This section contains information on several miscellaneous topics. Choose the topic of interest from the section links below.

 

Server-side Includes (SSI)
Server-Side Includes (commonly called SSI) are small commands that you can put in your HTML document. These commands perform specific functions, such as inserting text, the date, server variables, etc…
Customized 404 Missing Page
A file named missing.html already exists in the www directory of your account. This is the page that is returned to the visitor when they attempt to visit a page that does not exist on your account….
Other Custom Error Messages
Our servers default to the “standard” Apache error message pages for most common browser errors. If you want to develop your own error pages, you’ll need to define those pages in a file named .htaccess, which you upload into your main www directory…
Compiling C++ Programs
We offer the gcc compiler on our servers…
Compiling Java Programs
So you’ve written (or downloaded) java code and you need to compile it. Easy enough…
Using Miva Script
The Miva Engine makes building dynamic web sites as easy as writing HTML. Quickly develop server and browser independent dynamic sites using the XML standard…
MySQL Database
You can create up to 4 MySQL databases using the “Add MySQL Database” function of your Control Panel…
Zipping & Unzipping Files
There are several methods of archiving files and retrieving archives…
PHP
PHP is installed on our servers for those users who are familiar with the language…
Fun with .htaccess
The Apache web server has a number of configuration options that are available to the server administrator. In a shared hosting environment, you don’t have access to the main Apache configuration so you’re stuck with the default configuration. However, it is possible to override some of the default settings by creating (or editing) a file named .htaccess…
File Permissions Tutorial
Just for a few minutes, forget about Windows, where you start up your computer, create a file, can open it for reading and writing or delete it without doing anything special. On Linux servers, the server needs to know 2 things about files…
Streaming mp3 Media
To stream an mp3 file, upload your mp3 file to your www directory (or to a subdirectory of your www directory) in BINARY format. Then create a text file with a .m3u extension. The .m3u file should contain only the URL to your mp3 file, and it should be uploaded in ASCII format…

Zipping and Unzipping Files in UNIX

Zipping and Unzipping Files in UNIX

There are several methods of archiving files and retrieving archives. I recommend using the “zip” function to compress your files for its ease of use and portability. (Files zipped in Unix can be extracted using various tools on various platforms including Windows).

Below I have provided various “unzip” methods. The “right” unzip method depends upon the method used to zip the file. You can tell the zip method by the file extension (e.g., .zip.tar.gz, etc.)

Zipping Files Using ZIP

This Unix program is compatible with the zip program for Windows and most other operating systems. To zip files, first have the files uploaded to your server, then log into your account with SSH. Navigate to the directory where the files are that you want to zip (for instance by typing cd www then cd sounds to move to your/www/sounds directory). Then type:

zip myzip file1 file2 file3

This puts the files named file1file2, and file3 into a new zip archive called myzip.zip.

Unzipping Files

Please note that the unzip method you use is defined by the filename you are trying to unzip. For example, if you are trying to unzip a file called file.tar – you would use the method described in “tar“. Files ending in .gzip or .gz need to be extracted with the method described in “gunzip“.

Zip

If you have an archive named myzip.zip and want to get back the files, you would type:

unzip myzip.zip

Typing zip or unzip by itself will give you a usage summary, showing nearly all the options available.

Tar

To extract a file compressed with tar (e.g., filename.tar), type the following command from your telnet prompt:

tar xvf filename.tar

Basically, this command means that you will see the file “explode”, so don’t worry when you see your screen scrolling wildly. It also means that you will see any errors in the archive.

Gunzip

To extract a file compressed with gunzip, type the following:

gunzip filename_tar.gz

then if you receive no errors, type:

tar xvf filename_tar

How to Stream MP3

How to Stream MP3

[REMINDER: The transmission, storage, or presentation of any information, data or material in violation of any United States Federal, State or local law is strictly prohibited under the terms and conditions of your hosting account. This includes copyrighted material used without permission.]

To stream an mp3 file, upload your mp3 file to your www directory (or to a subdirectory of your www directory) in BINARY format. Then create a text file with a .m3u extension. The .m3u file should contain only the URL to your mp3 file, and it should be uploaded in ASCII format.

