Your default htaccess : eDigest Help Desk

An htaccess file is added to your web space when your account is created. In case you deleted or overwrote the default file, here it is:

# Code has been added to your htaccess file by the support team
# Contact info@edigest.com with any questions
# and before making changes to php_flags or caching settings below
php_flag display_startup_errors off
php_flag display_errors off
php_flag html_errors off
php_flag log_errors off
php_flag ignore_repeated_errors on
php_flag ignore_repeated_source on
php_flag report_memleaks off
php_flag track_errors off
php_value docref_root 0
php_value docref_ext 0
php_value error_log /home/<user>/public_html/php_errors.log
# some error_reporting values:
# http://php.net/manual/en/errorfunc.constants.php
# -1 everything; 0 nothing
# 4339 custom value that only logs issues that affect the functioning of your site
php_value error_reporting 0
php_value log_errors_max_len 1024

<Files php_errors.log>
 Order allow,deny
 Deny from all
 Satisfy All
</Files>

# protect xmlrpc
# comment this out if you use JetPack
#<Files xmlrpc.php>
#        Order Deny,Allow
#        Deny from all
#</Files>

#DirectoryIndex index.html index.php
php_value session.save_path /home/<user>/tmp
#php_flag xcache.cacher On

You should consider adding these lines at the top of your htaccess file for any website. Where you see <user> you should substitute your account user name.

This is what the lines do:

The top php_flag and php_value lines (4 through 20) are all for error reporting and error logging. Normally, error logging should be off unless you're experiencing a problem.

The <Files php_errors.log> container (lines 22 through 26) prevents anyone from viewing the error log in their browser.

The <Files xmlrpc.php> container (lines 30 through 33) is primarily for content management systems such as WordPress and Drupal. It allows remote manipulation of the website, among other things. It is considered "safe" currently, though it was a source of "hacks" in the past. Unless you are using JetPack or another plugin that requires XMLRPC you might consider uncommenting this container (to prevent accessing XML-RPC) because a lot of script kiddies scan websites hoping to find a vulnerable version of xmlrpc.php.

Finally,

DirectoryIndex (line 35) allows you to set the default index file (the file that will be loaded when your website is browsed by domain, e.g., http://mydomain.com/

php_value session.save_path /home/<user>/tmp (line 36) tells PHP where to store sessions files, primarily used by CMSs to keep track of a visitors session.

php_flag xcache.cacher On (line 37) turns on XCache caching, which is off by default. If your website can use XCache, we strongly recommend uncommenting this time (remove the # at the front of the line) to speed up your website, reduce bandwidth and reduce your website load.

eDigest Help Desk

How can we help you today?

Your default htaccess Print

How can we help you today?

Your default htaccess Print

Related Articles