Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:

It is also highly encouraged to restrict access to your website while repairing the database or making upgrade. Here is an example of restricting your website instance to your IP address exclusively. Other visitors, including search spiders, will get the HTTP 503 Service Unavailable error.

add this code on your .htaccess file

order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx

where xxx.xxx.xxx.xxx is your ip address

Most probably you have been wondering how the Webserver decides which page from your site to use as a main/default page of your site. There is a directive named DirectoryIndex which takes care of this.

On most web servers there is a pre-defined set of file names which server a start page.
The most commonly used are: index.html, default.html, index.php, index.asp, etc.

The good news is that you can set your custom file to be a start page of your site using .htaccess.

For example the following line set home-page.html as a main page of your site:

DirectoryIndex home-page.html

The DirectoryIndex directive can accept more than one name:

DirectoryIndex home-page.html Home.html, index.html index.php index.cgi

So when a visitors goes to http://www.example.com the first page to be loaded will be the home-page.html if it cannot be found the server will look then for Home.html, index.html, etc until it finds a match.

You can disable scripts being run in the directory of your choice by adding the following code to your .htaccess file in that directory:

Options -ExecCGI
AddHandler cgi-script .php .php3 .php4 .php5 .phtml .pl .py .jsp .asp .htm .html .shtml .sh .cgi .xml

You can replace the file types in the example with the file types you wish to disallow.

This would be particularly useful if you allow visitors to upload files to your server, but want to be sure that any potentially harmful files they upload are not allowed to execute.

Critical files, Let say configuration.php file for Joomla
1. Make a backup copy of your .htaccess file. Use your backup file to recover if the following fails. Be sure to delete the backup file once you are finished.
2. Add the following to your .htaccess file. This example will protect the configurtation.php file.

<filesMatch "configuration.php">
Order allow,deny
Deny from all
</filesMatch>

Most servers are configured so that directory browsing is not allowed, that is if people enter the URL to a directory that does not contain an index file they will not see the contents of the directory but will instead get an error message. If your site is not configured this way you can prevent directory browsing by adding this simple line to your .htaccess file: