I've got this this rule in my htaccess file to force linked files to download rather than open in the browser:
<FilesMatch "\.(gif|jpe?g|png)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
Is there a way to alter the RegExp so it only applies to files in a certain directory?
Thanks
Like #gumbo said, put the .htaccess file in the highest level folder you want to affect. and those settings will trickle down to sub folders. You may also want to make sure the headers module is enabled before using this in your htaccess file. The following line will generate an error if the headers module is not enabled:
Header set Content-Disposition attachment
here's an example that forces download of mp3 files only if the headers module is enabled:
<IfModule mod_headers.c>
<FilesMatch "\.(mp3|MP3)$">
ForceType audio/mpeg
Header set Content-Disposition "attachment"
Allow from all
</FilesMatch>
</IfModule>
Note: it does not enable the module, it just ignores anything inside the IfModule tags if the module is not enabled.
To enable apache modules you'll either need to edit your httpd.conf file or in wamp server you can click the wamp tray icon and select "Apache -> Apache Modules -> headers_module" or make sure it is checked.
You will probably need to put the directives in the .htaccess file in the particular directory.
Put it in a <Location> directive, and/or modify the regex to exclude slashes or as appropriate.
Related
Internet Explorer is displaying contents of some files instead of downloading them. I was able to fix this by adding
<FilesMatch "\.(asapt|ob2|cub)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
to .htaccess. It works for .asapt and .cub files, but strangely not for .ob2 (they are still being displayed in-browser). Why?
We are currently having Content-Type: text/html.
We want to modify this to text/javascript or text/css.
We have tried this using rewrite rule, mod_headers and also through mod_mime, but we are unable to modify it.
Any suggestion?
Assuming you have certain text files in a directory say styles add a .htaccess file in the root directory and add the following content:
<Location /styles>
ForceType text/css
</Location>
And use the similar concept for javascript as well
I had solved this by changing the content type in application servers of content.
I know we can make file downloadable using
AddType application/octect-stream .png
But if I have a file that dont have any extension (FileName) then how I will make that downloadable? or is there anyway to make all file downloadable within a directory?
You can try this directive on your site configuration (apache2):
DefaultType application/octet-stream
And this for nginx:
default_type application/octet-stream;
http://httpd.apache.org/docs/2.2/mod/core.html#defaulttype
https://nginx.org/en/docs/http/ngx_http_core_module.html
Use this in .htaccess is recommended:
<filesMatch "^([^.]+)$">
Header set Content-Disposition "attachment"
</filesMatch>
(This won't work with Chrome, it will append ".txt" to the filename, and it's a known bug)
This will prevent browser from showing the file content inline and let browser download it instead.
Executable file extension like .php (if you've installed), your browser will download the execution result(not the source code), is that what you want?
I have a list of folders (named as numbers) located in domain.com/user/uploaded/ directory (for example: ../435/, ../580/ etc.).
I'm trying to use Header set X-Robots-Tag "noindex" from .htaccess for these folders, for example:
domain.com/user/uploaded/435/
domain.com/user/uploaded/580/
etc. for other folders within /user/uploaded/{number} folders.
That means that directory named /435/, /580/ etc. should have 'X-Robots-Tag: noindex' added.
I only have access to .htaccess (it's shared host / litespeed). I tried to add this:
<FilesMatch "^user/uploaded/?$">
Header set X-Robots-Tag: "noindex"
</FilesMatch>
but it doesn't seem to work..
You should put a new .htaccess in user/uploaded/ directory. In this file you will be able to specify your .htaccess rule
Header set X-Robots-Tag: "noindex"
You don't need to use FilesMatch except if you want to target specific files.
I am encountering some behaviour from a produciton server and I was wondering if someone could confirm if something is possible and how it might have been done.
I have a website www.example.com with SSL enabled and all traffic forwarding to https
On that site I have a font file https://www.example.com/wp-content/assets/fonts/icons.ttf
I have additional campaign sites (e.g www.examplecampaign.com) that use the css file from example.com which loads in a font face using that font file. I am actually adding all the relevant file types woff, etc but will refer to ttf for simplicity. The icon font displays fine on www.example.com but on www.examplecampaign.com because in Firefox I get the error
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.example.com/wp-content/assets/fonts/icons.ttf. This can be fixed by moving the resource to the same domain or enabling CORS.
So here begins my problem. On our stage server which we have full access to I can add
# BEGIN REQUIRED FOR WEBFONTS
AddType font/ttf .ttf
AddType font/eot .eot
AddType font/otf .otf
AddType font/woff .woff
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
# END REQUIRED FOR WEBFONTS
to the .htaccess file and that solves the problem. However on our produciton server which is owned and managed by the client this header modification is ignored. I am using http://web-sniffer.net/ to test this.
To further complicate things I hvae found that if I just added
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
on my stage site the header would appear when requesting any page or resource BUT on the production server if I added that the Access-Control-Allow-Origin would appear on all pages apart from the font files (and possible other resources).
So my question is, is it possible in Apache to disable / ignore header modification for a certain file type(s) and how would that be done. It's weird that it's so specific. We no longer have sudo access and have to request changes to conf files which is one of the reasons im making this change in .htaccess not that I think that would matter where this is set? Also example.com is a wordpress site but I don't think that would affect anything? As it's working on stage but not produciton.
Does anyone know of the Apache configuration that would restrict the use of mod_header in that way?