GuidesUsing .htaccess Files with Apache

Using .htaccess Files with Apache

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




Copyright © 2000 by Ken Coar. All rights reserved. Limited
rights granted to Internet.Com.

One of the most common needs Webmasters have is to cause the
Web server to handle all the documents in a particular directory, or
tree of directories, in the same way — such as requiring a password
before granting access to any file in the directory, or allowing (or
disallowing) directory listings. However, this need often extends
to more than just the Webmaster; consider students on a departmental
Web server at a university, or individual customers of an ISP, or
clients of a Web-hosting company. This article describes how
the Webmaster can extend permission to tailor Apache’s behaviour to
users, allowing them to have some control over how it handles
their own sub-areas of its total Web-space.

One of the most common needs Webmasters have is to cause the Web server to handle all the documents in a particular directory, or tree of directories, in the same way–such as requiring a password before granting access to any file in the directory, or allowing (or disallowing) directory listings.

This article shows how you can use per-directory configuration
files, called .htaccess files, to customise
Apache behaviour — or allow your users to do so for their own
documents.

Per-Directory Settings

Apache’s configuration system addresses the need to group documents
by directory in a straightforward
manner. To apply controls to a particular directory tree, for
instance, you can use the container
directive in the server’s configuration files:

    
        AllowOverride None
        Options None
    

This has the advantage of keeping control in the Webmaster’s hands;
there’s no need to worry about any of the server’s users being able
to change the settings, since the server configuration files are
generally not modifiable by anyone except the admin. Unfortunately,
it has the disadvantages of
requiring a restart of Apache any time the config file is changed,
and that it can become truly burdensome to add all the
containers that might be needed
for all the users that have special requirements.

An alternative method for supplying the desired granularity of
Apache configuration — down to the directory level — is to use
special partial config files in each directory with special
requirements.

So What’s an .htaccess File?

An .htaccess file is simply a text file containing
Apache
directives.
Those directives apply to the documents in the directory where the
.htaccess file is located, and to all subdirectories
under it as well. Other .htaccess files in subdirectories
may change or nullify the effects of those in parent directories; see
the section on merging for more information.

As text files, you can use whatever text editor you like to create or
make changes to .htaccess files.

These files are called ‘.htaccess files’ because that’s
what they’re typically named. This naming scheme has its roots in
the NCSA Web server and the Unix file system; files whose names
begin with a dot are often considered to be ‘hidden’ and aren’t
displayed in a normal directory listing. The NCSA developers
chose the name ‘.htaccess‘ so that a control file
in a directory would have a fairly reasonable name (‘ht’ for
‘hypertext’) and not clutter up directory listings. Plus, there’s
a long history of Unix utilities storing their preferences information
in such ‘hidden’ files.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories