.htaccess

.htaccess ( English hypertext access " hypertext -Access") is a configuration file on NCSA compliant web servers such as Apache , can be placed in the directory-based rules.

For example, a directory or individual files can be protected against unauthorized access using HTTP authentication . Also, error pages or redirects within the server (see Rewrite engine ) can be in set without the server must be restarted: changes in the .htaccess file occur readily into effect immediately because the file on every request to the web server is evaluated. Regulations in a .htaccess act like directory sections in central configuration files such as an httpd.conf . They only apply to the directory in which the .htaccess is stored and all of its subdirectories; but can be overwritten in the subdirectories.

Possible uses

Access protection

If access to a directory is to be protected by querying login data (here / var / www / html ), a .htaccess file with the following content is created in this directory .

 AuthType Basic
 AuthName "Titel des Passwortschutzes"
 AuthUserFile /var/www/html/.htpasswd
 Require valid-user

This refers AuthUserFileto a file that contains the user name and password in the form Benutzername:Hash. This content can be generated, for example, with the htpasswd tool or with an online generator.

 $ htpasswd -nb derName dasPasswort
 derName:$apr1$m0OaZVp0$9OHApAf65z24vNUZts8Zz1

The focus is the hash function MD5 , bcrypt , crypt and SHA for selecting and sometimes random characters are appended to the password -  Salt called (English for salt) - before the hash value is calculated, thereby also identical passwords are associated with different password hashes.

Request redirection

If a module is installed on the web server that can change a URL, redirects can be defined in the .htaccess file.

The following example says in line 1: "If it www.example.comdoes not appear in the request, ..." and in line 2: "... then forward http://www.example.com."

1  RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
2  RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

Web links

• .htaccess - Protect directories and files with a password in the Selfhtml Wiki
• .htaccess tutorial in the Apache 2.2 documentation
• .htaccess tutorial (English) in the documentation of Apache 2.4 (new functions for .htaccess have been added there)