
Run /usr/local/apache/bin/htpasswd -c FILENAME NEWUSERNAME. The program will prompt you for a password. Enter it and confirm. FILENAME is the full path to your database of users.
Run /usr/local/apache/bin/htpasswd FILENAME USERNAME for each consecutive user. Only use the "-c" flag for your first user, or htpasswd will overwrite your existing file.
This should allow you to successfully configure access control on a Web directory.
Please note that to successfully complete the above two steps, you need to have telnet access. If you do not have a telnet account, (available on Feature Plus plans or higher) you can create a username and password through your administration panel. Click here for instructions.
2. MIME Types
You can also add MIME types to a server using ".htaccess" files. This is a very simple process. Before you can begin, you need to know the MIME type you want to add and its associated file extension. For example, if you are going to add plain text, your MIME type is text/plain, and your extension is .txt. All you need to do now is add a "AddType" line to your ".htaccess" file. To add the text/plain MIME type, tag the following line onto your ".htaccess" file.
AddType text/plain .txt
For .shtml, the line should be like this:
AddHandler server-parsed .shml
AddType text/html .shtml
You can add as many MIME types as you want by simply adding more lines.
3. Error Documents
Another useful feature of a ".htaccess" file is custom error messages. When a Web server encounters an error, either server side or client side, it responds with a three-digit error code, as is "404 - File not Found" or "500 - Internal Server Error." Apache provides a means for redirecting these errors to a program or static page of your choice. You can do this using the "ErrorDocument" directive. To redirect all "Not Found" errors to a static page, and all 500 errors to a PERL script, you would use the following lines:
ErrorDocument 404 http://www.mydomain.com/404.html
ErrorDocument 500 http://www.mydomain.com/cgi-bin/errors.pl?error=500
4. Redirects
You can also redirect visitors to a different directory using ".htaccess" files. Let's say, for example, you have a directory on your site named "old-site". And recently, you've redesigned your site, and moved its contents to a directory named "new-site". You can automatically redirect all visitors requesting a file from www.yourdomain.com/old-site to go to www.yourdomain.com/new-site. To do this, you need a "redirect" line, like this:
Redirect /old-site http://www.mydomain.com/new-site
There are variations of the "Redirect" directive, which return a status code to the browser. For more information, see www.apache.org.
5. Directory Index
One of the more useful features of ".htaccess" files is the ability to change which default document you want to use. If the first page you want visitors to your site to see is titled "firstpage.pl", then you can instruct the Web server to display any pages named "firstpage.pl" before it returns anything else, when your site is accessed in the form of http://www.mydomain.com. To do this, you'll use a "DirectoryIndex" directive like this:
DirectoryIndex firstpage.pl index.html index.htm
The filenames are listed in order of precedence. In other words, if no firstpage.pl, and index.html exist, the Web server will display index.htm as your default page.
6. Rewrite Engine
Lastly, you can use Apache's "Rewrite Engine". This is a very in-depth procedure, and it isn't explained in this document. It can be used for tasks such as redirecting visitors based on what browser they're using or what page they're coming from. The following example points users who are using Netscape to a full-color, graphically complete site, and those running Lynx to a text-only site.
#Turn on the Rewrite Engine
RewriteEngine On
#Tell it your working with the HTTP_USER_AGENT variable.
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*
#Do the redirect The [L] states "Exit this script now"
RewriteRule ^/? /index.HIGH.html [L]
RewriteCond %{HTTP_USER_AGENT} ^Lynx.*
RewriteRule ^/? /index.LOW.html [L]
#If HTTP_USER_AGENT cannot be determined, redirect to
#A standard page.
RewriteRule ^/? /index.STD.html [L]
Detailed information for mod_rewrite can be found at: http://www.apache.org/docs-1.2/mod/mod_rewrite.html
Based on the information in this document, the following file will
Add the text/plain MIME type.
Redirect Users going to /old-site to /new
Change the default index page to default.html
Send users with Netscape to a high graphics site, everyone else to text.
Point 404 errors in the current directory to 404.html
AddType text/plain .txt
#Run the Redirect
Redirect /old-site http://www.mydomain.com/new
#Change the default index page
DirectoryIndex default.html default.htm index.html index.cgi index.py
#Redirect Netscape
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*
RewriteRule ^/? /index.HIGH.html [L]
RewriteCond %{HTTP_USER_AGENT} ^Lynx.*
RewriteRule ^/? /index.LOW.html [L]
RewriteRule ^/? /index.STD.html [L]
#Redirect 404 Errors
ErrorDocument 404 http://www.mydomain.com/404.html
- Updated: March 13, 2001
CATEGORY
RESULTS 
Knowledge
Base 
