Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1897148
  • 博文数量: 333
  • 博客积分: 10791
  • 博客等级: 上将
  • 技术积分: 4314
  • 用 户 组: 普通用户
  • 注册时间: 2007-08-08 07:39
文章分类

全部博文(333)

文章存档

2015年(1)

2011年(116)

2010年(187)

2009年(25)

2008年(3)

2007年(1)

分类: 系统运维

2010-03-24 16:48:17

Apache服务器的.htaccess是一个非常强大的分布式配置文件,学会使用.htaccess,对虚拟主机用户来说,可以实现众多的功能。这里有一篇很容易让人理解的.htaccess介绍,作为入门文章非常的适合。文章最初来自freewebmasterhelp.comQiRan作了简单的中文翻译,我将加以完善。

  • Part 1 – Introduction介绍
  • Part 2 - .htaccess Commande命令
  • Part 3 - Password protection密码保护

Part 1 – Introduction介绍

Introduction 介绍

In this tutorial you will find out about the .htaccess file and the power it has to improve your website. Although .htaccess is only a file, it can change settings on the servers and allow you to do many different things, the most popular being able to have your own custom 404 error pages. .htaccess isn't difficult to use and is really just made up of a few simple instructions in a text file.
从本指南中,你将可以学习到有关.htaccess文件及其功能的知识,并用以优化你的网站。尽管.htaccess只是一个文件,但它可以更改服务器的设置,允许你做许多不同的事情,最流行的功能是您可以创建自定义的“404 error”页面。.htaccess 并不难于使用,归根结底,它只是在一个text文档中添加几条简单的指令而已。

Will My Host Support It? 我的主机支持它吗?

This is probably the hardest question to give a simple answer to. Many hosts support .htaccess but don't actually publicise it and many other hosts have the capability but do not allow their users to have a .htaccess file. As a general rule, if your server runs Unix or Linux, or any version of the Apache web server it will support .htaccess, although your host may not allow you to use it.
这可能很难用简单的答案来回答。许多主机支持.htaccess,但实际上并不会特别声明,许多其他类型的主机有能力但并不允许他们的用户使用.htaccess。一般来说,如果你的主机使用Unix或Linux系统,或任何版本的Apache网络服务器,从理论上都是支持.htaccess的,尽管你的主机服务商可能不允许你使用它。

A good sign of whether your host allows .htaccess files is if they support password protection of folders. To do this they will need to offer .htaccess (although in a few cases they will offer password protection but not let you use .htaccess). The best thing to do if you are unsure is to either upload your own .htaccess file and see if it works or e-mail your web host and ask them.
判断你的主机是否允许.htaccess,一个标志很好的是它是否支持文件夹密码保护。为达到此功能,主机服务商需要使用.htaccess(当然,少数情况下他们虽提供密码保护功能,但却并不允许你使用.htaccess)。如果你不确定自己的主机是否支持.htaccess,最好的办法是上传你自己的.htaccess文件看看是否有用,或者直接发送e-mail向你的主机服务商咨询。

What Can I Do? 我该怎么做?

You may be wondering what .htaccess can do, or you may have read about some of its uses but don't realise how many things you can actually do with it.
你可能疑惑.htaccess到底能做些什么,或者你可能曾知道它的一些功能但并不真正了解你实际到底可以用它来做多少事情。

There is a huge range of things .htaccess can do including: password protecting folders, redirecting users automatically, custom error pages, changing your file extensions, banning users with certian IP addresses, only allowing users with certain IP addresses, stopping directory listings and using a different file as the index file.
.htaccess可以做大量的事情,包括:文件夹密码保护、用户自动重定向、自定义错误页面、改变你的文件扩展名、封禁特定IP地址的用户、只允许特定IP地址的用户、禁止目录列表,以及使用其他文件作为index文件。

Creating A .htaccess File 创建一个.htaccess文档

Creating a .htaccess file may cause you a few problems. Writing the file is easy, you just need enter the appropriate code into a text editor (like notepad). You may run into problems with saving the file. Because .htaccess is a strange file name (the file actually has no name but a 8 letter file extension) it may not be accepted on certain systems (e.g. Windows 3.1). With most operating systems, though, all you need to do is to save the file by entering the name as:
创建.htaccess文件也许会给你带来一些困难。写文件很容易,你只需要在文字编缉器(例如:写字板)里写下适当的代码。真正困难的可能是文件的保存,因为.htaccess是一个古怪的文件名(它事实上没有文件名,只有一个由8个字母组成的扩展名),而在一些系统(如windows 3.1)中无法接受这样的文件名。在大多数的操作系统中,你需要做的是将文档保存成名为:

".htaccess"

