I need to know if after creating the .htaccess file I have to call it within the index page, knowing that the main page is unique (only index.php) and all pages are taken from a database.
The web server that I use Apache.
The file with filename .htaccess is an extension to the webserver configuration (most commonly httpd.conf) that is loaded automatically by Apache when a file or script is loaded or executed in the directory, or any child-directories, where the .htaccess file is placed.
Furthermore, php scripts (or any scripts for that matter) have no knowledge at all of the existence of a .htaccess, nor should they care. They can be depended on configuration settings however, eg. any rewrite rules that pipe all incoming requests through a so-called front-controller (most commonly index.php), but they do not know of it's existence. Any configuration could also be placed somewhere else in the configuration tree.
For further info I'd advise you to read about Apache, or webservers in general, and learn how a common (http) request is fulfilled. It'll give you some understanding of what the .htaccess file exactly does, and does not, and how it is related, or unrelated, to any scripts.
You don't need to explicitly call the htaccess file from any of the php pages
htaccess rules will automatically apply to all the files and sub folders within the specific folder where htaccess file is placed
You cannot call the .htaccess file, it is an instruction set to the server on how to handle requests (amongst other things). You should place it in the root directory and Apache will look for it automatically when a request to the server is made for any webpage or other file.
You can also have a .htaccess flie in each folder (directory) to control requests specific to it.
Related
I want to redirect my urls but not with htaccess, only with php. I know that I have to use the header() function. But my question is how to catch the url.
For example, Wordpress catches urls like mysite.com/postname and redirects it to other urls, I think it is index.php?parameters=values.
But my question how to catch the url mysite.com/postname and redirect it to other. Which php script will catch it.
Or when wordpress catch the url, which php file redirects it to index.php
You need to tell your HTTP server that the URL is handled by the PHP script.
You can't do this with PHP directly: If the server never runs the PHP script, then the PHP script can't do anything with the request!
This is most commonly done with mod_rewrite which is configured using Apache configuration. There are two basic places that you can put mod_rewrite directives.
The main Apache configuration files
A .htaccess file.
The former is recommended:
You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance.
… and you've rejected .htaccess so put the directives in your main configuration file.
This, of course, assumes you are using Apache HTTPD. You didn't say which HTTP server you were using.
This also assumes that when you rejected .htaccess you didn't mean mod_rewrite. Many people conflate the two since changes to mod_rewrite settings are the most common things that programmers (as opposed to System Administrators) want to do in an Apache configuration.
For example, Wordpress catches urls like mysite.com/postname and redirects it to other urls
Wordpress uses mod_rewrite directives in a .htaccess file.
I am creating a cloud storage project, and I want users to be able to upload any file. In particular, I want people to be able to upload .htaccess files, but I don't want Apache using these files as this is a security concern. How can I prevent Apache from using the user uploaded file, while still using my own .htaccess file in a parent folder?
This question is helpful reading. Directives near the www-root are applied first, subfolders are used later and may overwrite previous settings.
There are some things you can do:
Don't use .htaccess files at all, not even in other directories. If you have a dedicated server, you can edit the server config file, which is much more efficient. It will allow you to set AllowOverride None, which will prevent Apache from using .htaccess files at all. Instead, you can accomplish the same by putting your rules in the server config file. You'll need to restart Apache every time you make a change, and making an error in the server config file will prevent Apache from starting until it is fixed.
Store your files as random characters without an extension, make it impossible to access any files directly, and instead rely on a database to map a filename to a file. This allows you to store files securely, while not dumping everything in your database.
You cannot put anything in your .htaccess file that would prevent .htaccess files in subdirectories to be ignored, because AllowOverride only works in directory context, not in .htaccess context.
I'm very new to php and web , now I'm learning about oop in php and how to divide my program into classes each in .php file. before now all I know about php program, that I may have these files into my root folder
home.php
about.php
products.php
contact.php
So, whenever the client requests any of that in the browser
http://www.example.com/home.php
http://www.example.com/about.php
http://www.example.com/products.php
http://www.example.com/contact.php
No problem, the files will output the proper page to the client.
Now, I have a problem. I also have files like these in the root folder
class1.php
class2.php
resources/myFunctions.php
resources/otherFunctions.php
how to prevent the user from requesting these files by typing something like this in the browser ?
http://www.example.com/resources/myFunctions.php
The ways that I have been thinking of is by adding this line on top of every file of them exit;
Or, I know there is something called .htaccess that is an Apache configuration file that effect the way that the Apache works.
What do real life applications do to solve this problem ?
You would indeed use whatever server side configuration options are available to you.
Depending on how your hosting is set up you could either modify the include path for PHP (http://php.net/manual/en/ini.core.php#ini.include-path) or restricting the various documents/directories to specific hosts/subnets/no access in the Apache site configuration (https://httpd.apache.org/docs/2.4/howto/access.html).
