In order to have a complete understanding of what a .htaccess file is, I suggest that you also read our Custom Errors tutorial and our Password Protection tutorial.
Apache allows webmasters to create special files called .htaccess and .htpasswd with which access control and a range of defaults can be managed. This tutorial will first of all show you how to create a .htaccess file, and then how to use it to control error reporting, default filenames, and password protection.NOTE - if you use Microsoft FrontPage, be careful. When you enable the FrontPage extensions, this will install a .htaccess file in your root directory. Do not attempt any of the things you read here unless you are sure you know what you are doing, and until you have made a backup copy of your .htaccess file. Incorrect changes to your .htaccess file can result in your site being unreachable.
(Information in this tutorial is drawn from a variety of sources. Acknowledgements are given at the bottom of this page.)
1. Why is it named .htaccess?
The reason the file has such a strange name, and no file-type suffix, is to distinguish it from ordinary files, and make it very unlikely that you will create a file of that name by accident. If you are working with Windows, you will probably find it difficult to create a file of that name. WordPad and Notepad will typically try to call it .htaccess.txt unless you take special action. The easiest thing to do is to createa file called .htaccess.txt, and then rename it with your FTP program. These instructions assume you follow the easiest path. So the first thing to do is to create the file and rename it. Now you've got an empty file called .htaccess.
2. Creating a .htaccess file to "trap" errors can be found in the Custom Errors tutorial.
3. Uploading the .htaccess file.
Upload the file in the way you would for all other files, e.g. using FTP. You do not need to "chmod" it or upload it in ASCII.
4. Using .htaccess to change the way file suffixes are treated.
By default, the server has a set of standard file types that it recognizes. You can add to these types by a line or two in .htaccess. For example, by default, many servers will treat files ending in .php as PHP files - it will open them and carry out any PHP instructions it finds in them. But if a file ends in .php3, the server will just pass the file straight through. So if you want files ending in .php3 to be treated as PHP, you need to tell the system this. Here's how you do it - add this line to your .htaccess file:
AddType application/x-httpd-php3 .php3 .php
In simple language, this tells the system that files with the suffix .php3, and files with the suffix .php, are both to be treated as standard HTTP documents containing PHP. The server knows that it has to invoke PHP when it opens a document of this type.
Because PHP files are also often used as index files (the default file opened when you just specify a directory address), you will probably also want to use this line:
DirectoryIndex index.php index.php3 index.html index.htm
In simple language again, this tells the server that if someone tries to access a directory on your site, without specifying a file name, it is to look for a file called index.php first, and failing that, for index.php3, and failing that, for index.html, and finally for index.htm. (So you can have both an index.php and an index.html file in the same directory - but take care: even though it doesn't confuse the server, this is likely to confuse you at some time!)
5. Using .htaccess to change the name of the default file in a directory.
The default file in a directory does not have to be called index.php or index.anything. You can decide that yourdefault files should be called start.html, for example. To do this, you use the DirectoryIndex command, as in the last section, like this:
DirectoryIndex start.html index.php index.php3 index.html index.htm
6. Using .htaccess to allow directory listings.
Generally, it is good practice to prevent users from seeing the contents of your directories. In this way you make it more difficult for the hacker, and you can upload work in progress and test it out without anyone knowing it is there. On most servers the default is already set to prevent directory listings. However, if you want to allow this, another line in .htaccess can do it for you:
Options All MultiViews
Of course this will only give you a directory listing if you try to access a directory by name, and that directory does not have a file like index.html in it - or a file listed in a DirectoryIndex line.
We suggest that you do not enable this feature for the whole of your site - see section 10 for further information.
7. Using .htaccess to change or add file descriptions and icons
If you have a file with a suffix which isn't recognized by the system, but which you find it important to distinguish from other file types, you can do this with .htaccess by associating that suffix with a description. You can also change standard file descriptions if you prefer, and/or associate your own icons with particular suffixes. For example:
AddDescription "My special filetype" .xyz
Now when you look at a directory listing, it will say, for example:
filename.xyz 1-May-2000 22:33 1k My special filetype
To associate your own icon with this, use a command like this:
AddIcon abc.gif .xyz
This tells the system to use the icon found at abc.gif in association with files with the suffix .xyz.
This tutorial is built from the contributions of k0z (who used to call himself Geneeus), Bill, Kjell, Choon, and Glenn. Other information derived from the Apache and Apache Week websites.
This document edited by Bill, 4 Nov. 2000.
© 4WebHelp and Rod
Page URL: http://www.4webhelp.net/tutorials/misc/file_defaults.php
Back to the "pretty" page!
© 2021, 4WebHelp Team.