(including the quotes). If this doesn't work, you will need to name it something else (e.g. htaccess.txt) and then upload it to the server. Once you have uploaded the file you can then rename it using an FTP program.
(包括引号)。如果这也不行,你需要将其先命名为其它名字(例如htaccess.txt),再将其上传到服务器上,之后直接使用FTP软件来重命名。

Warning 警告

Before beginning using .htaccess, I should give you one warning. Although using .htaccess on your server is extremely unlikely to cause you any problems (if something is wrong it simply won't work), you should be wary if you are using the Microsoft FrontPage Extensions. The FrontPage extensions use the .htaccess file so you should not really edit it to add your own information. If you do want to (this is not recommended, but possible) you should download the .htaccess file from your server first (if it exists) and then add your code to the beginning.
在使用.htaccess之前,我必须给你一些警告。虽然在服务器上使用.htaccess绝对不太可能给你带来任何麻烦(如果有些东西错了,它只是没效用罢了),但如果你使用Microsoft FrontPage Extensions,就必须特别小心。因为FrontPage Extensions本身使用了.htaccess,因此你不能编辑它并加入你自己的信息。如果确实有这方面的需要(并不推荐,但是可能),你应该先从服务器上下载.htaccess文档(如果存在),之后在前面加上你的代码。

Custom Error Pages 自定义错误页

The first use of the .htaccess file which I will cover is custom error pages. These will allow you to have your own, personal error pages (for example when a file is not found) instead of using your host's error pages or having no page. This will make your site seem much more professional in the unlikely event of an error. It will also allow you to create scripts to notify you if there is an error (for example I use a PHP script on Free Webmaster Help to automatically e-mail me when a page is not found).
我要介绍的.htaccess的第一个应用是自定义错误页面,这将使你可以拥有自己的、个性化的错误页面(例如找不到文件时),而不是你的服务商提供的错误页或没有任何页面。这会让你的网站在出错的时候看上去更专业。你还可以利用脚本程序在发生错误的时候通知你(例如我使用Free Webmaster Help的PHP脚本程序,当找不到页面的时候自动e-mail给我)。

You can use custom error pages for any error as long as you know its number (like 404 for page not found) by adding the following to your .htaccess file:
你所知道的任何页面错误代码(像404找不到页面),都可以通过在.htaccess文件里加入下面的文字将其变成自定义页面:

rrorDocument errornumber /file.html

For example if I had the file notfound.html in the root direct
ory of my site and I wanted to use it for a 404 error I would use:
举例来说,如果我的根目录下有一个nofound.html文件,我想使用它作为404 error的页面:

ErrorDocument 404 /notfound.html

If the file is not in the root directory of your site, you just need to put the path to it:
如果文件不在网站的根目录下,你只需要把路径设置为:

ErrorDocument 500 /errorpages/500.html

These are some of the most common errors:
以下是一些最常用的错误:

401 - Authorization Required 需要验证
400 - Bad request 错误请求
403 - Forbidden 禁止
500 - Internal Server Error 内部服务器错误
404 - Wrong page 找不到页面

Then, all you need to do is to create a file to display when the error happens and upload it and the .htaccess file.
接下来,你要做的只是创建一个错误发生时显示的文件,然后把它们和.htaccess一起上传。


Part 2 - .htaccess 命令

Introduction 介绍

In the last part I introduced you to .htaccess and some of its useful features. In this part I will show you how to use the .htaccess file to implement some of these.
在上一部分,我已经简单介绍了.htaccess以及它的一些有用功能,在这一部分,我将向你演示如何使用.htaccess文档去实现这些功能。

Stop A Directory Index From Being Shown 停示显示目录列表

Sometimes, for one reason or another, you will have no index file in your directory. This will, of course, mean that if someone types the directory name into their browser, a full listing of all the files in that directory will be shown. This could be a security risk for your site.
有些时候,由于某种原因,你的目录里没有index文件,这意味着当有人在浏览器地址栏键入了该目录的路径,该目录下所有的文件都会显示出来,这会给你的网站留下安全隐患。

To prevent against this (without creating lots of new 'index' files, you can enter a command into your .htaccess file to stop the directory list from being shown:
为避免这种情况(而不必创建一堆的新index文件),你可以在你的.htaccess文档中键入以下命令,用以阻止目录列表的显示:

Options -Indexes

Deny/Allow Certian IP Addresses 阻止/允许特定的IP地址

In some situations, you may want to only allow people with specific IP addresses to access your site (for example, only allowing people using a particular ISP to get into a certian directory) or you may want to ban certian IP addresses (for example, keeping disruptive memembers out of your message boards). Of course, this will only work if you know the IP addresses you want to ban and, as most people on the internet now have a dynamic IP address, so this is not always the best way to limit usage.
某些情况下,你可能只想允许某些特定IP的用户可以访问你的网站(例如:只允许使用特定ISP的用户进入某个目录),或者想封禁某些特定的IP地址(例如:将低级用户隔离于你的信息版面外)。当然,这只在你知道你想拦截的IP地址时才有用,然而现在网上的大多数用户都使用动态IP地址,所以这并不是限制使用的常用方法。

