Title for auth prompt
Location of .htpasswd
Enter corresponding URLs of your site. Leave empty for none.
404 - Not Found
403 - Forbidden
500 - Internal Server Error
401 - Unauthorized
Alowed domains. One per line, without http:// and www.
Some firewalls and antiviruses delete user referer information sent by browser. If you will disallow blank referers, some visitors will be blocked on your site. It is recommended to allow it.
Extensions to protect. Space separated, without dot, leave empty for all.
Blocked domains/hitbots. One per line, leave empty for none.
Redirect blocked hits to this URL. Leave empty for none
Blocked IP. One per line, leave empty for none.
Fill URL fields for needed languages. Leave the field empty for none.
Fill URL fields for needed device types. Leave the field empty for none.
on this domain
A .htaccess file is a configuration file used on Apache-based web servers to control various aspects of website behavior. It is typically used to handle URL redirects, access control, security settings, error handling, and much more.
Common Uses for .htaccess Files:
Redirects: Redirect users from one URL to another.
Rewrite Rules: Modify URLs to make them more user-friendly.
Access Control: Restrict access to certain files or directories.
Custom Error Pages: Set up custom error messages (e.g., 404, 403).
Security Settings: Enable HTTPS, block IPs, or prevent directory listing.
Example of Basic .htaccess File:
Here is a simple .htaccess example with common settings:
apache
# Enable URL Rewriting
RewriteEngine On
# Redirect HTTP to HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Redirect a page
Redirect 301 /old-page.html /new-page.html
# Password protect a directory
<Files "secret.html">
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
</Files>
# Set custom error pages
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
# Block an IP address
Order Deny,Allow
Deny from 192.168.1.100
# Disable directory listing
Options -Indexes
Explanation:
URL Rewriting: The RewriteEngine On enables mod_rewrite, which is used to change URLs. The rule here redirects non-HTTPS requests to HTTPS.
Redirects: The Redirect 301 command is used to permanently redirect old URLs to new URLs.
Password Protection: The <Files> directive is used to protect specific files (like secret.html) by requiring a username and password.
Custom Error Pages: The ErrorDocument directive specifies custom error pages (like 404 or 500 pages).
Blocking IPs: The Deny from command blocks access from certain IP addresses.
Disabling Directory Listing: The Options -Indexes disables automatic listing of files in a directory if no index file (e.g., index.html) exists.
Python Code to Generate .htaccess File:
If you need to generate a .htaccess file programmatically, here's an example Python script to help with that:
python
def generate_htaccess(redirects=None, error_pages=None, password_protection=None, block_ips=None, disable_indexes=False):
htaccess_content = []
# Enable URL rewriting
htaccess_content.append("RewriteEngine On\n")
# Redirect HTTP to HTTPS
htaccess_content.append('RewriteCond %{HTTPS} off\n')
htaccess_content.append('RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]\n')
# Add Redirects if any
if redirects:
for old_url, new_url in redirects.items():
htaccess_content.append(f"Redirect 301 {old_url} {new_url}\n")
# Add Password Protection if specified
if password_protection:
htaccess_content.append(f"<Files \"{password_protection['file_name']}\">\n")
htaccess_content.append(" AuthType Basic\n")
htaccess_content.append(" AuthName \"Restricted Area\"\n")
htaccess_content.append(f" AuthUserFile {password_protection['auth_file']}\n")
htaccess_content.append(" Require valid-user\n")
htaccess_content.append("</Files>\n")
# Add Custom Error Pages if any
if error_pages:
for error_code, page in error_pages.items():
htaccess_content.append(f"ErrorDocument {error_code} {page}\n")
# Block IPs if any
if block_ips:
htaccess_content.append("Order Deny,Allow\n")
for ip in block_ips:
htaccess_content.append(f"Deny from {ip}\n")
# Disable Directory Listing if specified
if disable_indexes:
htaccess_content.append("Options -Indexes\n")
# Join the content and return as a single string
return ''.join(htaccess_content)
# Example usage:
redirects = {
'/old-page.html': '/new-page.html',
'/about.html': '/about-us.html'
}
error_pages = {
404: '/404.html',
500: '/500.html'
}
password_protection = {
'file_name': 'secret.html',
'auth_file': '/path/to/.htpasswd'
}
block_ips = ['192.168.1.100']
# Generate .htaccess content
htaccess_content = generate_htaccess(redirects, error_pages, password_protection, block_ips, disable_indexes=True)
# Save the content to a .htaccess file
with open('.htaccess', 'w') as f:
f.write(htaccess_content)
print("The .htaccess file has been generated.")
Explanation of the Python Code:
generate_htaccess(): This function dynamically generates the content of the .htaccess file based on the input parameters (such as redirects, error pages, password protection, and blocked IPs).
redirects, error_pages, password_protection, block_ips, and disable_indexes are the parameters you can pass to customize your .htaccess file.
Output: The function generates the appropriate rules and saves them into the .htaccess file.
Example Output of .htaccess:
pgsql
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Redirect 301 /old-page.html /new-page.html
Redirect 301 /about.html /about-us.html
<Files "secret.html">
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
</Files>
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
Order Deny,Allow
Deny from 192.168.1.100
Options -Indexes
Customization:
Add more features: You can expand the function to support other .htaccess features such as setting caching headers, custom rewrite rules, etc.
Use for multiple sites: This can be helpful if you're managing multiple websites or need to generate different .htaccess configurations.