For example:

  1. Create a subdirectory (e.g., media) in your www directory.
  2. Then, upload your mp3 file named (e.g., mysongfile.mp3 into that directory. Be sure to upload The mp3 file in BINARY format.
  3. Finally, create a text file (e.g., mysong.m3u) that contains only one line of text: the fully-qualified URL of your mp3 file (e.g.,http://yourdomainname.com/media/mysongfile.mp3).
  4. Then point your browser to the URL of the m3u file (using the above examples, http:///yourdomainname.com/mysong.m3u) and the .mp3 file will buffer and play.

Note that if you bypass the m3u file and point your browser directly to the mp3 file, the file will not stream — the visitor will have to download the entiremp3 file before the media will play.

In the case of mp3 media, the buffering is determined by the media player on the listener’s computer — it’s not a server-side function.

What is PHP?

What is PHP?

What is PHP?

PHP is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generated pages quickly.

For many users, PHP is an attractive alternative to ASP (active server pages). ASP is not really a language in itself, it’s an acronym for Active Server Pages; the actual language used to program ASP with is a script version of Visual Basic. ASP is said to be a slower and more cumbersome language than PHP, less stable as well.

If you’ve already developed your pages using ASP and would like to convert those pages to PHP, there are free online converters to do it.

PHP and Web Hosts

PHP is installed on most web hosts‘ servers. Please note that most of them do not provide support for this language. For the definitive PHP reference, visit http://www.php.net.

If your PHP scripts are not working, try reinstalling PHP from your Control Panel (where available). That will put a fresh installation of PHP on your account.

To use PHP on your domain, just name your web files with the .php extension (e.g., index.php instead of index.html.) Some servers have both PHP version 3 and PHP version 4 installed. On those servers, if you name your files with the .php3 extension, you’ll invoke the PHP3 interpreter; if you name them with the .php extension, you’ll invoke the PHP4 interpreter.

Viewing Current PHP Configuration

To view the current configuration of PHP on your account, create a php file with the following code (we typically name ours phpinfo.php, but you can name it anything you want, as long as it includes the .php extension):

<html>
<head>
<title>PHP Info</title>
</head>
<body>
<?php phpinfo()?>
</body>
</html>

Upload the file to your www directory, and then point your browser to it; the file will return all relevant details of the PHP installation on your account.

Customizing Your PHP Installation

You can change the default PHP configuration by uploading a customized version of the php.ini file into your cgi-bin directory.

An example of the php.ini file is available below. Download the file that matches your version of PHP, edit it as needed, change the name to php.ini, and then upload it into your www/cgi-bin/directory to override the default configuration. IMPORTANT: Be sure to check your existing PHP scripts to ensure that they still function as expected after uploading the php.ini file!

MySQL Database Instructions

MySQL Database Instructions

You can create various number of MySQL databases depending on your host using the “Add MySQL Database” function of your Control Panel. Please note that most web hosts do not provide any support related to the use of this complex application beyond the information provided on this page. For more information, please visit the MySQL Home Page.

At some providers your MySQL USERNAME is your domain name without the extension (e.g., if your domain name is fred.com, your MySQL USERNAME is: fred.) MySQL truncates usernames to 16 characters, so if your domain name is longer than 16 characters, just use the first 16 (e.g., the USERNAME for ihaveanincrediblylongdomainname.com would be: ihaveanincredibl.)

Your MySQL PASSWORD is the password you chose when you created your first database from your control panel. Any databases you create after the first one must use the same password.

Accessing MySQL through Telnet

Use the following outline to connect and begin querying the mySQL server from telnet. Remember that you cannot connect to your databases remotely due to security concerns, you can only connect from localhost.

    1. Connect to the mySQL Serverservername:> mysql -u USERNAME -pEnter Password: PASSWORD
    1. Connect to the Databasemysql> use DATABASENAME;
    1. Receiving Helpmysql> help

 

Accessing MySQL with the MySQL Perl Module

Use the following outline to connect and begin querying the mySQL server from a Perl script. Remember that you cannot connect to your databases remotely due to security concerns. You can only connect from localhost.

