Jump to navigationJump to search

Password protect files on a web server

This shows how to setup basic auth protection for files or directories.


.htaccess for protecting individual files.

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile .htpasswd 
AuthGroupFile /dev/null 
require valid-user
require valid-user

.htaccess for protecting the whole directory.

AuthName "Restricted Area" 
AuthType Basic 
AuthUserFile .htpasswd 
AuthGroupFile /dev/null 
require valid-user


Create an .htpasswd file for the username "staff". Note that this destroys the file if it already exists.

htpasswd -c .htpasswd staff

Afterwards the file will look something like this:


Basic htaccess file

php_flag register_globals off

# Don't  show these in generated indexes.
IndexIgnore .svn .subversion .ssh .htaccess .htpasswd .auth.bfa
RewriteEngine on

# Any attempt to download an URL with .svn/ in the path will get a 404.
RewriteRule .*\.svn/.*$ - [R=404]
# Any attempt to download an URL with .ssh/ in the path will get a 404.
RewriteRule .*\.ssh/.*$ - [R=404]

# Redirect old links to new path.
RewriteRule ^acidwarp[/]*$ /wiki/AcidWarp [R=301,L]

# a directory alias to redirect to a FQDN.
RewriteCond %{REQUEST_URI} ^/email.*$ [NC]
    RewriteRule ^email.*$ [R=301,NC,L]

# If an URL does not exist (would give 404) then redirect to
# the Wiki search to see if it can be found there.
# Note that this will BREAK many Apache Handlers that service
# virtual location URLs (where URL paths don't map to real filenames). 
# The check on REMOTE_ADDR is here so that localhost requests for 
# server-status will still work. This allows Munin to get server-status.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REMOTE_ADDR} !^$
RewriteRule ^(.+?)(\.html|\.htm)?$ http://%{SERVER_NAME}/wiki/Special:Search?search=$1&go=Go [R=301,NC,L]


how to test if mod_rewrite is installed

This command will show all loaded modules in Apache:

apachectl -M

You can also test it empirically by creating a simple .htaccess file that has nothing but the following line:

RewriteEngine on

Try to access the web server. If you get an http 500 error then mod_rewrite is not working.

friendly magic cookies with pixel bugs

This makes an URL to a "pixel bug" look more friendly. For example,

will redirect to:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/images/.*$ [NC]
    RewriteRule ^images/([0-9]*)/([0-9]*)/([0-9]*).gif$ /pixel_bug.php?guid=$1&uid=$2&imgid=$3 [NC,L]

redirect to new host

This will redirect from to

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www2.*$ [NC]
RewriteRule ^(.*)$$1 [R=301,NC,L]

mod_rewrite for MediaWiki friendly URLs

This is a pain in the ass to get right. There are not many pieces, but I had to keep fiddling with them to get it right. Plus, it's easy to get it almost but not quite right.

Assuming you want the root URI to be /wiki (just like Wikipedia). For example:

Move wiki root directory

First move your wiki directory from to w/. This is the filesystem path, not the URI. For example:

 mv /var/www/htdocs/wiki /var/www/htdocs/w

Just to be clear, the wiki/ directory should no longer exist in the filesystem. It will not just be a virtual directory handled by MediaWiki scripts.

MediaWiki LocalSettings.php

$wgScriptPath       = "/w";
$wgArticlePath      = "/wiki/$1";

.htaccess (above the MediaWiki directory)

RewriteEngine on

# This rewrites URIs in the form /wiki/Article_Name to /w/index.php/Article_Name.
RewriteCond %{REQUEST_URI} !^/wiki/index.php.*$ [NC]
    RewriteRule ^wiki/?(.*)$ /w/index.php/$1 [L]

# This takes old style links to articles in the form /wiki/index.php/Article_Name and
# redirects them to the new-style format /wiki/Article_Name.
RewriteCond %{REQUEST_URI} ^/wiki/index.php/.*$ [NC]
    RewriteRule ^wiki/index.php/(.*)$$1 [R=301,NC,L]