Tag Archives: .htaccess

Install Zend Framework on Shared hosting server

If your site is hosted on Shared Server and you want to use Zend library on your project.

 

For Dedicated server, you have full root access and can have remote or full putty access of your server, you can install/uninstall any library as well as software in the server.
The same will be done by Server Guy on your request.

 

But, in this case “Shared hosting”, you should handle these either by using .htaccess file or by overriding the php.ini file, let see how you can do this.

 

If you need to install Zend framework what you should do is.

 

1. Check the document root path of your server.Use phpinfo(); php function for check.

[php]
<?php
echo phpinfo();
?>
[/php]

The below is the sreengrab of my local system, the path will be different for your server.

XAMPP_Document_Root_PATH_PHPinfo

 

 

2. Upload Zend library into your hosting server (path : root/library/Zend)

 

3. Create or update your php5.ini (If you are using php5, use php5.ini file) or php.ini file.

put this line, (If you already have, add this line end of the current set, connected with ‘:’)

include_path = [DOCUMENT_ROOT]/Zend Libraray Path

ex) include_path = /home/scriptarticle/public_html/library

 

It’s Done !!

Now test whether the zend installed well or not, let’s echo the Zend frame work version.

 

[php]
<?php
require_once ‘Zend/Version.php’;
echo ‘Zend Framework Version : ‘ . Zend_Version::VERSION;
?>
[/php]

 

If you see your Zend version, that means your Zend framework has been installed successfully!

 

Save

Hotlinking/bandwidth theft, check hotlinking and preventing hotlinking

Hot linking can also be called as “leeching” or “bandwidth theft” is a term referring to when a webpage of one website is direct linking to the images/videos or other multimedia files on the web host of another website (usually without permission, thus can be called as stealing bandwidth).

 

E.g. Like an <img  alt=”” /> tag to display an image you found on someone else webpage so it will appear on your site, eBay auction listing, weblog, forum message post, etc.

 

Bandwidth can be referred as the amount of data transferred from a website to a user’s computer. Whenever you view a web page, you use that site’s bandwidth to display the files. Since web hosts charge based on the amount of data transferred, bandwidth is the issue. If a site is over its monthly bandwidth, it’s billed for the extra data or taken offline.

 

One of the most common occurrences of “hot linking” is when people post on a forum and they hotlink pictures from another website to use as avatars or signature images on the message boards.

 

Some disadvantages of hot linking are that the webpage generally loads slower when you link to images stored on a different server than the webpage is hosted on, and the owner of the image has full control to disable hot linking, or delete, rename, or make worst it, do a “switcheroo” (i.e. switching the file name to be another image which is sure to cause the hot linker embarrassment) of the hot-linked image.

 

Common methods of preventing hot linking are by using an .htaccess file, using the “Hotlink Protection” offered in control panels such as Cpanel, or simply renaming image files periodically.

 

HOW COULD YOU KNOW THAT YOU ARE HOTLINKING?

<img src=”image.jpg” height=”350″ width=”200″>
<img src=”http://notyourwebsite.com/image.jpg” height=”350″ width=”200″>

This img tag tells the site to request the image.jpg from a different server. Every time the page is loaded, the outside server has to use its bandwidth to display the image. To avoid this problem, don’t link to files on servers. To share images and files on your own web page, upload them to your own server’s directory or to a free image hosting service that allows direct linking.

Below are some free image/video hosting service providers

http://www.dropshots.com/
http://photobucket.com/

 

DRAWBACK OF HOTLINKING

Hot linking can have a lot of undesirable results. One is the so-called “switcheroo“.
Displaying an image or file that doesn’t belong to could be a violation of copyright, making you open to litigation. The owner of the file could utilize DMCA law to have your site shut down and your information given for use in legal proceedings.

 

HOW CAN YOU TEST YOUR WEBSITE HOTLINKED?

Enter the complete URL (ex: http://yoursitename.com/image.jpg) to see if your image can be loaded and hot linked by other server.
http://www.free-webhosts.com/hotlinking-checker.php

 

PREVENT HOTLINKING USING .htaccess

Below code can be written in .htaccess file to stop hot linking and bandwidth theft.

[sourcecode language=”plain”]
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.yourdomain.com/badimage.jpg [R,L]
[/sourcecode]

Replace yourdomain.com to your domain name and badimage.jpg to your image which you want to show instead of hot linked image.

Please be sure your mod_rewrite is ON on your server before above .htaccess updates.

 

Most useful 5 htaccess tricks every webmaster should know

Most useful 5 htaccess tricks every webmaster should know

1) Redirect your website visitors while you update or test your website

order deny,allow
deny from all
allow from 117.117.117.117

ErrorDocument 403 /showpage.html

<Files showpage.html>
allow from all
</Files>

Replace 117.117.117.117 with your IP address. Also replace showpage.html with the name of the page you want visitors to see.

2) Display a custom 404 error page

Your server displays a “404 File Not Found” error page whenever a visitor tries to access a page on your site that doesn’t exist.
You can replace the server’s default error page with one of your own that explains the error and links visitors to your home page.