    1. Declarations: You must require the mySQL package for your script to function properly. Do this by including the following line in your code: use Mysql;
    1. Connect to the Database: Somewhere near the beginning of your script, you need to make your initial connection to the database server. Using the following form, substitute your database, username, and password for the examples to connect successfully.Mysql->connect('localhost','DATABASENAME','USERNAME','USERPASSWORD');
    1. Executing a Query: You are now ready to begin querying the database server. [Most problems that you may incur will generally occur due to invalid permission settings for the specified user.]

 

Accessing MySQL with PHP

Use the following outline to connect and begin querying the mySQL server from within your PHP scripts. Remember that you cannot connect to your databases remotely due to security reasons. You can only connect to them form localhost.

    1. Connect to the mySQL Server: Use the following statement to connect to the database server. Substitute the username, and password for ones you have created in the WebControl System.MYSQL_CONNECT('localhost','USERNAME','PASSWORD');
    1. Select Your Database: Use the following statement to select the database you wish to connect to. Make sure you substitute the example with your database name.@mysql_select_db("DATABASENAME");
    1. Executing A Query: You are now ready to execute your queries. (Most problems that arise with your scripts will be due to incorrect permission settings.)

 

Export (Dump) or Backup your MySQL Database

To create a backup (dump) of your MySQL database through shell: Connect via SSH, navigate to the directory in which you want your backup stored, and issue the following command:

mysqldump -uusername -ppassword dbname > file.txt

(where username is your MySQL username; password is your MySQL password; dbname is the name of your database; and file.txt is the name of your backup file.)

Import / Restore your MySQL Database

To import/restore your database from an existing backup: Connect via SSH, navigate to the directory that contains your backup, and issue the following command:

mysql -uusername -ppassword dbname < file.txt

(where username is your MySQL username; password is your MySQL password; dbname is the name of your database; and file.txt is the name of your backup file.)

ODBC & JDBC

At this time, we do not offer support for ODBC or JDBC.

Using Miva Empresa (HTMLScript)

Using Miva Empresa (HTMLScript)

What is Miva Empresa?

The Miva Engine makes building dynamic web sites as easy as writing HTML. Quickly develop server and browser independent dynamic sites using the XML standard. Dynamic sites that integrate scripting, database, and commerce can be developed and tested on a Microsoft workstation and deployed on Microsoft or Unix servers.

Miva runs on the web server, interprets the Miva tags and outputs pure HTML to the browser. You can also use Miva to output Javascript and other browser languages, and use the built-in database to easily manipulate and publish data.

Full documentation for Miva Script is offered by Miva Corporation.

How do I use Miva on my server?

The following is what you will need to know to run your Miva script on your domain.

    • The script being called is named miva, and is located in your cgi-bin directory.
    • The active pages (pages with the .hts or .mv extensions) need to be placed in your root www directory, not in subdirectories.
  • A sample URL call for this would be as follows:http://yourdomain.com/cgi-bin/miva?yourpage.mv

 

Miva Script has a variety of pre configured products that require path information. We have preconfigured miva to automatically look in the/home/yourdomain/htsdata directory for data files. If data is placed in this directory an example call would be as follows:

<export file=”file.dat”>

To call Miva Script through the secure server use the following:

https://machine.safe-order.net/cgi-bin/smiva?yourdomain/yourpage.mv

machine should be replaced with the name of the server your account is on. yourdomain should be replaced with your domain name without the TLD extension (i.e., do not include the .com, .net, .org, etc. extensions.)

Supported Standards

HTML SGML XML HTTP
POP3 SMTP ISAPI CGI
NSAPI UNIX WINDOWS JAVA
ODBC xBASE APACHE JAVASCRIPT

Miva (Htmlscript 3.0) tags are XML compliant and include:

<MvEVALUATE>, <MvIF>, <MvELSE>, <MvWHILE>, <MvEXPORT>, <MvIMPORT>, <MvCOMMERCE>, <MvLET>, <MvASSIGN>, <MvCALL>, <MvHIDE>, <MvEXIT>,  <MvCOMMENT>,<MvFUNCTION>, <MvMAIL>, <MvOPEN>, <MvCLOSE>, <MvFIND>,  <MvSKIP>, <MvGO>, <MvADD>, <MvUPDATE>, <MvDELETE>, <MvUNDELETE>,  <MvMAKEINDEX>,<MvSETINDEX>, <MvREINDEX>, <MvPACK>, <MvPRIMARY>, <MIVA>

Using the Java Compiler

Using the Java Compiler

So you’ve written (or downloaded) java code and you need to compile it. Easy enough.

    1. First, upload your .java source code using ftp. Remember to upload your code in ASCII format.
    2. Then, telnet to your account and log in.
    3. Navigate to the directory in which you uploaded your .java source code.
    4. At your telnet prompt, type:

      javac yourcode.java

      where yourcode is the name of the java source code you uploaded.

    5. Hit ENTER and a file named yourcode.class will be created.

If the above command does not work, try issuing the command using the full path to javac:

/usr/local/java/bin/javac yourcode.java

Please note that java servlets are not supported on many servers due to security issues.

Compiling C++ Programs

Compiling C++ Programs

Some web hosts offer gcc compiler on their servers.

The C and C++ compilers are integrated. Both process input files through one or more of four stages: preprocessing, compilation, assembly, and linking. Source filename suffixes identify the source language, but the name that you use for the compiler governs default assumptions.

You can get further information on the compiler from your telnet prompt by typing:

man gcc

This command will return full syntax and options for the compiler.

Creating Custom Error Messages With .htaccess

Creating Custom Error Messages With .htaccess

Most servers default to the “standard” Apache error message pages for most common browser errors. If you want to develop your own error pages, you’ll need to define those pages in a file named .htaccess, which you upload into your main www directory. The custom error pages that you develop also need to be uploaded into your www directory.

401 Authorization Required

This is the page that’s displayed when a user attempts to enter a password-protected directory with an incorrect login and password. To define your custom error page as authorization.html, add the following line to your .htaccess file:

ErrorDocument 401 /authorization.html

403 Access Forbidden

This is the page that’s displayed when a user attempts to enter non-web-enabled directory (e.g., this page will be displayed when the user attempts to enter a directory that does not have an index page defined. They’ll also get this page if your account is disabled.) To define your custom error page as access.html, add the following line to your .htaccess file:

ErrorDocument 403 /access.html

500 Internal Server Error

This is the page your visitors see when there is an error processing a CGI script. To define your error page as ise.html, add this line to your .htaccessfile:

ErrorDocument 500 /error.html

Note: If the full URL of your site is http://www.yourdomain.com/error.html means its location is http://www.yourdomain.com/error.html.

Error Codes

There are a number of possible errors that a visitor might encounter. Each of these errors is associated with a numeric code (e.g., 401, 403, 500 as described above.) You can develop your own error document for any of these codes:

400 Bad Request
401 Authorization Required
402 Payment Required (not used yet)
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable (encoding)
407 Proxy Authentication Required
408 Request Timed Out
409 Conflicting Request
410 Gone
411 Content Length Required
412 Precondition Failed
413 Request Entity Too Long
414 Request URI Too Long
415 Unsupported Media Type
500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported

We also have a post about custom 404 pages.

Creating a Custom 404 File Not Found Error Page

Creating a Custom 404 File Not Found Error Page

With some web hosts a file named missing.html or 404.html already exists in the www directory of your account. This is the page that is returned to the visitor when they attempt to visit a page that does not exist (resulting in a 404 error) on your account. You can edit this file to your liking, or create your own.

As long as it’s named missing.html (or whatever your web host’s default setting is) and it’s in your root www directory, the server will display it whenever someone tries to access a page on your domain that does not exist.

You can override the default missing.html specification by including the following directive in a .htaccess file:

ErrorDocument 404 /customerror.html

… where customerror.html is the name of the file you want to use as your 404 error page, and which you have placed in your main www directory.

For more information on .htaccess directives, see our post titled Fun with .htaccess.

Server-Side Includes (SSI)

Server-Side Includes (SSI)

What are Server-Side Includes?

Server-Side Includes (commonly called SSI) are small commands that you can put in your HTML document. These commands perform specific functions, such as inserting text, the date, server variables, etc.

For example, on the page that you’re reading right now, the main navigation links in the left column and the section links at the top and bottom of the page are both server-side includes. This allows us to make changes to the navigation by changing only 1 file instead of changing dozens of individual pages.

How do Server Side Includes work?

