An Example

## turn off multiviews content negotiation
Options -MultiViews

## custom error documents
ErrorDocument 404 /~mcynn/error404.html
ErrorDocument 401 /~mcynn/error401.html
ErrorDocument 403 /~mcynn/error403.html

## Use Secure Sockets Layer
#SSLRequireSSL On

## Expiration headers
ExpiresActive on
ExpiresByType text/html A86400   # seconds after last access
ExpiresByType image/gif A86400   # seconds after last access
ExpiresByType image/png M86400   # seconds after last modified
ExpiresByType image/jpeg 'now plus 1 day'

## Access control
order deny,allow
deny from all
allow from .harvard.edu .comcast.net 140.247.

## Basic Authentication Realm
AuthName "My Super Cool Web Site"
AuthType Basic
AuthUserFile /home/m/c/mcynn/.htpasswd
require valid-user
#AuthGroupFile /home/m/c/mcynn/.htgroups

## redirect/rewrite rules
#Redirect 302 /~mcynn/foo.html http://www.people.fas.harvard.edu/~cscie12/
#RewriteEngine On
#RewriteBase /~mcynn/
#RewriteCond %{HTTP_USER_AGENT} ^.*$
#RewriteRule ^~mcynn*$ https://www.fas.harvard.edu/~mcynn/
#satisfy any
#RedirectMatch /~mcynn/foo.cgi\..* /~mcynn/foo.cgi

Basic Authentication

Use the htpasswd program to generate a .htpasswd file. For details try:

% man htpasswd

General usage is:

% htpasswd passwordfile username

Remember: do not place the .htpasswd file in your public_html directory or you will compromise security.

% htpasswd ~/.htpasswd guest

The .htaccess file resides in the directory for which you wish to control.
The .htaccess file will affect the directory in which the file is placed as well as all subdirectories.

Lines beginning with "#" are comments: 

AuthName "My Super Cool Web Site"
AuthType Basic
AuthUserFile /home/m/c/mcynn/.htpasswd
require valid-user

Directives:
AuthName - Title of authentication scheme (seen in pop-up window).
AuthType - Type of authentication used.
AuthUserFile - Full path to file created by the htpasswd program (preferably placed outside of public_html directory.)
require - Type of user that is required to enable access to this resource.
ErrorDocument - Full path to document to be displayed for error type specified.
ExpiresActive - turn on custom expiration headers
ExpiresByType - Set the expiration for a resource by mime-type.
order - set the order of access
deny from all - default access restrictions
allow from - set access rules by domain or IP address
Redirect - Send a request for a particular URL to a different URL.
RewriteEngine - Turn on/off the URL rewriting engine.
RewriteBase - The base URL for rewriting requested URLs.
RewriteCond - The conditions to be met (if any) to determine which URLs to rewrite.
RewriteRule - The rewrite details (URL to look for and URL to rewrite).

Michael Cynn

Last Modified: Sunday 04/23/06 07:00:59 PM