Long ago I put two articles on .htaccess, and since it's been a while, I'll refresh the base a bit:
What is htaccess?
In each folder that we have shared (hosted) we can put a file .htaccess (notice the period at the beginning of the name, this indicates that it is hidden). This file will be our police for calling it in some way, because in it we can write rules or norms that will help us to manipulate / manage access to that same folder where the file is, to the folder and files (and subfolders) that this same contain.
Simply put. If I have the folder “/test/", Making use of a .htaccess I can configure which IPs I want to access and which not, configure if I want that when someone enters this folder it will automatically redirect them to another site, and a VERY long etc.
I really recommend that you read the two previous articles:
-
htaccess [Introduction]: Rules, norms, control over your content published on the net
-
htaccess [Redirect]: Rules, regulations, control over your content published on the network
Let's move on to what I will specifically address in this post.
Utility No.1
What we want to do is:
- If a user uses Internet Explorer do not open the site, which redirects you to site of Firefox for a real browser to be installed.
Knowing that the UserAgent that identifies internet explorer is MSIE
We already have everything we need 🙂
The operating logic would be:
- Identify if the user uses IE or not.
- If you use IE it will not show you the site, instead of doing this what will happen is that it will open the Mozilla site.
- If you don't use IE it will open our site without any problems.
To achieve this we must put in our .htaccess file (if it does not exist, create it) the following lines:
RewriteEngine On
RewriteCond% {HTTP_USER_AGENT} ^. * MSIE. * $ [NC] RewriteRule. * Http://www.mozilla.org/en-US/firefox/new/
And this is it, that simple.
With these lines what we indicate is:
- If mod_rewrite module is active:
- Start the rewrite engine and:
- If the condition is met that somewhere in the UserAgent contains MSIE then:
- Apply the rule of: redirect the user to the site - »Http://www.mozilla.org/en-US/firefox/new/
- It's over now, stop using the mod_rewrite module
Obviously they can change the address the user will be redirected to, this is just an example.
Now we go with another utility ... 😉
Utility No.2
For example, we want to put some content on the internet in a folder on our web server, but we want only certain people to access it, we can protect the folder with a password using Apache, yes, but if we want not to complicate so much ... we can:
- Read the UserAgent of the user.
- If the UserAgent has the word "topsecret" somewhere:
- Let him access the folder
- If the UserAgent does NOT have the word "topsecret" anywhere:
- Display an Access Denied sign.
To achieve this, the code is extremely similar to the previous one… the main variation is the exclamation mark «!»In the UserAgent verification line:
RewriteEngine On
RewriteCond% {HTTP_USER_AGENT}! ^. * Topsecret. * $ [NC] RewriteRule. * Http://www.google.com
Here there is not much to explain because I already explained the previous one, as I already said, this one has as its main difference the exclamation mark, which means:
- If it does NOT contain topsecret somewhere in the UserAgent ...
Well this is it for the moment 😀
I hope it has been useful, there is still much to talk about .htaccess, I still have a lot to learn 🙂
regards
I don't know whether to comment on this, just add that in the blackhat of 2012 an htaccess vulnerability was mentioned. In dragonjar they detail everything very well and explain how to correct it in case someone is interested:
Enlace
@KZKG very good contribution, excellent.
@ k3D1 I immediately remembered the vulnerability but was not sure what it was about (German will be visiting me !?
Thanks for the link!
Thanks, since I do not contribute in terms of news, I try to contribute in terms of more technical things 🙂
Thank you, I did not know about this 😉
I've been posting a comment before but apparently it hasn't been posted. Anyway, I repeat it for those who are interested, it is a publication in dragonjar to prevent an htaccess vulnerability:
http://www.dragonjar.org/htexploit-herramienta-para-saltar-proteccion-con-archivos-htaccess.xhtml
My apologies, the anti-SPAM filter sometimes does things that I don't even understand, there were some comments in the SPAM queue for no apparent reason, I already approved them.
Apologize again.
No problem, it is always good that comments that contain links must be approved, my confusion came from how the first one sent you with an html tag, I thought there had been some problem.
And nothing, cheer up with the technical posts that are very good, in this blog I have found a lot of excellent material.
Added to Favorites!
(I.e.
Hello,
How could I do the same as you explain for firefox but for internet explorer
I didn't understand what you want to do.