Basic access control in Apache

Apache .htaccess files can be used to block access to specific resources, or to provide minimal security through user name and password authentication.

You can use a .htaccess file in any folder of your website, and it will apply to any subfolders. A single .htaccess file placed in the root of your domain can apply to the entire website. While this is advantageous for blocking access to files, you’re going to need a seperate .htaccess in each subfolder that you want to password protect.


Read the rest of this entry »

URL rewriting using Apache

Several years ago, you made the grave error of putting an overly specific URL in some advertising (example.com/fall_2005_news.html). You’ve come to your senses and are re-organizing your website’s structure, and you really want to get rid of that html file. You’d like any user attempting to visit that ancient URL to instead be shunted to example.com/news.

Well, such a procedure is relatively easy. Apache .htaccess files can be used in any folder of your website, and will apply to any subfolders. Thus, a single .htaccess file in the root of your domain can apply to the entire website.

The aforementioned example is fairly simple, but URL rewriting of extreme complexity is possible once you know the rules. Generally, instead of simply changing file1.html to folder/file1.html using a single rule, you will instead change every file fitting the form fileX.html to folder/fileX.html. That is to say, any request for a file that matches a specific pattern will be rewritten to a new URL.


Read the rest of this entry »