A reader recently asked how to add or remove the .html file extension from various URLs. The solution of course is found in Apache’s miraculous rewrite module, mod_rewrite. Using a few well-written RewriteRule directives in the htaccess file of your site’s root or target directory, modifying file extensions in URIs is relatively simple. This tutorial […]

Quick post today showing some different ways to block visitors via their IP address. This can be useful for a variety of reasons, including stopping some stupid script kiddie from harassing your site, or preventing some creepy stalker loser from lurking around your forums, or even silencing the endless supply of angry trolls that never […]

Instead of blacklisting a million billion different bad bots, a perhaps more effective strategy is to whitelist the good bots. In this post, I discuss the pros and cons of a general strategy for whitelisting bad bots, and then examine an experimental set of .htaccess rules that you can customize and use to develop your […]

This article explains how to protect against PHP “fingerprinting” attacks, whereby an actor attempts to gain sensitive information regarding the version of PHP running on your server. Aka version probing, disclosure, among others.

Version 1.7 now available! This update to the First Edition of .htaccess made easy features some great improvements, including new techniques and updated template files. Here is a summary of changes: