Someone may be misuse your information. So .htaccess can be used to restrict unwanted user for accessing your page. It can be done by number of ways, something within that.
Authentication to your site:
In this method, first you have to create user name and password for user who are access your pages. File is saved with name .htpasswd. You've to store your .htpasswd file in .htpasswds folder. You can store it anywhere except in public_html.
Syntax:
AuthName "Anything your wish to display on dialog box"
AuthType Basic
AuthUserFile /home/username/.htpasswds/.htpasswd
Require valid-user
Now anybody try to access your cpanel, the web browser ask username and password.
where,
AuthName - what you wish to display message on dialog box to user, when they get to access this page.
AuthType Basic - AuthType selects the method that is used to authenticate the user who are try to access particular page on your site. The ' Basic ' method is implemented by mod_auth_basic which sends the password from user to server unencrypted.
AuthType Digest is another method supported by the apache server which is implemented by mod_auth_digest.
AuthUserFile - where your .htpasswd file located.
Require valid-user - tells the server to authentication needed to access this page
AuthName - what you wish to display message on dialog box to user, when they get to access this page.
AuthType Basic - AuthType selects the method that is used to authenticate the user who are try to access particular page on your site. The ' Basic ' method is implemented by mod_auth_basic which sends the password from user to server unencrypted.
AuthType Digest is another method supported by the apache server which is implemented by mod_auth_digest.
AuthUserFile - where your .htpasswd file located.
Require valid-user - tells the server to authentication needed to access this page
You can provide authentication for particular file.
Syntax:
AuthUserFile /home/username/.htpasswds/.htpasswd
AuthType Basic
AuthName "Anything your wish to display on dialog box"
<Files "filename to provide authenticate">
Require valid-user
</Files>
In password protection method, you can disable it.
Syntax:
Require valid-user
Allow from 127.0.0.1
Satisfy Any
Deny users by IP Address:
Some users may be violate your contents. So you have to protect that particular user only. It can be done by .htaccess.
Syntax:
order allow, deny
deny from 192.168.1.1
allow from all
where,
the browser block the users from IP 192.168.1.1
Considered another example,
Syntax:
order allow, deny
deny from 192.168.1.
allow from all
where, the browser block the users from IP address starts with 192.168.1.
You can allow only one user and block all users using it.
Syntax:
order allow, deny
allow from 192.168.1.1
deny from all
where, the browser allow the user from IP address 192.168.1.1 only
Deny users by referrer:
Considered as a example, you host a new site. you may be got referrals. /at this stage, your site have been spammed. This spam will affect the log file. It render your log files useless. We can solve it by .htaccess.
Syntax:
RewriteEngine On
# Options +FollowSymlinks
RewriteCond %(HTTP_REFERRER) example\.com [NC]
RewriteRule .* - [F]
where,
RewriteEngine On - turn on the mod_rewrite.c
Options +FollowSymlinks should be start with ' # '. Otherwise it give error message ' 500 Internal Server Error ' .
RewriteCond %(HTTP_REFERRER) example\.com - it tells server to block traffic from example.com
[NC] - not case sensitive
You can create multiple referrer.
Syntax:
RewriteEngine On
# Options +FollowSymlinks
RewriteCond %(HTTP_REFERRER) example\.com [NC, OR]
RewriteCond %(HTTP_REFERRER) anotherone\.com
RewriteRule .* - [F]
where,
it says server to block traffic from example.com and anotherone.com.
Blocked referrals gives '403 Forbidden' error message.
Related Post:
What is htaccess?
Compressing resource with gzip using .htaccess
How to create error document using .htaccess
How to add expires headers using .htaccess
How to add MIME types using .htaccess
How to enable SSI using .htaccess
How to force script to display as source code using .htaccess
How to prevent access to php.ini file using .htaccess
How to enable or disable directory list using .htaccess
How to redirect urls using .htaccess
How to redirect to www using .htaccess
How to enable short tag in php using .htaccess
How to access pages through one page in site using .htaccess
Related Post:
What is htaccess?
Compressing resource with gzip using .htaccess
How to create error document using .htaccess
How to add expires headers using .htaccess
How to add MIME types using .htaccess
How to enable SSI using .htaccess
How to force script to display as source code using .htaccess
How to prevent access to php.ini file using .htaccess
How to enable or disable directory list using .htaccess
How to redirect urls using .htaccess
How to redirect to www using .htaccess
How to enable short tag in php using .htaccess
How to access pages through one page in site using .htaccess
shall i denied access users who coming from particular browser?
ReplyDeleteYes, you can do this using .htaccess
DeleteHow can i protect users from particular browser
ReplyDeleteYou can do it by just adding the follwing to your .htaccess file:
DeleteRewriteCond %(HTTP_USER_AGENT) ^.*browsername.*$
RewriteRule .* error.php [R,L]
How it works
ReplyDeleteWhen your site is opened in particular brower, It redirects to error page. So you will get error page's output.
Deletecan i block users from particular version of browser?
ReplyDeleteSurely you can do this. Just add the following to your .htaccess file:
DeleteRewriteCond %(HTTP_USER_AGENT) ^.*browsername/version.*$
RewriteRule .* error.php [R,L]
for example,
RewriteCond %(HTTP_USER_AGENT) ^.*chrome/10.*$
RewriteRule .* error.php [R,L]
Thank you very much for your useful post. i get more interested to learn about .htaccess.
ReplyDeletethank you
ReplyDeleteHi
ReplyDelete