Tutorial Shock Teenage Gangsters with wp-config Redirect

by in , 0

Funny email from a reader, that I figured would make a good post:

This is a funny redirect. I get one or two visits a day from teenage gangsters trying to enter my server by checking if a wp-config-file exists that is no longer the newest version. I got best panic results by linking to the Russian IT-Counter-intelligence Agency.

NOTE: You should NOT use this if you are ACTUALLY using WordPress. Also, I updated it to the FBI since that Russian site went down.

Redirect 301 /wp-config.php http://www.fbi.gov/

Tutorial Set Expires

by in , 0

Setting "expires" tells browsers downloading these files that they don't need to request it again for this specific length of time. In otherwords, use the cache instead if you have it. This can reduce stress on the server for you, and speed up page load time for visitors.

# BEGIN EXPIRES
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault "access plus 10 days"
    ExpiresByType text/css "access plus 1 week"
    ExpiresByType text/plain "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType application/x-javascript "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 week"
    ExpiresByType application/x-icon "access plus 1 year"
</IfModule>
# END EXPIRES

Tutorial Serve SVG with the Correct Content Type

by in , 0

If you are trying to use SVG like <img src="image.svg"> or as a CSS background-image, and the file is linked to correctly and everything seems right, but the browser isn't displaying it, it might be because your server is serving it with an incorrect content-type.

Add this to your .htaccess file at the root to fix it:

AddType image/svg+xml .svg .svgz

Tutorial Remove File Extention from URLs

by in , 0

RewriteRule ^about$ about.php [L]

That little bit will make http://example.com/about.php be able to load at http://example.com/about

Tutorial Prevent Image Hotlinking

by in , 0

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yourdomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpg|gif|bmp|png)$ /images/dontsteal.jpg [L]

Images linked to from anywhere else than your website are redirected to a custom graphic. Do note though, that this would affect people reading posts through RSS readers as well.

Also allow search engines

RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydomain\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?google\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?bing\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?(.*\.)?yahoo\.(.+)/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|png)$ /transparent.gif [L]

Tutorial PHP Error Logging

by in , 0

Log errors to a file, and prevent showing them to the user. Make sure that the file exists and youre able to write to it.

# display no errs to user
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off
# log to file
php_flag log_errors on
php_value error_log /location/to/php_error.log

Tutorial Password Protect Folder(s)

by in , 0

Put in .htaccess file in the directory you are trying to protect:

AuthType Basic
AuthName "This Area is Password Protected"
AuthUserFile /full/path/to/.htpasswd
Require valid-user

Ideally, the .htpasswd file will be not in a public facing directory. Put this in there:

chriscoyier:$apr1$O/BJv...$vIHV9Q7ySPkw6Mv6Kd/ZE/

That is just a sample, you can create the code for your unique username and password here.

Note that all subdirectories of this directory will also be password protected by this same system.