Htaccess – password generators, common usage

Password Generator(s)

Password Generator #1
Password Generator #2

Password Protect a Directory

AuthUserFile /usr/local/apache2/somesite/somefolder/.htpasswd
AuthGroupFile /dev/null
AuthName "Enter User and Pass"
AuthType Basic

<Limit GET POST>
require valid-user

Redirect all requests to a specific page

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/maintenance.html$ 
RewriteRule $ /maintenance.html [R=302,L]

Allow access to lower-level directory

Allow from all
Satisfy Any

NOTE: The following directive, inserted into the Apache vhost-conf file, accomplishes the same as the above:

<Directory "/usr/local/apache2/netkwik/htdocs/phpmyadmin">
     Satisfy Any

Prevent download of specific file types

RewriteCond %{HTTP_REFERER}    ! 
RewriteRule \.(jpg|gif|png|mp4)$   -                 [F,L]

Example Worpdress Htaccess

# DENY all requests from following IP addresses:

Order Deny,Allow
Deny from
Deny from 5.

<Files xmlrpc.php>
Order allow,deny
Deny from all

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?*$ [NC]
RewriteRule .* - [F,L]

# BEGIN WordPress
<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteBase /
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule ^(.+)$ /index.php/$1 [L,QSA]
# END WordPress

# compress text, HTML, JavaScript, CSS, and XML
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

# remove browser bugs
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent

<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl|woff|woff2)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"

Leave a Reply