ErrorDocument 404 /404.html

Replace 404.html with the name of the page you want visitors to see.

3) Handle moved or renamed pages

You’ve moved or renamed a page on your site and you want visitors automatically sent to the new page when they try to access the old one.

Use a 301 redirect

Redirect 301 /oldpage.html http://yourwebsite.com/newpage.html

Using a 301 redirect also ensures the page doesn’t lose its search engine ranking, as you know how important it is.

4) Prevent directory browsing

When there’s no index page in a directory, visitors can look and see what’s inside (directory structure and page listing).
Some servers are configured to prevent directory browsing like this. If yours isn’t, here’s how to set it up:

Options All -Indexes

5) Create user friendly URLs

Which of the two URLs below looks good?

http://yourwebsite.com/about
http://yourwebsite.com/pages/aboutus.html

Shorter URL is always better.

With htaccess and an Apache module called mod_rewrite, you can set up URLs however you want. Your server can show the contents of “/pages/aboutus.html” whenever anyone visits “http://yourwebsite.com/about”. Below are few examples

RewriteEngine on
RewriteRule ^aboutus/$ /pages/aboutus.html [L]
RewriteRule ^features/$ /features.php [L]
RewriteRule ^buy/$ /buy.html [L]
RewriteRule ^contactus/$ /pages/contactus.htm [L]

Remove index.php from CodeIgniter URL Path using .htaccess

If you are using Codeigniter (PHP Framework) you are noticed that by default index.php will be included with your URL.

 

But you can easily remove index.php from your URL so that your URL should be like : http://yourdomainname.com/controller/action/var1/var2

 

To do this just follows the following steps:

 

1. Open config.php from system/application/config directory in your project and replace $config[‘index_page’] = ‘index.php’ by $config[‘index_page’] = ”

 

2. Create a ‘.htaccess’ file in project root directory, open the file using your favourite text editor, write down the following script and save it.

[sourcecode language=”plain”]
RewriteEngine on
RewriteCond $1 !^(index\.php|resources|images|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [L]
[/sourcecode]

 

3. In some case the default setting for uri_protocol does not work properly. To solve this problem just replace

 

$config[‘uri_protocol’] = ‘AUTO’ by $config[‘uri_protocol’] = ‘REQUEST_URI’ from system/application/config/config.php

 

It works for me. The URL now without the index.php segment.I implemented all of the configuration above on Windows using Xampp.

Hope it will work fine for you also, if not left a comment below the post.

Automatically set permission to various file types using .htaccess

Set file permissions with .htaccess, this is a great method for ensuring the CHMOD settings for various file types.

 

Apply the following rules in the root .htaccess file to affect all specified file types, or place in a specific directory to affect only those files (add/update file types according to your needs)

[sourcecode language=”plain”]
# ensure CHMOD settings for specified file types
# never set CHMOD 777 unless you know what you are doing?
# files requiring write access should use CHMOD 766 rather than 777
# keep specific file types private by setting their CHMOD to 400

chmod .htpasswd files 640
chmod .htaccess files 644
chmod php files 600
[/sourcecode]

 

Require SSL (Secure Sockets Layer)

Here is an easy way you can go using .htaccess file

[sourcecode language=”plain”]
# require SSL without mod_ssl
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
[/sourcecode]

 

Guys, If you still face any issue regarding this, leave a comment in the comment box.

 

Advanced .htaccess security and block access using .htaccess file

Block access to files using htaccess

1. Block access to .htaccess file
Add the following code block to your htaccess file to add an extra layer of security.Any attempts to access the htaccess file will result in a 403 error message.Your first layer of security to protect htaccess files involves permissions via CHMOD to 644.

# secure your htaccess file
<Files .htaccess>
order allow,deny
deny from all
</Files>

2. Block access to a Specific File
To restrict access to a specific file, add the following code block and edit the file name, “secure_file.jpg”, with the name of the file that you wish to protect.

# prevent viewing of a specific file
<files secure_file.jpg>
order allow,deny
deny from all
</files>

3. Block access to multiple file types
To restrict access to a variety of file types, add the following code block and update the file types within parentheses to match the extensions of any files that you wish to protect.

<FilesMatch “\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$”>
Order Allow,Deny
Deny from all
</FilesMatch>

4. Block unauthorized Directory Browsing
Prevent unauthorized directory browsing by instructing the server to serve a “xxx Forbidden – Authorization Required” message for any request to view a directory. For example, if your site is missing it’s default index page, everything within the root of your site will be accessible to all visitors. To prevent this, include the following htaccess rule.

# disables directory browsing
Options All -Indexes

To enable directory browsing, use the following directive.

# enables directory browsing
Options All +Indexes

Likewise, this rule will prevent the server from listing directory contents.

# prevent folder listing
IndexIgnore *

And, finally, the IndexIgnore directive may be used to prevent the display of select file types.

# prevent display of select file types
IndexIgnore *.wmv *.avi *.mp4 *.etc