Detect And Redirect Android Users With .htaccess

Last night I shared a trick to redirect Android users to your Android/mobile website with a simple PHP snippet. It's time to do the same with .htaccess file. Android is the most used smart phone platform right now, and is a hot topic for developers.

Add this following code to your .htaccess file to redirect users with Android User Agent to a specific address:

RewriteCond %{HTTP_USER_AGENT} ^.*Android.*$
RewriteRule ^(.*)$ http://android.yourwebsite.com [R=301]

Prevent Directory Browsing With .htaccess

I recently shared several articles about .htaccess file, and as you may know by now, it's a great file if you're working on the security of your site. Today we'll disable the directory browsing in our website with some editing in .htaccess file.

You know how you can change a few characters in a URL and continue browsing the website. Sometimes, it could be very dangerous for our website, so it's time to prevent directory browsing.

Add following snippet to your .htaccess file:

# directory browsing
Options All -Indexes

Save the file, and that's it!

Protect Your wp-config.php File With .htaccess

As a webmaster, it's our duty to take care of our website. And security is our #1 priority when it comes to take care of a blog. As we know, there are millions of security issues with WordPress, which can be solved with some simple things, such as security plugins, configuring our .htaccess file, etc.

Today we'll secure our wp-config.php file with some basic .htaccess editing. Add following code to your .htaccess file:

<files wp-config.php>
order allow,deny
deny from all
</files>

This code should be placed in an .htaccess file located in the directory that contains your wp-config.php file.

Restrict Access To WordPress Media Uploads

Ever wanted to restrict access WordPress media upload mime/format? Yes, that's why you guys are reading this post. You can perform this trick with directories such as /uploads/, /upgrade/, and /backups/. All you need a .htaccess file for the directory.

Create an .htaccess file for your /uploads/ directory (or use existing file if present). Add following code to the .htaccess file:

# restrict access to uploads directory
<Files ~ ".*\..*">
    Order Allow,Deny
    Deny from all
</Files>
<FilesMatch "\.(jpg|jpeg|jpe|gif|png|tif|tiff)$">
    Order Deny,Allow
    Allow from all
</FilesMatch>

The above code denies access to all files but only to the specified types of mime in the 6th line. You can also add more file types to the code such as .zip, .mp3, .mov, or anything.

You can also use same technique in other directories such as /upgrade/, /backup/, and more. Just create an .htaccess file in the directory and add the above code.

Prevent Image Hotlinking With .htaccess

Image courtesy of markinns.com

Ever wonder how someone stealing your images, directly taking the URL and display on their own website can effect your bandwidths? This is what we call image hotlinking. With every single view of our images on their site cost us bandwidths. Because it's called directly from our server.

Not sure about you, but I paid for this bandwidths (not for this site). Just like almost everything, there is a way to stop thieves  from stealing our bandwidths without our permission. For those who are wondering, this tutorial is also for WordPressers.

Visit your FTP/File Manager and add following to your .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain2.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjentSbUVx-fuFCCSHSi_6OL0g8IjaYt5K94H5s5v8jCEd4THGRVviaGxcMc5LOVsmvIpC0AuKe1NK4yNMW6lax31b3K6hhQZM2TBblWoGtSQ_i9jK-e4SvIAw0NuU3Vo5KkO0y2n0rPZ4/s1600/Hotlinking.gif [NC,R,L]

By default all sites are blocked from hotlinking. Only those specified by you are allowed to do so. Don't forget to replace yourdomain.com in above code with your website's URL. You can add as many URLs as you want.

Also the link https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjentSbUVx-fuFCCSHSi_6OL0g8IjaYt5K94H5s5v8jCEd4THGRVviaGxcMc5LOVsmvIpC0AuKe1NK4yNMW6lax31b3K6hhQZM2TBblWoGtSQ_i9jK-e4SvIAw0NuU3Vo5KkO0y2n0rPZ4/s1600/Hotlinking.gif is to a image you’ve set, and whenever image hotlinking is detected, this image will show up. You can change it to your favorite hotlinking message or anything you want. Just make sure where this image is not hotlink protected.