.htaccess best practices

jfw · 2010-01-17 16:45:44 UTC

What are best practices for using and editing htaccess files? I have searched the support pages and forums and can’t find the answers to these questions. I am very experienced with webmastering/http/apache/htaccess, but new to DreamHost.

I turned on password restrictions via “Htaccess/WebDAV” for one of my sites and a .htaccess file was created. The file reads “Generated by Dreamhost. DO NOT modify!!!”

Q1) Does this mean it will get overwritten regularly without warning, or only when I make additional changes from the Htaccess/WebDAV interface?

Q2) Is manual editing the only way to add other directives such as “Options -Indexes”?

Q3) If I add directives manually, will I no longer be able to use the Htaccess/WebDAV interface to add users, and must I do every change manually from then on? I tried this and it did not seem to preserve my changes (hence the “DO NOT modify” apparently!).

Q4) Are there any other recommendations that people would make? How do you manage things like custom changes with things the DH interface does like password control?

Thanks!

rlparker · 2010-01-17 23:04:02 UTC

Really, the “best practice” here in my opinion is to manage the .htaccess file yourself if you are capable of doing so. This gives you a lot more flexibility in the use of the file than the Account Control Panel’s limited basic authentication tool.

That said, as for your specific questions:

No, but it will get overwritten if you do anything to effect it in the account control panel, like add new users, or change passwords, etc. Not the permissions set by default on the panel generated .htaccess file do not encourage casual editing.

Yes.

See answer to question #1 - the panel .htaccess tool simply write its own .htaccess file. On a side note, it doesn’t know your directory structure at all, which is why it puts the .htpasswd file in the same directory (I prefer to keep those completely outside the web-accessible directories, so I always manage my own).

I don’t use the Panel tool, but prefer to prepare and manage my own .htaccess file(s). If you want a “easier” or “friendlier” way to manage basic authentication for users, there are many scripts out there that give you a nice interface to this, which you could install if you want.

–rlparker
–DreamHost Tech Support

jfw · 2010-01-19 01:23:13 UTC

No problem, that all makes sense.

Thanks @rlparker!