When you receive a visitor to your web page, your visitor’s browser is sending a request for your HTML page to your server. The server grabs the page, then sees the SSI command (or “call”) and knows that you wanted the server to do something to the HTML file before giving the HTML file to the browser. Because of the nature of SSI, you as a visitor cannot see that SSI is in use.

How do I use Server Side Includes on my web site?

Our servers require that all web pages using SSI are named with the .shtml extension instead of .html — otherwise all of your include calls will be ignored.

What can I use SSI for?

There are many things SSI can do for you.

    1. You can “include” a file into your html document. For example, you have a footer that you would like to show on every page in a web site. You have named the footer filefooter.html. In your main html document (let’s call it index.shtml), you would include this code:<!--#include virtual="footer.html"-->It is important to remember the pound sign (#), as that is the key to letting the server that you are using SSI. When your index.shtml is retrieved by a visitor, the server reads your page and sees your call to insert footer.html into your page. The server then retrieves footer.html and inserts it exactly where you placed your SSI call.
    2. You can insert your environment variables (Why? We don’t know why, but some people like to do this). For example, in your .shtml document, typing

      <!--#echo var="HTTP_HOST"-->

      returns www.hostingmanual.net on this server.

      Other environment variables that are available, and their corresponding output from the hostingmanual.net server include:

        • <!--#echo var="SERVER_SOFTWARE" --> : Apache/1.3.26 (Unix) FrontPage/4.0.4.3
        • <!--#echo var="GATEWAY_INTERFACE" --> : CGI/1.1
        • <!--#echo var="DOCUMENT_ROOT" --> : CGI/1.1
        • <!--#echo var="REMOTE_ADDR" --> : 64.208.172.178
        • <!--#echo var="SERVER_PROTOCOL" --> : HTTP/1.0
        • <!--#echo var="REQUEST_METHOD" --> : GET
        • <!--#echo var="HTTP_USER_AGENT" --> : ia_archiver
        • <!--#echo var="SERVER_NAME" --> : www.hostingmanual.net
        • <!--#echo var="SERVER_PORT" --> : 80
        • <!--#echo var="SERVER_ADMIN" --> : webmaster@hostingmanual.net
    3. You can insert the file’s last modification date by using<!--#echo var="LAST_MODIFIED" -->This is the output of LAST_MODIFIED for this page: Wednesday, 02-Aug-2006 15:13:02 CDT
    4. You can execute a CGI program. This is highly contingent on your host. When you use this, your script has to be tight and have no security holes. For example, you have a “Quote of the Moment” script, which inserts a new quote every time your page is reloaded. Some people make you go to a specific page to look at your random quotes, but SSI allows you to insert your random quote into your .shtml page. The command would look like:<!--#exec cgi="cgi-bin/randomquote.cgi"-->(We use the randomquote.cgi program that’s included with all of our hosting accounts to rotate the banners that appear at the top of each page in this manual.) In order for your#exec cgi command to work, you need to make sure that your script is working. Make sure that permissions are at least 755 (rwxrw-rw-) or higher, and if possible, try to run the program first, before including it into your document.
    5. Insert Current Date. You can insert the current date (relative to the server – if you are in Asia, the date may appear as yesterday’s or tomorrow’s date) by using<!--#echo var="DATE_LOCAL"--> Example: Wednesday, 29-Aug-2007 03:13:00 CDT 
    6. Insert IP Number of your visitor. You can let the visitor know their IP# by using<!--#echo var="REMOTE_ADDR"--> Example: 64.208.172.178

Why Can’t I Use SSI with .html pages?

Server-Side Includes tend to run slower than regular .html documents because the server looks for SSI commands to parse into the .shtml documents before displaying the page to your visitors. If we had our configuration set to allow SSI parsing in .html documents, server response would be degraded for those users who don’t use SSI. For that reason, we have our server configuration set to SSI-parse only those documents with the .shtmlextension.

If you want to override the default server configuration so that SSI will work with .html documents, you can create a file named .htaccess and upload it (in ASCII mode) to your main www directory. Add the following lines to your .htaccess file:


AddType text/html .html
AddHandler server-parsed .html

If you want both .html and .htm documents to parse SSI, create your .htaccess file with these lines:


AddType text/html .html
AddHandler server-parsed .html
AddHandler server-parsed .htm

Please note that because the server will now look for SSI commands in each .htm page before displaying the page to your visitors, pages with this extension may parse slightly slower (the same speed as normal .shtml files).

Linux File Permissions Tutorial

Linux File Permissions Tutorial

What are they?

Just for a few minutes, forget about Windows, where you start up your computer, create a file, can open it for reading and writing or delete it without doing anything special.

On Linux servers, the server needs to know 2 things about files:

  1. What can be done to a file; and
  2. Who can do it

The “What can be done to a file” is broken down to three action types: read, write, execute.

  • Reading is just opening a file and looking at its contents
  • Writing is overwriting, appending or deleting a file
  • Executing is allowing a cgi *program* to run. Putting execute permissions on an html file is useless, because the html file will not “do” anything.

The “who can do it” is also broken down to 3 sections: owner, group and public (or world). For mydomain.com:

  • The owner is mydomain. This is the ruler of the account.
  • The group is mydomaing. Groups usually are the owner name, appended with a g or grp
  • The public is anyone who comes to your site (or any other user on the same server.)

What do they look like?

Now that we know the what and who, we need to show what permissions “look like”.  Here’s some output from looking at a couple of mydomain.com’s directories (we got this by telnetting to the domain, and issuing the Unix command, ls -la):


-rw-r--r--    1 mydomain  mydomaing      193 Sep 14 20:12 index.html
-rwxr-xr-x    1 mydomain  mydomaing    61970 Sep 15 02:57 script.pl*
-rw-r--r--    1 mydomain  mydomaing     2214 Sep 15 02:57 variables.var
drwxr-xr-x    2 mydomain  mydomaing     4096 Sep 15 02:57 data/
-rwx------    1 mydomain  mydomaing      489 Jun 27 13:00 sitevars*

The file permissions are in the first column.

As you’ve probably already determined by glancing at the listing above, the ‘r’ signifies read permission; the w signifies write permission; and the ‘x’ signifies execute permission.

Now, let’s break down that mysterious grouping of r’s,w’s and x’s for index.html.
D   O   G    P
-  rw-  r--  r--

The first dash is to signify if it’s a directory or not.  If you’ll refer back to the file listing above, you’ll see that the data/ directory has a “d” in the first column.  This means that the machine realizes data/ is a directory and not a file.  You don’t need to concern yourself about adding the d setting — Linux will automatically toss in a d if it’s a directory.

The next group, under “O” is the owner permissions.  Since you already know that r is read permission and w is write permission, you know that the owner has both of these perms.  Both the group and public have read-only permissions.

Let’s just look at the permissions for 2 more files:

script.pl

D   O    G    P
–  rwx  r-x  r-x

D – It’s not a directory.
O – has read/write/execute permissions
G, P – have read/execute permissions

You’ll also notice the script.pl has a star * next to it in the directory listing above.  That’s a quick and easy identifier that the file is executable.

variables.pl

D   O    G    P
–  rwx  —  —

Here, only the owner has any permissions on the file at all.  No one else can read, write or execute the file.  This is the safest file permissions, but can only be used if you don’t want anyone to see its contents (can’t be viewed on a website).

Minimum Permission Settings

For an executable cgi file  (e.g. cgi, pl or any other cgi program that needs to be invoked from a web browser):

rwxr-xr-x or 755

For a read-only file  (e.g. .html, .shtml, .txt or any other file that’s not a cgi scipt that needs to be accessible from a web browser)

rw-r–r– or 644

For a file that needs to be written from a cgi-program, such as a flat file database that is managed from the browser.

rw-rw-rw- or 666

Now you may be wondering what the numbers are.  Essentially, they are numeric representations of the rwxrwxrwx methods described here.  Each number correlates to each of the 3 of rwx sets (owner, group, and public permissions).  For example:

 O    G    P
7    5    5
rwx  r-x  r-x

O    G    P
7    0    0
rwx  ---  ---

Here’s a little chart that you can use to convert the most common alphabetic permission settings to numeric:

0       No permissions whatsoever
4       Read
5       Read / execute
6       Read / write
7       Read / write / execute

In order for a file to actually write or execute, it must have read permissions, so don’t concern yourself about the other permutations ( write / execute only, write only, execute only ).

