HtaccessConfigInfo:Wikka

Revision [7737]

This is an old revision of HtaccessConfigInfo made by JavaWoman on 2005-04-29 20:29:45.

.htaccess Configuration Documentation

applies to Wikka 1.1.6.0 (and 1.1.5.1 and 1.1.53)

Wikka on Apache

Wikka "assumes" it will be installed on an Apache web server. Although it's perfectly possible to install Wikka on other web servers (as long as PHP is installed), Wikka comes with a number of .htaccess configuration files for use with Apache. This page serves as an explanation of the function of these files and how they work.
If you control your own server and are able to use the httpd.conf file for server configuration, using this is preferable over using .htaccess files. This page does not explain how to do that but if you have sufficient Apache knowledge you can use this page as a guideline for what to add to your configuration to achieve the same functionality.

Wikka on other web servers

With other web servers than Apache these files will generally be ignored: to implement their function you'll have to do your own configuration. The documentation on this page can serve as a guideline but we cannot directly help you configure Wikka for another web server.
Users running Wikka on other webservers than Apache are welcome to add documentation for that to this page or on a separate page on this site!

What is an .htaccess file?

The Apache web server is normally configured by means of a file called httpd.conf; this file can contain configuration directives for the server in general, as well as for specific directories and files. If you have installed your website (or Wikka) on a hosted server, you generally do not have access to your own httpd.conf file. A web host may allow their customers some configuration for their own sites though by enabling the use of .htaccess files in their own directories; many don't though. Not every kind of server configuration can be done via .htaccess - but a number of things can, and Wikka tries to take advantage of that. For instance, you can use it for some security, and to enable "pretty" (and more search-engine-friendly) URLs.

Wikka installs a number of .htaccess files. These will be effective only if:

Wikka is installed on an Apache server

The server is configured to allow the use of .htaccess files. (If not, you may try convincing your host to allow it for you, armed with the documentation on this page to convince them why it's important.)

.htaccess files distributed with Wikka

As of version 1.1.6.0 Wikka installs the following .htaccess files:

In the installation directory:

### STOP REFERRER SPAM
SetEnvIfNoCase Referer ".*(adultsite|picturesplace|learnthebiz|pi-o|erotica|ghettoinc|port5|bulk-email|camgirls|paris-hilton|modelos|kredit|handyflirt24|versicherung|wwww|erotower|krank|x-1000|flirtnet|blowjob|agedwife|in-the-vip|boysfirsttime|milf|captain-stabbin|tranny|Kontakt|erotik|fetish|frauen|hardcore|fick|krankenversicherung|jinnan-cross|8thstreet|xxx|XXX|ficken|fuck).*" BadReferrer

order deny,allow
deny from env=BadReferrer

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^(.*/[^\./]*[^/])$ $1/
RewriteRule ^(.*)$ wikka.php?wakka=$1 [QSA,L]
</IfModule>

Version 1.1.5.1 and 1.1.5.3 had the same .htaccess file.

In a number of subdirectories (where [wikka] stands for the Wikka installation directory):

[wikka]/css/

[wikka]/images/

[wikka]/3dparty/plugins/freemind/

[wikka]/3dparty/plugins/wikiedit/

These all have the same content:

<IfModule mod_rewrite.c>
RewriteEngine off
</IfModule>

Version 1.1.5.1 and 1.1.5.3 do not have a 3rdparty directory; the corresponding .htaccess files are found in [wikka]/freemind/ and [wikka]/wikiedit2/.

The main .htaccess file

The file provides two main functions:

A mechanism to prevent (some) referrer spam (see also WikkaSpamFighting)

A mechanism for "friendly" URLs (friendly for humans as well as friendly for (some) search engines)

Combating referrer spam

This is handled by the following directives (local line numbers added for easy reference):

SetEnvIfNoCase Referer ".*(adultsite|picturesplace|learnthebiz|pi-o|erotica|ghettoinc|port5|bulk-email|camgirls|paris-hilton|modelos|kredit|handyflirt24|versicherung|wwww|erotower|krank|x-1000|flirtnet|blowjob|agedwife|in-the-vip|boysfirsttime|milf|captain-stabbin|tranny|Kontakt|erotik|fetish|frauen|hardcore|fick|krankenversicherung|jinnan-cross|8thstreet|xxx|XXX|ficken|fuck).*" BadReferrer
order deny,allow
deny from env=BadReferrer

When a browser (or other user agent) makes a server request, it may send along a "referrer" in a HTTP header; normally this indicates the page where a link to the requested page was found. Spammers can fake the referrer hoping that a referrer list on the site will provide a link back to the (fake) referrer URL.

The directive on line 1 tries to match a substring in a referrer: the expression between brackets is a series of possible substrings to look for, separated by pipe characters ('|'). If a (case-insensitive) match is found the environment variable BadReferrer is set.

Line 2 tells Apache to evaluate any "deny" directives first, and allow access to whatever does not match

Line 3 denies access if the environment variable BadReferrer is set (as a result of the directive on line 1): the server will then return a '403 Access forbidden' response. If the variable isn't set access is allowed.

To make effective use of this mechanism, you should regularly check the referrers to your site, and use this to update the substrings list between brackets. The current list is rather old, and bound to be not very effective any more: it will help only if it is kept up-to-date with actual (undesirable) referrers you find on your Wikka site. Note that the substrings need only be in lowercase since the matching is case-insensitive (thus having both 'xxx' and 'XXX' is superfluous)!

Friendly URLs

later

The .htaccess files in the subdirectories