Posts categorized: Blog

Control Request Methods

Sites hosted on Apache servers can accept a wide range of request methods. For example, most developers are familiar with GET and POST requests. Other request methods are less common, such as DELETE, HEAD, and PUT. While many types of request methods are harmless or even beneficial, some of them are just unnecessary and serve […]

Limit File Upload Size

This tutorial explains how to protect against DoS attacks by limiting file upload size.

Target Blank User Agent

How to target a blank or empty User Agent using .htaccess.

Increase Security with X-Security Headers

Here are three .htaccess techniques to increase your site’s security. These techniques add extra security headers to all of your site’s resources. Specifically, this tutorial explains how to add X-Security Headers to protect against cross-site scripting (XSS), page-framing, and content-sniffing. Adding these extra headers is simple and helps to boost the security of your site.

.htaccess redirect to https and www

If your site is serving secure pages via the HTTPS protocol (i.e., via SSL/TLS), you may need a technique to redirect all HTTP requests to HTTPS. Then to go further with your canonicalization efforts, you may also want to redirect all www requests to non-www (or vice versa). Both of these techniques are essential for […]