https://entorb.net//wiki/index.php?action=history&feed=atom&title=ApacheApache - Revision history2026-05-06T10:29:16ZRevision history for this page on the wikiMediaWiki 1.43.1https://entorb.net//wiki/index.php?title=Apache&diff=5402&oldid=prevTorben: /* Token Query Parameter protection */2026-03-17T05:31:30Z<p><span class="autocomment">Token Query Parameter protection</span></p>
<p><b>New page</b></p><div>[[Category:Webserver]]<br />
==.htaccess==<br />
===basics===<br />
# a different .htaccess file can be stored in each subfolder <br />
<br />
# set the timezone<br />
SetEnv TZ Europe/Berlin<br />
<br />
# do not generate a index.htm listing of the files<br />
Options -Indexes<br />
# can be turned on for a specifiv subfolder by using another .htaccess <br />
# in that folder containing "Options Indexes" without the "-"<br />
<br />
# disable the display on index-pages for files matching * = all<br />
IndexIgnore *.jpg<br />
<br />
# ensure that http://entorb.net --> http://www.entorb.net<br />
RewriteCond %{HTTP_HOST} !^www\.entorb\.net$<br />
RewriteRule ^(.*)$ http://www.entorb.net/$1 [L,R=301]<br />
<br />
===Password===<br />
Ask for a password when accessing a folder<br />
<br />
[http://httpd.apache.org/docs/1.3/howto/htaccess.html]<br />
Create a new passwd file<br />
htpasswd -c -m /some/path/passwd.file myUser<br />
Add another user<br />
htpasswd -m /some/path/passwd.file myUser2<br />
<br />
( at Uberspace the <passwd.file> has to be located below /var/www/virtual/<USER>/ )<br />
<br />
.htaccess:<br />
AuthType Basic<br />
AuthName "some Text"<br />
AuthUserFile /some/path/passwd.file<br />
AuthBasicProvider file<br />
Require valid-user<br />
<br />
===Token Query Parameter protection===<br />
# require a token query parameter to be set<br />
RewriteEngine On<br />
RewriteCond %{QUERY_STRING} !token=asdf<br />
RewriteRule ^ - [F]<br />
<br />
===URL Rewrite for wiki===<br />
see<br />
[http://www.stephan-hertz.de/blog/modrewrite-und-suchmaschinen-optimierung-fur-ein-wiki-via-htaccess/]<br />
, [http://www.mediawiki.org/wiki/Manual:Short_URL/wiki/Page_title_--_DreamHost_Shared_Hosting]<br />
or [http://www.mediawiki.org/wiki/Manual:Short_URL/wiki/Page_title_--_no_root_access]<br />
<br />
my case: wiki stored unter folder wiki, using virtual folder wickie<br />
# Wiki: convert request using /index.php?title=XYZ ->/XYZ<br />
# only apply the following to wiki urls<br />
RewriteCond %{REQUEST_URI} .*(wickie|wiki).* [nocase]<br />
RewriteCond %{THE_REQUEST} \?title=(.+)\ HTTP<br />
RewriteRule ^.*$ http://www\.entorb\.net/wickie/%1? [R=301,L]<br />
<br />
# Short URLs for Wiki<br />
#http://www.mediawiki.org/wiki/Manual:Short_URL/wiki/Page_title_--_DreamHost_Shared_Hosting<br />
RewriteEngine On<br />
# only apply the following to wiki urls<br />
RewriteCond %{REQUEST_URI} .*(wickie|wiki).* [nocase]<br />
RewriteCond %{REQUEST_FILENAME} !-f<br />
RewriteCond %{REQUEST_FILENAME} !-d<br />
RewriteRule ^(.+)$ /wiki/index.php?title=$1 [L,QSA]<br />
# in LocalSettings.php<br />
$wgUsePathInfo = true;<br />
$wgScriptPath = "/wiki"; # real path<br />
$wgScriptExtension = ".php";<br />
$wgScript = "$wgScriptPath/index$wgScriptExtension";<br />
$wgArticlePath = "/wickie/$1"; # virtual path<br />
<br />
==robots.txt==<br />
Place in webservers-root-dir. To keep search robots out of some of your folders. Attention: this file my be a hint for intruders...<br />
User-agent: *<br />
Disallow: /privateStuff/<br />
Disallow: /Gallery/</div>Torben