.htaccess

Web server configuration file for each directory that can be used in an environment where software such as Apache is used.
When this is installed in a specific directory, the contents described in “.htaccess” are applied to the directory in the installed directory and directory under it.

How to make .htaccess file
1. create and save a file named “.htaccess” with text editor.
2. describe what you want to control and configure with apache and save.
3. uploaded to the server and renamed to “.htaccess”

1. Basic authentication
It is a mechanism for forcing ID and password input with authentication in the directory etc.
If you want to play the site before publishing with users and Google bot.
If you want to publish it only to those who know the ipass.

AuthUserfile /fullpath/.htpasswd
AuthGroupfile /dev/null
AuthName "Please enter your ID and password"
AuthType Basic
require valid-user

2. 301 Redirect
It is the transfer method most used in SEO, which can inherit evaluation from old page to new page. It is called permanent relocation, and it is used for URL change and domain transfer.

RewriteEngine on
RewriteRule ^old.html$ http://sample.com/new.php [R=301,L]

3. URL normalization
It refers to unifying the URL to one. For example, in the following cases, Google recognizes each as a different URL, but generally the same page is displayed.

RewriteEngine on
RewirteCond %{THE_REQUEST} ^.*/index.html
RewirteRule ^(.*)index.html$ http://sample.com/$1 [R=301,L]

RewriteEngine on
RewirteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^(.*)$ http://sample.com/$1 [R=301,L]

RewriteEngine on
RewriteCond %{HTTP_HOST} ^example\.com$
RewriteRule ^(.*)$ http://www.sample.com/$1 [R=301,L]

4. Abort of file list display
It is used to eliminate the security concern that the directory structure is exposed to the outside.
When there is an access ending with “/” like http://www.example.com, “index.html” that directory will be called instead.
However, if the index.html file can not be found, the file list in the directory shown.
Publishing the directory in this way will expose the structure of the website and there is certain risk from the security point of view. Therefore, by canceling the file list display in the directory, it is possible to prevent publication of the directory structure.

Options -Indexes

5. Access restriction from specific IP address and domain
You can restrict / deny access from a specific IP address or domain.
Alternatively, you can only allow access from a specific IP address or domain.

order allow,deny
allow from all
deny from sample.com
deny from 192.168.1.1

order deny,allo
deny from all
allow from sample.com
allow from 192.168.1.1

<files test-file.html>
	order deny,allow
	deny from all
	allow from sample.com
	allow from 192.168.1.1
</files>