.htaccess Security and Performances tips
Tuesday, March 15, 2011 EDT
by: Eric Potvin
Tags:apachesecurity
AllowOverride
If AllowOverride is enabled throughout the entire site, the server digs through every directory, searching for .htaccess files. To prevent this, simply disable the AllowOverride in the site's root .htaccess file.
AllowOverride None
Preserving Bandwidth
To increase performance on PHP servers, simply add the following line to your .htaccess:
<ifmodule mod_php5.c>
php_value zlib.output_compression 16386
</ifmodule>
Note: the number maybe vary depending on our server configuration.
Directory Browsing
To prevent directory browsing, simple add the following line to your .htaccess
IndexIgnore *
Server Signature
Here we are disabling the digital signature that would otherwise identify the server:
ServerSignature Off
Control Access
If you have an admin section in your website and you only want specific users to access it (other than username and password). You can use the IP address to deny or allow unauthorized user to access it. Simply add the following lines to your .htaccess
order deny,allow
deny from all
# allow some ips
allow from 192.168.1.0/24
# block one unique IP addresses
deny from 192.168.1.101
# allow one unique IP addresses
allow from 192.168.1.102
# block one ranges of IP addresses
deny from 192.168
deny from 192.168.1
# allow one ranges of IP addresses
allow from 192.168
allow from 192.168.1
Note: obviously the IPs will changed based on your network configuration or host ip.
Custom Error Documents
Creating custom error pages will improve your website looks as well as gives you the ability to catch easily visitors when they follow a bad url.
ErrorDocument 404 /error_404.php
ErrorDocument 500 /error_500.php
#... and all other page code errors
Link to this Article
To link directly to this article from your web site, use one of the following snippets below.
.htaccess Security and Performances tips | Book Of Zeus<a href="http://www.bookofzeus.com/articles/htaccess-security-and-performances-tips/" title=".htaccess Security and Performances tips">.htaccess Security and Performances tips | Book Of Zeus</a>
Short URL:
.htaccess Security and Performances tips | Book Of Zeus<a href="http://s.bookofzeus.com/mB7pY" title=".htaccess Security and Performances tips Short URL">.htaccess Security and Performances tips | Book Of Zeus</a>