How to change file permissions

There are many ways to change file permissions:  from the shell, from an ftp program or from any of the various cgi scripts that alter permissions.  Here’s I’ll outline two.

Shell

The command to change permissions is chmod (change mode).  Here’s a few of the common permission settings:

chmod 755 file.cgi
chmod 644 file.html

Now let’s say that you have just uploaded 5 (or more) cgi files.  It would be rather tedious to do:

chmod 755 file1.cgi
chmod 755 file2.cgi
chmod 755 file3.cgi
chmod 755 file4.cgi
chmod 755 file5.cgi

Linux allows you to use wildcards, represented by an asterisk * do perform an action on a group of files:

chmod 755 *.cgi

Here, we’ve told Linux to set permissions on all files in the directory that end in .cgi.

FTP

Many FTP programs now have the ability to change permissions on files.  In CuteFTP for example, right-click the remote file and select CHMOD from the menu.  then, simply check the permission settings you want for each group.

Fun with .htaccess – A Tutorial with Examples

Htaccess File Tutorial: Let’s Have Some Fun With .htaccess [Examples]

The Apache web server has a number of configuration options that are available to the server administrator. In a shared hosting environment, you don’t have access to the main Apache configuration so you’re stuck with the default configuration. However, it is possible to override some of the default settings by creating (or editing) a file named .htaccess. This htaccess tutorial will show you all the basics you will need in everyday usage.

The .htaccess is a simple ASCII text file placed in your www directory or in a subdirectory of your www directory. You can create or edit this file in any text editor (such as NotePad) and then upload it to the directory for which you want to modify the settings. Be sure that the file is uploaded in ASCII (not BINARY) format, and be sure that the file permissions for the file are set to 644 (rw-r–r–). This allows the server to access the file, but prevents visitors from accessing the file through their web browser (a security risk.)

Commands in the .htaccess file affect the directory that it’s placed in and all subdirectories. If you place the .htaccess file in your www directory, it will affect your entire web site. If you place it in a subdirectory of your www directory, it will affect only that directory plus and subdirectories of that directory.

Most .htaccess commands are designed to be placed on one line. If your text editor wraps lines automatically, you should disable that function before saving and uploading your file. Also, note that .htaccess commands are case-sensitive.

Please note that we do not technically support overriding the default server settings. The information presented here may work and it may not, or it may work today and not tomorrow. Use it at your own risk.

Some of the things you can do with .htaccess include:

Customize Error Messages

If you want to override the server’s error pages, you can use .htaccess to define your own messages. This capability is discussed in the Custom Error Messages section of the manual. An example of the syntax is:

ErrorDocument 500 /error.html

Override SSI Settings

By default, only pages ending in the .shtml extension will parse server-side includes (SSI) on some servers. You can override this restriction in your.htaccess file:

If you want to override the default server configuration so that SSI will work with .html documents, you can create a file named .htaccess and upload it (in ASCII mode) to your main www directory. Add the following lines to your .htaccess file:

AddType text/html .html
AddHandler server-parsed .html

If you want both .html and .htm documents to parse SSI, create your .htaccess file with these lines:

AddType text/html .html
AddHandler server-parsed .html
AddHandler server-parsed .htm

Change Your Default Home Page

In order to browse your site by specifying the domain name only (e.g., http://www.hostingmanual.net) instead of having to specify an exact page filename (e.g., http://www.hostingmanual.net/filename.html), you must have an index page in your www directory. Default acceptable file names for index pages include index.htm,index.html,index.cgi,index.shtml, index.php, etc. Note that they’re all named index.*.

There is also a default order of precedence for these names. So if you have both a file named index.cgi and a file named index.html in your directory, the server will display index.cgi because that name takes a higher precedence than index.html.

Using .htaccess, you can define additional index filenames and/or change the order of precedence. To define your index page as hieronymous.html add the following line to your .htaccess file:

DirectoryIndex hieronymous.html
This will cause the server to look for a file named hieronymous.html. If it finds that file, it will display it. If it does not find that file, it will return a 404 Missing Page error.