You can block an IP address by using:
你可以使用以下命令封禁一个IP地址:

deny from 000.000.000.000

where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will block a whole range.
这里的000.000.000.000是被封禁的IP地址,如果你只指明了其中的几个,则可以封禁整个网段的地址。如你输入210.10.56.,则将封禁210.10.56.0~210.10.56.255的所有IP地址。

You can allow an IP address by using:
你可以使用以下命令允许一个IP地址访问网站:

allow from 000.000.000.000

where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will allow a whole range.
被允许的IP地址则为000.000.000.000,你可以象封禁IP地址一样封禁整个网段。

If you want to deny everyone from accessing a directory, you can use:
如果你想阻止所有人访问该目录,则可以使用:

deny from all

but this will still allow scripts to use the files in the directory.
不过这并不影响脚本程序使用这个目录下的文档。

Alternative Index Files 替换index文件

You may not always want to use index.htm or index.html as your index file for a directory, for example if you are using PHP files in your site, you may want index.php to be the index file for a directory. You are not limited to 'index' files though. Using .htaccess you can set foofoo.blah to be your index file if you want to!
也许你不想一直使用index.htm或index.html作为目录的索引文件。举例来说,如果你的站点使用PHP文件,你可能会想使用index.php来作为该目录的索引文档。当然也不必局限于“index”文档,如果你愿意,使用.htaccess你甚至能够设置foofoo.balh来作为你的索引文档!

Alternate index files are entered in a list. The server will work from left to right, checking to see if each file exists, if none of them exisit it will display a directory listing (unless, of course, you have turned this off).
这些互为替换的索引文件可以排成一个列表,服务器会从左至右进行寻找,检查哪个文档在真实的目录中存在。如果一个也找不到,它将会把目录列表显示出来(除非你已经关闭了显示目录文件列表)。

DirectoryIndex index.php index.php3 messagebrd.pl index.html index.htm

Redirection 重定向

One of the most useful functions of the .htaccess file is to redirect requests to different files, either on the same server, or on a completely different web site. It can be extremely useful if you change the name of one of your files but allow users to still find it. Another use (which I find very useful) is to redirect to a longer URL, for example in my newsletters I can use a very short URL for my affiliate links. The following can be done to redirect a specific file:
.htaccess最有用的功能之一就是将请求重定向到同站内或站外的不同文档。这在你改变了一个文件名称,但仍然想让用户用旧地址访问到它时,变的极为有用。另一个应用(我发现的很有用的)是重定向到一个长URL,例如在我的时事通讯中,我可以使用一个很简短的URL来指向我的会员链接。以下是一个重定向文件的例子:

Redirect /location/from/root/file.ext

In this above example, a file in the root directory called oldfile.html would be entered as:
上述例子中,访问在root目录下的名为oldfile.html可以键入:

/oldfile.html

and a file in the old subdirectory would be entered as:
访问一个旧次级目录中的文件可以键入:

/old/oldfile.html

You can also redirect whole directoires of your site using the .htaccess file, for example if you had a directory called olddirectory on your site and you had set up the same files on a new site at: you could redirect all the files in that directory without having to specify each one:
你也可以使用.htaccess重定向整个网站的目录。假如你的网站上有一个名为olddirectory的目录,并且你已经在一个新网站 上建立了与上相同的文档,你可以将旧目录下所有的文件做一次重定向而不必一一声明:

Redirect /olddirectory

Then, any request to your site below /olddirectory will bee redirected to the new site, with the
extra information in the URL added on, for example if someone typed in:
这样,任何指向到站点中/olddirectory目录的请求都将被重新指向新的站点,包括附加的额外URL信息。例如有人键入:

http://www.youroldsite.com/olddirecotry/oldfiles/images/image.gif

They would be redirected to:
请求将被重定向到:

oldfiles/images/image.gif

This can prove to be extremely powerful if used correctly.
如果正确使用,此功能将极其强大。

Part 3 – 密码保护

Introduction 介绍

Although there are many uses of the .htaccess file, by far the most popular, and probably most useful, is being able to relaibly password protect directories on websites. Although JavaScript etc. can also be used to do this, only .htaccess has total security (as someone must know the password to get into the directory, there are no 'back doors')
尽管有各种各样的.htaccess用法,但至今最流行的也可能是最有用的做法是将其用于网站目录可靠的密码保护。尽管JavaScrip等也能做到�%A

阅读(789) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~