By BoLOBOSE payday loan

.htaccess Handling Bad Server Requests

by: Caleb Jonasson - May 3rd, 2011   Filed under: htaccess, Web Development Add Comment

The plain old and common 404 error can get a little old and for that reason I am going to fill you in on how to handle bad status reports that you can easily handle. In order to follow along you are going to need access to your .htaccess file along with a normal way to handle URLs without special mapping.

The Code

In order to make this work successfully we are first going to need to open up the .htaccess file. If you do not currently have one but know that your host supports the functionality then you can just open up notepad and save the file as “.htaccess”. With the file in place we are going to need to add the following lines of code to make the server check for proper results.

1
2

#force error document handling.
ErrorDocument 404 /error/404.php

As you can see in the above code we have a comment followed by an error document code. We have set the status type that we are after to 404 and then pulled the page from the directory “error” and requested the file named 404.php.

When requesting a page like this you are not actually redirecting the user to the new page but rather you are bringing in the 404.php to be displayed. This allows the user to keep the attempted url in the window in case they need to make a change to the spelling.

Adding More

If you would like to handle things such as 401 requests as well you can do the same thing on the next line below. It will allow you to handle a different error with the same page or you can always change up the page to display something else. This allows for unique page error messages.

1
2
3

ErrorDocument 401 /error/404.php
ErrorDocument 404 /error/404.php
ErrorDocument 500 /error/500.php

Why It Won’t Work With URL Mapping

When working with URL mapping in a way that allows you to build the application from the index file you shouldn’t have to deal with handling status’ at all. This is because you handle all of the fake directories and if a directory doesn’t match up to a predefined one then you can simply just throw it to a 404 page if you desire.

Tags: , ,

Password Protecting Your Directory With .htaccess & .htpasswd

by: Caleb Jonasson - April 12th, 2011   Filed under: htaccess, Web Development Add Comment

Introduction

There are many ways to password protect a website and the simplest way to do this, even though not very secure, is by using an ht password.  This is a quick solution for password protecting a website that is currently under development. The idea behind this prevention is to cut off all directory access unless the user has entered in the proper username and password combination.

Note: When connecting to the server and using data services you need to make sure that the directory that the data service uses is not protected. Applications such as Flex don’t handle this form of protection very well.

Requirements

In order to get this to work you are going to need two files on the server. The first is an .htaccess file and the second is a .htpasswd file. The first file (.htaccess) is going to hold the location, information saying that it is a pass worded directory, and the location of the .htpasswd file.

1
2
3
4

AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName "root"
Require valid-user

What the Code Means

The first line of this file is the direct location to the htpasswd file from the htaccess file. The second line is the authentication type, simple is the most common type used, and requires that the browser is able to handle a 401 request which prompts for username/password insertion. The third line is just a name for the authentication that is taking place. You can just call this root. The final line is the one that is triggering the password requirement.

The .htpasswd File

The .htpasswd file should look a little different. It is going to just store the username and the password connection. Note that the password is being hashed and this requires that you generate the hash for it. If you would like to generate it yourself you can do so using php or apache, however, you can also just click on this link to find a website that will generate it for you. http://www.htaccesstools.com/htpasswd-generator/

1

caleb:28khj%js@as487dga
Tags: , , , ,

Stop Direct Page Access With PHP

by: Caleb Jonasson - December 28th, 2010   Filed under: htaccess, php, Web Development Add Comment

There are a few ways to stop direct access of a page. I will go over a few simple techniques that will help out those of you that are just getting into PHP.

Method number 1

Assuming that all of your pages require a function that was made by yourself and is brought in from another page. ie: “require_once(‘functions.php’);” then we can just do a simple check for the function.

1
2
3
4
5
6

<?php
if(!function_exists('yourfunction'){
    header('/index.php');
    die('Page cannot be accessed directly.');
}
?>

Method 2

This way of checking for the page is usually a good idea for pages that handle process information. Whether that information is handled through get or post you will still be able to use this form factor.

1
2
3
4
5
6

<?php
if(!isset($_GET['id']){
    header('location: index.php');
    die('You cannot access this page directly.');
}
?>

Just a little note for using GET and POST information. PHP is a lot more strict then people will give it credit for and this is because most of the time the errors are small and turned off. If you were to take a look at your error log you will get an entry whenever a page loads a variable with GET or POST and said GET or POST does not exist. For this reason you should check if it is set prior to loading the content into any variable.

Summary of Methods

In this short tutorial we have gone over how to prevent page access. Although these are good clean ways to prevent users from seeing pages that you don’t want them to see it is often easier to modify your HTACCESS page to prevent a page from being access directly a quick way would be do add this your .htaccess file.

1
2
3
4

<files process.class.php>
 order allow,deny
 deny from all
</files>
Tags: , , , ,