Using .htaccess file to provide a directory level configuration in apache such as displaying customized error pages, Redirecting the user from old directory to new directory, authentication system , denying /allowing users from specific IP . The .htaccess file is a web server configuration file that consists of one or more configuration directives. The .htaccess file is used to enable/disable additional functionality and features offered by Apache Web Server.

Using the .htaccess file:

We place this file, with the required directives, in any of the directory and these directives are than implemented on this directory and it's subdirectory.

1. To display customized error pages which is easily understandable by the user :

For example: To display a customized error page if user faces any of the following error 401, 403, 404, 500 , we write the following directive in a notepad and save the file by name .htaccess only and not ( .htaccess.txt or myfile.htaccess.txt or myfile.htaccess)

ErrorDocument 401  /errorpages/401.html (Unauthorized User)
ErrorDocument 403  /errorpages/403.html (Forbidden i.e. have no permission to access)
ErrorDocument 404  /errorpages/404.html (File not found)
ErrorDocument 500  /errorpages/500.html (Internal server error)

---

2. Redirecting the user from old directory to new directory in case we have changed the location of the site content.

Redirect /old_dir/ http://www.example.com/new_dir/index.html

---

3. .htaccess authentication system, is used to set-up password protection. We first choose a directory that we would like to have password protection (Note: this authentication system turns all the files and subdirectories into password protected). Now we put the following directives in our .htaccess file.

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
Require valid-user 
Require user Tom

Elobrating the directives:

1. The first line specifies the authentication type
2. In second line the parameter for AuthName (i.e. Password Required at present) basically just defines the title for the password entry box when the user logs in.
3. The third line specifies the location of the password file.

4. The fourth line specifies that the parameter for Require directive, which can be valid-user or user username (say user Tom).

If we want to permit access for all the users in password file we use: Require valid-user

If we want to permit access for a specific user we use: user username

Note: It's not that we need .htaccess file in order to implement password protection, this can also be done by just putting all the above directives in the section of main server configuration file.

---

4. Denying visitors with specific IP address:

For restricting users to access the site from specific IP address we include the following directives in the .htaccess file.

 order allow,deny
 deny from 120.12.6.7
 deny from 120.55.8.
 allow from all

this will restrict the user with IP address 120.12.6.7 and restrict all the IP addresses having first three set of digits same as mentioned in the directive.

---

5. We can also allow users from specific IP to access the site and restrict users from other IP by including the following lines in the .htaccess file.

order allow,deny
allow from 128.12.8.1
deny from all   

---

6. Allowing a specific page to display when specific directory is accessed, we add the following line in the .htaccess file.

DirectoryIndex pages.html 

The above line tell the apache server to display the pages.html file whenever the directory containing this .htaccess file is accessed.

---

7. The apache server can be bound to display one file if another is not available by including the following lines in .htaccess file.

DirectoryIndex pages.html pages.cgi pages.php