Preventing directory listings can be very useful if for example, you have a directory containing important ‘.zip’ archive files or to prevent viewing of your image directories. Alternatively it can also be useful to enable directory listings if they are not available on your server, for example if you wish to display directory listings of [...]
If your web server does not allow you to run CGI scripts outside of the ‘cgi-bin’ directory, you can enable CGI. Check with your system administrator or web hosting company before doing so.To enable CGI, create a .htaccess file following the main instructions and guidance which includes the following text:
AddHandler cgi-script .cgi
Options +ExecCGI
The above lines [...]
For files identified as text/.* MIME types, compression can be applied to the file prior to placing it on the wire. This simultaneously reduces the number of bytes transferred and improves performance. Testing also has shown that Microsoft Office, StarOffice/OpenOffice and PostScipt files can be GZIP-encoded for transport by the compression modules.
Some important MIME types [...]
First make sure that you are loading mod_deflate.so, this line should be at the top of your httpd.conf file and is usually loaded by default.
LoadModule deflate_module libexec/apache22/mod_deflate.so
Mod Deflate Settings
Second create a new config file to keep the deflate options in.
# ee /usr/local/etc/apache22/Include/mod_deflate.conf
This file will be included in the main httpd.conf file. Inside the file add [...]
Mod Deflate comes built into Apache, but is not enabled by default. This tutorial will explain the simplest way of enabling it and setting which mime times to compress. Mod Deflate will increase your server load, but decreases the amount of time that clients are connected and can usually reduce the page size by 60 [...]
If you want to redirect all the visitors including search engine robots from your existing (old) web site (all the pages, not just the index page) to a new address, simply place the following at the end of .htaccess file in the root directory of your old web space:
Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://www.yournewsite.com/$1 [R=301,L]
Replace yournewsite.com with your [...]
One aspect of Apache which is occasionally misunderstood is the feature of default access. That is, unless you take steps to change it, if the server can find its way to a file through normal URL mapping rules, it can serve it to clients.
For instance, consider the following example:
# cd /; ln -s / public_html
Accessing http://localhost/~root/
This [...]
Server Side Includes (SSI) present a server administrator with several potential security risks.
The first risk is the increased load on the server. All SSI-enabled files have to be parsed by Apache, whether or not there are any SSI directives included within the files. While this load increase is minor, in a shared server environment it [...]
In typical operation, Apache is started by the root user, and it switches to the user defined by the User directive to serve hits. As is the case with any command that root executes, you must take care that it is protected from modification by non-root users. Not only must the files themselves be writeable only by [...]
SSL uses port 443 for requests for secure pages. If your browser just sits there for a long time when you attempt to access a secure page over your Apache proxy, then the proxy may not be configured to handle SSL. You need to instruct Apache to listen on port 443 in addition to any [...]
