WordPress redirection is not working

If your wordpress is not displaying posts and categories alike eventhough the wordpress loads fine, it’s most likely that the redirection which is an integral part of WordPress is not working. You need to ensure the following things are setup: 1. Your webserver is built with rewrite module support. 2. You have the following lines in your .htaccess: <IfModule mod_rewrite.c> RewriteEngine...

October 24th, 2010 by Akhthar Parvez 

Apache – Secure upload directories

It’s very important to secure directories which are being used as the destination dir for web uploads. You can do this by adding the following entries into the .htaccess file: Options -Indexes AddHandler cgi-script .php .php3 .php4 .php5 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi .txt Options -ExecCGI Just a small step to miss, but the impact may be huge. PS: Make sure that no directories...

August 6th, 2010 by Akhthar Parvez 

Redirect URL with htaccess

If you want to redirect a page/directory to another page/directory, it’s plain simple. Just add the following line into your .htaccess file. Redirect 301 /oldpage.html /new_directory/ Above rule will redirect all requests to the file /oldpage.html to the directory /new_directory/. Redirect number 301 means it was moved permanently. See all numbers below: 300 multiple choices (e.g. offer...

January 18th, 2010 by Akhthar Parvez 

PHP error – URL file-access is disabled in the server configuration

If you get the following error while accessing a PHP script URL file-access is disabled in the server configuration Add the following into the .htaccess file for the particular website to get this work. php_flag allow_url_include Off Note: However, it’s highly recommended to keep allow_url_include disabled as it would be a security risk otherwise. This function allows remote files to be executed...

January 17th, 2010 by Akhthar Parvez 

disable mod_security for a domain

It’s not recommended to disable mod_security for a domain. Most of the times, there should be some other workaround rather than disabling mod_security entirely. This post is for those who know disabling mod_security is the only option and it’s always better to disable it for a particular user rather than doing it server wide. If you want to disable mod_security2 for a particular domain...

December 25th, 2009 by Akhthar Parvez 

Password protect a directory using htaccess

This’s how you can setup password protection using .htaccess: Goto the directory that you want to be protected and create an .htaccess file there with the following contents: AuthType Basic AuthName “Attendance” AuthUserFile /home/school/.htpass/attend Require valid-user Note: Make sure that you place the AuthUserFile outside your document root to make it secure. Then create a password...

December 5th, 2009 by Akhthar Parvez