Yesterday, news sources and blogs announced that WordPress blogs hosted by Network Solutions were being hacked. The website owners’ credentials were stolen, and then the sites were used to redirect thousands of visitors to websites that distributed malware. Apparently, WordPress’ configuration file, called wp-config.php, stores the user’s database password in …
April, 2010
-
8 April
Change a URL with mod_rewrite
Question: My current website URL looks like http://mydomain.com/index.php?page=creative. How can I remove the index.php and question mark to make it look more like a regular page address? Answer: If your web server is Apache, you should be able to do this with mod_rewrite. If you have a shared hosting account, …
-
7 April
How to prevent hotlinking
Also known as inline linking, hotlinking occurs when someone else uses a picture or video from your site somewhere else on the web, but doesn’t bother to host the content themselves. These “free riders” can hog precious bandwidth and in some cases, cause server instability. Fortunately, hotlinking is very easy …
March, 2010
-
24 March
How to redirect a specific IP address
Question: How do I redirect every visitor to my website except for me? Answer: There are two methods you can use to accompany the results you want and both involve using an .htaccess file. The first is to redirect your site’s visitors with standard Apache directives: ErrorDocument 403 http://www.yourdomain.com Order …
-
24 March
Forcing a browser to prompt to save certain files
Question: I am distributing sensitive forms to my clients and want to make sure they download them rather than opening them in their browser. Is there a way to force the web server to prompt them for download rather than using a browser plugin? Answer: Yes, using .htaccess you can …
-
22 March
How do I block clusters of IP addresses?
Question: How do I block clusters of IP addresses? Answer: Although we previously illustrated a method of blocking single IP addresses using an .htaccess file, it is important to know a few things. 1. Many hackers use proxies and other methods to use fake IP addresses. Blocking the one they …
January, 2010
-
21 January
How to set cookie expiration in Apache
Cookies are very important for dynamic websites. They allow you to set parameters for user interaction. With cookies, your website can remember visitors and show them appropriate data, ads, and even specific pages. By default, cookies only last for a single browser session. With the CookieExpires Apache directive, you can …
-
11 January
How to use Apache to deny access to certain directories
In the past, we explained how to deny access to a file or directory with the allow/deny Apache server directive. There are, however, two other ways to do it that may be more to your liking. The allow/deny directive displays the 403 Forbidden page or whatever you have in its …
December, 2009
-
25 December
How to disable hidden files in ProFTPD
Question: How do I disable the viewing of hidden files in ProFTPD so that my clients can’t see them? Answer: It is fairly easy to conceal hidden files in ProFTPD, but before you do, you should be aware of the consequences. Users will not be able to see their own …
November, 2009
-
23 November
Deny Access to Any Files
Question: I have a set of files on my website with the extension .rpc. They are financial files, and I want to make sure that no one can access them from the web. Can i do that? Answer: On an Apache server, you can do just about anything, and .htaccess …