If you are on shared hosting, this level of lock down isn't usually possible, so you are stuck with using the Apache rewrite rules using a combination of a easy to handle file naming convention (ie, classFoo.inc.php and classBar.inc.php), the .htaccess file and using the FilesMatch directive to block access to *.inc.php - http://www.askapache.com/htaccess/using-filesmatch-and-files-in-htaccess/
FWIW all else being equal the Apache foundation says it is better/more efficient to do it in server side config vs. using .htaccess IF that option is available to you.
A real-life application often uses a so-called public/ or webroot/ folder in the root of the project where all files to be requested over the web reside in.
This .htaccess file then forwards all HTTP requests to this folder with internal URL rewrites like the following:
RewriteRule ^$ webroot/ [L] # match either nothing (www.mydomain.com)
RewriteRule ^(.*)$ webroot/$1 [L] # or anything else (www.mydomain.com/home.php)
.htaccess uses regular expressions to match the request URI (everything in the URL after the hostname) and prepends that with webroot/, in this example.
www.mydomain.com/home.php becomes www.mydomain.com/webroot/home.php,
www.mydomain.com/folder/file.php becomes www.mydomain.com/webroot/folder/file.php
Note: this will not be visible in the url in the browser.
When configured properly, all files that are placed outside of this folder can not be accessed by a regular HTTP request. Your application however (your php scripts), can still access those private files, because PHP runs on your server, so it has filesystem access to those files.
I am trying to put my robots.txt and sitemap.xml file in the .htaccess folder but the was not found in website.
Please help me if anyone know about this?
.htaccess,robots.txt and sitemap.xml file should be kept inside root folder
all about robots.txt https://support.google.com/webmasters/answer/6062596?hl=en
They should have the URLs /sitemap.xml and /robots.txt. How you configure your server to make that happen will depend on your server.
Typically you just place them in the root directory (this may or may not be the same as the directory you place .htaccess in, but often will be if you are setting configuration directives site wide) and let them be served as static files.
If you have mod_rewrite directives (as is quite common to map "friendly URLs" on to PHP based CMSs) then you may have to alter them so that those URLs don't get rerouted to the PHP program.
I have an idea that will allow a Web Forums Content/Threads to be better indexed by search engines but avoid taking up too much unnecessary space on the web server.
My idea is not unique(I think StackOverflow uses it) but I am having difficulty working out how I am going to achieve redirecting through .htaccess commands or main server configuration files.
For a web forum website; when a new thread is created:
I store the thread HTML in an SQL database(rather than creating a HTML file which I think will take up more server space - is that correct?).
I create a directory on the server where the directory's name is the threads name(this will allow for easier indexing from google & other search engines wont it? Because the url is more descriptive?). So www.myForum.com/posts/unique_thread_name/. I think this is how StackOverflow does this, if you look at the url of my question its a directory.
The new directory(thread directory) will be empty except for a .htaccess file which will redirect to a script www.myForum.com/cgi-bin/loadWebpage.py. This script will grab the thread's HTML from the database when accessed & display that thread.
So when someone accesses www.myForum.com/posts/unique_thread_name/, the .htaccess file will redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=unique_thread_name. Notice the arguments, is it possible for a .htaccess file to redirect to a script but pass arguments aswell?
My Questions:
The apache website says you should never use .htaccess files "In general, you should never use .htaccess files unless you don't have access to the main server configuration file.". If I am using a webhost like GoDaddy do I have access to this file or is this server config file only for VPS?
Is it better to do this with the Server Config file instead?
Is there a way easier way of doing this? The whole idea is to store Forum Threads that take up as little space as possible but are still easy for search engines to index(thus the unique directories created).
Do I NOT need to create a .htaccess file in each post directory? Can I just write in my main .htaccess file that any request to a file/folder in posts should redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=the directory they accessed?
Maybe the code would look something like this?
Redirect /posts/* www.myForum.com/cgi-bin/loadWebpage.py?thread="HOW DO I SPECIFY THE FOLDER?"
If I am using a webhost like GoDaddy do I have access to this file or is this server config file only for VPS?
Godaddy shared hosting only allows .htaccess use.
Is it better to do this with the Server Config file instead?
Its better performing if you have access to Server Config, but shared hosting like Godaddy does not allow it.
Do I NOT need to create a .htaccess file in each post directory? Can I just write in my main .htaccess file that any request to a file/folder in posts should redirect to www.myForum.com/cgi-bin/loadWebpage.py?thread=the directory they accessed?
You can do it with a single .htaccess in the root dir of your site with contents as below
RewriteEngine on
RewriteBase /
RewriteRule ^posts/(.+)/$ /cgi-bin/loadWebpage.py?thread=$1 [NC,L]