HTML and CSS Reference
In-Depth Information
RewriteRule "(^|/)\." - [F]
</IfModule>
Blocking access to backup and source files
If you have your databases backed up on the server, for example, data-
base.sql.bak , you do not want anyone to access that either, nor logfiles or any of
your source files, such as Photoshop files for logos—we know it happens! The fol-
lowing code in the .htaccess file prevents access to these files:
# Block access to backup and source files
# This files may be left by some text/html
editors and
# pose a great security danger, when someone
can access them
<FilesMatch
"(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
This tells the server to look for files that end with any of these extensions: <file-
name>.bak , <filename>.config , and so on, and if so, deny processing requests
for such files. It will return a 403 Forbidden error instead.
Starting Rewrite engine
The Apache server requires you to start the rewrite engine before you do any URL
rewriting. The HTML5 Boilerplate .htaccess file enables this as shown in the fol-
lowing code snippet:
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
Search WWH ::




Custom Search