Securing Website through .htaccess behind CloudFlare or CDN

access-denied

By default, when you want to block or allow some IP(s) from your website, you may simply do it as the following rules from .htaccess,

order deny,allow
deny from all
allow from 1.1.1.1
allow from 2.2.2.2

However, if you are using service like CloudFlare or other CDN service, you can not do like this as Apache do not understand your visitor IP.

To do that, you need to do like rules below,

SetEnvIf X-FORWARDED-FOR 1.1.1.1 allow
SetEnvIf X-FORWARDED-FOR 2.2.2.2 allow
order deny,allow
deny from all
allow from env=allow

If you need it for IP ranges or network block such as 1.1.1.0/24, you may do it like,

SetEnvIf X-FORWARDED-FOR "^1\.1\.1\.*" allow
order deny,allow
deny from all
allow from env=allow

Optimize your site Apache mod_deflate compression

Website compression is a way to save your bandwidth and speed up your website. You may easily apply this deflation to your site by referring to this article.

1. First of all, you should compile mod_deflate to your Apache.
2. Next add the following script to your .htaccess.

# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

Using URLRewrite mappings in separate file

Nowadays, Programmer rarely know that .Net Framework could actually do the rewrite through the .Net URL Rewrite itself without using the third-party application to call the .htaccess rules from Apache and do not need to use APE to run the rules.

But do you know that with URL Rewrite rules that applied to the web.config file, you could actually call it externally without messed up such as the .htaccess.

By right, the format of the URL rewrite rules could as simply as below.

<rewriteMaps>
<rewriteMap name=”Redirects”>
<add key= “/ oldurl” value=”/newurl” />
<add key= “/ otheroldurl” value=”/othernewurl” />
</rewriteMap>
</rewriteMaps>

You could applied the above rules to your web.config file, however you could do the below calling function from external file.
<rewriteMaps configSource=”rewritemaps.config” />

We named the another file called rewritemaps.config, and you may applied all of the rewrite rules over there.

Redirect A Website with mod_rewrite

.htacess is very useful when you want to manage your website. It can be used to define the value that you want, block certain IPs, etc.

To redirect a website, you do not need to hard code from every single of your page, but you may use the .htaccess rewrite to get it done.

To redirect a domain name to www such as mickgenie.com to www.mickgenie.com

RewriteEngine on
RewriteCond %{HTTP_HOST} ^mickgenie\.com$
RewriteRule ^(.*)$ http://www.mickgenie.com [R=301,L]

To redirect mickgenie.com and www.mickgenie.com to www.mickgenie.com

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.mickgenie\.com$ [OR]
RewriteCond %{HTTP_HOST} ^mickgenie\.com$
RewriteRule ^(.*)$ http://www.mickgenie.com [R=301,L]

All in one redirect scripting

HTML redirect:

For most of the webmaster, they will prefer 301 Redirect. With HTML redirect with HTML, I will suggest canonical type.

You may use the following script from the HTML with canonical redirection.

<link rel="canonical" href="http://www.mickgenie.com/" />

htaccess with mod_rewrite redirect:

If you are using Apache or Mod_Rewrite enabled Web services, htaccess with mod_rewrite redirect is very useful, you may use the following script to perform your redirection.

RewriteEngine On
RewriteCond %{HTTP_HOST} ^mickgenie.com
RewriteRule (.*) http://www.mickgenie.com/$1 [R=301,L]

ColdFusion Redirect:

Sample code for Cold Fusion.

<cfheader name="Location" value="http://www.mickgenie.com/">

PHP Redirect:

Sample code for PHP.

<?php
header("location:http://www.mickgenie.com");
exit;
?>

ASP Redirect:

Sample Code for ASP.

<%@ Language=VBScript %>
<%
Response.Status="301 Moved Permanently"
Response.AddHeader "Location", "http://www.mickgenie.com/"
%>

ASP.Net Redirect:

Sample Code for ASP.Net.

<script runat="server">
private void Page_Load(object sender, System.EventArgs e)
{
Response.AddHeader("Location","http://www.mickgenie.com/");
}
</script>

Java Redirect:

Sample Code for Java.

<%
response.setHeader( "Location", "http://www.mickgenie.com/" );
response.setHeader( "Connection", "close" );
%>

Perl & CGI redirect:

Sample Code for Perl & CGI.

$q = new CGI;
print $q-› redirect(" http://www.mickgenie.com/ ");

Ruby & Ruby on Rails Redirect:

Sample code for Ruby & Ruby on Rails.

head :moved_permanently, :location =› "http://www.mickgenie.com/