To change the order of precedence, enter a DirectoryIndex command with multiple file names on the same line. The order in which the file names are listed (from left to right) determines the order of precedence. For example,

DirectoryIndex hieronymous.html index.cgi index.php index.html

Enable Directory Browsing

Due to security concerns we have removed the default setting that allowed directory indexing. This is the option that allows the contents of a directory to be displayed in the browser when the directory does not contain an index page.

For example, if you make an http call to a directory such as http://yourdomain.com/images/, it would list all the images in that directory without the need for an html page with links.

If you require this option on specific directories it is still available. You can reactivate it by adding the following line to your .htaccess file:

Options +Indexes
Once this is added, the directory will fully index again.

Block Users from Accessing Your Web Site

If you want to deny access to a particular individual, and you know the IP address or domain name that the individual uses to connect to the Internet, you can use .htaccess to block that individual from your web site.

<Limit GET>
order deny,allow
deny from 123.456.789.000
deny from 456.78.90.
deny from .aol.com
allow from all
</Limit>

In the example above, a user from the exact IP number 123.456.789.000 would be blocked; all users within a range of IP numbers from 456.78.90.000 to 456.78.90.999 would be blocked; and all users connecting from America Online (aol.com) would be blocked. When they attempted to browse your web site, they would be presented with the 403 Forbidden (“You do not have permission to access this site”) error.

Redirect Visitors to a New Page or Directory

Let’s say you re-do your entire web site, renaming pages and directories. Visitors to the old pages will receive the 404 File Not Found error. You can solve this problem by redirecting calls to an old page to the new page. For example, if your old page was named oldpage.html and that page has been replaced by newpage.html, add this line to your .htaccess file:

Redirect permanent /oldpage.html http://www.mydomain.com/newpage.html

Of course, you want to replace mydomain.com with your actual domain name. Now, when the visitor types in http://www.mydomain.com/myoldpage.html, they will be automatically redirected to http://www.mydomain.com/mynewpage.html.

If you’ve renamed a directory, you can use one redirect line to affect all pages within the directory:

Redirect permanent /olddirectory http://www.mydomain.com/newdirectory/

Note that the old page or directory is specified using the system path relative to your www directory, while the new page or directory is specified by the absolute URL.

Prevent Hot Linking and Bandwidth Leeching

What if another web site owner is stealing your images and your bandwidth by linking directly to your image files from his/her web site? You can prevent this by adding this to your .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.com/.*$ [NC]
RewriteRule .(gif|jpg)$ - [F]

Replace mydomain.com with your actual domain name. With this code in place, your images will only display when the visitor is browsinghttp://mydomain.com. Images linked from other domains will appear as broken images.

If you’re feeling particularly nasty, you can even provide an alternative image to display on the hot linked pages — for example, an image that says “Stealing is Bad … visit http://mydomain.com to see the real picture that belongs here.” Use this code to accomplish that:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.com/.*$ [NC]
RewriteRule .(gif|jpg)$ http://www.mydomain.com/dontsteal.gif [R,L]

This time, replace mydomain.com with your domain name, and replace dontsteal.gif with the file name of the image you’ve created to discourage hot linking.

Prevent viewing of .htaccess or other files

To prevent visitors from seeing the contents of your .htaccess file, place the following code in the file:

<Files .htaccess>
order allow,deny
deny from all
</Files>

If you want to prevent visitors from seeing another file, just substitute that file’s name for .htaccess in the Files specification.

Eliminate Code Red and NIMDA Virus Attacks from your Access Log

The following suggestion was provided by a customer:

For the last few months my logs have been filling up with Nimda and Code Red failed attacks … placing the below redirects in my .htacess appears to have eliminated the logging problem without affecting my personalized error redirecting scripts. I just thought others may find this handy.

redirect /scripts http://www.stoptheviruscold.invalid
redirect /MSADC http://www.stoptheviruscold.invalid
redirect /c http://www.stoptheviruscold.invalid
redirect /d http://www.stoptheviruscold.invalid
redirect /_mem_bin http://stoptheviruscold.invalid
redirect /msadc http://stoptheviruscold.invalid
RedirectMatch (.*)cmd.exe$ http://stoptheviruscold.invalid$1

We haven’t tried it, but it seems like a nifty idea. If you’re tired of seeing those calls cluttering up your statistics, it might be worth a try. Thanks Roy!