Htaccess: how to force “www.” in a generic way?

This works on any domain

#Remove the below two comments to disable it on localhost
#RewriteCond %{HTTP_HOST} !=localhost
#RewriteCond %{HTTP_HOST} !=
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Restrict access to your website

It is also highly encouraged to restrict access to your website while repairing the database or making upgrade. Here is an example of restricting your website instance to your IP address exclusively. Other visitors, including search spiders, will get the HTTP 503 Service Unavailable error.

Change default directory page

Most probably you have been wondering how the Webserver decides which page from your site to use as a main/default page of your site. There is a directive named DirectoryIndex which takes care of this.

On most web servers there is a pre-defined set of file names which server a start page.
The most commonly used are: index.html, default.html, index.php, index.asp, etc.

The good news is that you can set your custom file to be a start page of your site using .htaccess.

For example the following line set home-page.html as a main page of your site:

DirectoryIndex home-page.html

The DirectoryIndex directive can accept more than one name:

DirectoryIndex home-page.html Home.html, index.html index.php index.cgi

So when a visitors goes to the first page to be loaded will be the home-page.html if it cannot be found the server will look then for Home.html, index.html, etc until it finds a match.

Prevent Script Execution

You can disable scripts being run in the directory of your choice by adding the following code to your .htaccess file in that directory:

Options -ExecCGI
AddHandler cgi-script .php .php3 .php4 .php5 .phtml .pl .py .jsp .asp .htm .html .shtml .sh .cgi .xml

You can replace the file types in the example with the file types you wish to disallow.

This would be particularly useful if you allow visitors to upload files to your server, but want to be sure that any potentially harmful files they upload are not allowed to execute.

How do I block direct access to critical files using .htaccess?

Critical files, Let say configuration.php file for Joomla
1. Make a backup copy of your .htaccess file. Use your backup file to recover if the following fails. Be sure to delete the backup file once you are finished.
2. Add the following to your .htaccess file. This example will protect the configurtation.php file.

<filesMatch "configuration.php">
Order allow,deny
Deny from all

Magic Trick: Allow/Prevent Directory Browsing

Most servers are configured so that directory browsing is not allowed, that is if people enter the URL to a directory that does not contain an index file they will not see the contents of the directory but will instead get an error message. If your site is not configured this way you can prevent directory browsing by adding this simple line to your .htaccess file: