With an .htaccess file, you can quickly restrict the use of images from your website on other sites, add a custom 404 page, block an IP address, redirect a web page to a different web page, etc.

The .htaccess file has been around since the early days of the Internet and is still in use on millions of web servers. While most users don’t use it, it’s a really powerful tool, which can help you a lot in many different situations.

It is vital for any webmaster to get to know what they can do with an .htaccess file.

Today, we will show you how to do all those things with the Web Hosting Control Panel.

Hotlink Protection

Go to Advanced -> Hotlink Protection. From there, simply select a website and the exact path, if you want to protect a specific folder only. Here is the code for doing it manually:

<Files "login.php">
Order deny,allow
Deny from all
AuthName "htaccess password prompt"
AuthType Basic
AuthUserFile /web/askapache.com/.htpasswd
Require valid-user
</Files>

Please note that this is just an example and the path displayed above may be different for your particular hosting account.

Keep in mind that you will also need to create an .htpasswd file with the password inside. It has to be stored in the same folder as the .htaccess file. Don’t enter the password in plain text – use MD5 encryption.

Here is an MD5 encryption tool you can use - http://www.md5online.org/md5-encrypt.html.

Custom Error Pages

Go to Hosted Domains and right-click on any of your hosts. Select Edit. Now you will see the most popular error pages. They are currently set to Default, but you can pick a custom page – simply select the Custom URL option and enter the URL of the 404 page that you want to use. To manually add an error page, use the following code:

ErrorDocument 404 /path/to/error/page.html

IP Blocking

In your Hepsia Control Panel, go to Advanced -> IP Blocking. From there you can quickly block a specific IP from accessing a given website. Additionally, you can use the following code in your .htaccess file:

ErrorDocument 403 http://www.my-website.com/
Order deny,allow
Deny from all
Allow from 107.45.18.3

This is just a small list of what can be done with an .htaccess file. The folks from AskApache have prepared a very detailed list of examples at http://www.askapache.com/htaccess/htaccess.html. Make sure to check the code snippets out – they are frequently updated.

Don’t forget to also have a look at our .htaccess generator, which is located in the Advanced section of the Hepsia Control Panel. It will generate a custom .htaccess file with all the options that you want to use.

Keep in mind that if you are using a script-based website (a WordPress-based website, a Joomla-based website, etc), you already have an .htaccess file, which has been generated automatically by the application. Instead of generating a new one, you are better off editing your existing .htaccess file.

Kind Regards,
Support team

The ModSecurity Apache module is a great solution for minimizing the number of hack attacks to websites and applications.

It acts as an application-layer firewall and is able to effectively prevent most brute force/ URL forgery attacks and forum spamming attempts targeted at sites.

Some time ago, we enabled the ModSecurity protection layer as a default feature with all shared hosting accounts. Now the highly effective anti-hack firewall is enabled with all VPSs as well.

ModSecurity enabled on all VPSs

As with shared hosting accounts, the ModSecurity firewall is enabled by default on your VPS, so you don’t have to configure anything in order to have your websites protected.

ModSecurity is running in a blocking mode, so it will automatically block all incoming requests that are flagged as insecure according to the commercial rules at http://www.atomicorp.com.

You can access the ModSecurity section in the Hepsia Control Panel from the newly added shortcut on the Control Panel’s home page or from the Advanced drop-down menu:

How does ModSecurity exactly work?

Over 70% of all the attacks are now carried out at the web application level and being a web application firewall (WAF) itself, ModSecurity effectively addresses this problem.

Its purpose is to establish an external security layer, which allows for HTTP traffic monitoring and real-time analysis, and it offers a powerful API for implementing the advanced protection needed.

This way, the firewall ensures an enhanced level of security, where the malicious attacks are detected and prevented before they reach the web applications.

ModSecurity against brute force attacks

ModSecurity has proven to be very efficient in preventing “brute force” attacks, i.e. the attempts to guess the username and the password of a web application, using a predefined set of usernames and passwords and combining them randomly.

Thanks to the ModSecurity firewall, if there are more than 15 failed login attempts from an IP address within 3 minutes, the IP address will be blocked from accessing the website for the next 30 minutes.

So far, the ModSecurity plugin has reduced the number of hacked websites on our servers dramatically.

If you have any questions about ModSecurity and about how it will work on your Virtual Private Server, don’t hesitate to contact our support team by opening a ticket from the Web Hosting Control Panel.

Kind Regards,
Support team

Keeping you up to date with the latest updates and introductions to our web hosting platform has always been a priority in our schedule.

To make the presentation of news and updates simpler and more attractive, we have made some significant tweaks to the News section of the Web Hosting Control Panel.

From today, you will be able to read the news about us like reading your favourite blog, because we have added visuals and content segmentation.

We hope this new and agile format will improve your access to timely and relevant information regarding our services. 

Update to the Inbox tab – a new boxy style and news excerpts

The first important update is a visual re-styling of the Inbox tab, which alerts you about unread news.

Besides from a new and cleaner appearance, there’s a better differentiation between this service updates and your regular service notifications and alerts. This way you can easily prioritise which content you want to read firstly.

Update to the News listing

Now all news articles are listed in with a 16:9 thumbnail and a brief introductory headline, as well as a concise summary of the main points discussed in the update. It also includes a thumbnail picture to help convey the main message of each update.

Here's a screenshot of how they are arranged:

A complete redesign of the news content pages

The news content pages have been revamped to offer a blog-like look and feel. They now feature a segmented layout and plenty of images and video embeds for better illustrating the content.

Here's a screenshot of one example:

Kind Regards,
Support team