Basic htaccess

The .htaccess file tells the web servers how to act when your website’s needs differ from the default behavior.  Some examples include:

 

Force everyone to use encrypted HTTPS & remove www. from the start of the URL:

 RewriteCond %{SERVER_NAME} ^www\. [NC,OR]
 RewriteCond %{HTTPS} ^off$ [NC]
 RewriteCond %{SERVER_NAME} ^(www\.)?(.*) [NC]
 RewriteRule ^/?(.*) https://%2/$1 [L,R=301,NE,QSA]

 

Redirect all traffic to a new domain / URL / etc.

  RewriteEngine on
  RewriteRule ^/?(.*)$ %{REQUEST_SCHEME}://newdomain.osu.edu/optional/$1 [L,NE,QSA,R=301]

 

Prevent a web application’s catch-all script from intercepting and breaking Shibboleth logins:

  RewriteEngine On
  RewriteCond %{REQUEST_URI} ^/Shibboleth.sso($|/)
  RewriteRule . - [L]

 

Re-enable Apache’s directory listing feature:

  Options +Indexes

 

Redirect any request for a non-existent page an alternate catch-all location:

  RewriteEngine On
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule . /pagenotfound.php [L,R=301,QSA,NE]

 

Block access to files in a directory if they’re being called directly or from a site other than yours: (useful for js, css, or image directories)

  SetEnvIfNoCase Referer "mysite\.osu\.edu" ok_ref
  <Files "*">
     Order deny,allow
     Deny from all
     Allow from env=ok_ref
  </Files>