In this article, you will find useful codes for the .htaccess file you need to create in your domain’s /htdocs/ folder
Warning! make sure to only add the RewriteEngine On once! It may break some things!
Show php errors (displays php errors in browser):
php_flag display_errors on
Enforcing https (will redirect every visit over http to the https version of your site):
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Remove file endings (adds the ability to also access over /file instead of /file.php or /file.html)
remove .php:
RewriteEngine On
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.php [NC]
RewriteRule ^ %1 [R,L]
RewriteCond %{DOCUMENT_ROOT}/$1.php -f
RewriteRule ^(.*?)/?$ $1.php [L]
remove .html:
RewriteEngine On
RewriteCond %{THE_REQUEST} ^[A-Z]{3,}\s([^.]+)\.html [NC]
RewriteRule ^ %1 [R,L]
RewriteCond %{DOCUMENT_ROOT}/$1.html -f
RewriteRule ^(.*?)/?$ $1.html [L]
Defining custom error pages (enables you to change the defult 404/500/ etc. page):
ErrorDocument 400 /error/bad-request.html
ErrorDocument 401 /error/unauthorised.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/file-not-found.html
ErrorDocument 500 /error/internal-server-error.html
The number after ErrorDocument is the error code number, the path after it the path to the html/php document, while / is your htdocs folder.
This way is preferred over the vPanel way, as it wont give Mixed Content warnings over SSL.
Blocking IPs (will block the ips from visiting):
order allow,deny
deny from 1.2.3.4
allow from all
you can add as many deny from x.x.x.x as you like:
order allow,deny
deny from 1.2.3.4
deny from 81.214.78.92
deny from 9.4.74.8
allow from all
you can also block full ip ranges:
order allow,deny
deny from 85.214.
allow from all
Block your site from getting iframed (will show errors if a site tries to iframe your site):
Header set X-Frame-Options: "DENY"
Block visitors reffered from a defined domain:
RewriteEngine on
RewriteCond %{HTTP_REFERER} example.com [NC,OR]
RewriteRule .* - [F]
you can add as many domains as you like:
RewriteEngine on
RewriteCond %{HTTP_REFERER} example1.com [NC,OR]
RewriteCond %{HTTP_REFERER} example2.com [NC,OR]
RewriteCond %{HTTP_REFERER} example3.com [NC,OR]
RewriteCond %{HTTP_REFERER} example4.com [NC,OR]
RewriteRule .* - [F]