A lot of Cloudways Platform users have no idea what to do with an .htaccess file. Worry not, because below, we are going to show you many things such as adding suggestions for new server settings, as well as controlling items is 3 different categories.
The good news for you is that you are able to control quite a number of server settings. You will be able to do it through the Server Settings section. You will easily find this in the Server Management area. We urge you to leave us comments, or any questions or suggestions that you might have so that we will look into them.
For all those tasks or settings that cannot be accomplished via the Cloudways Platform, we urge you to use .htaccess files.
SSH into Your Server
An SSH session is the best way to create or edit a .htaccess file. The first thing that you will have to do is enter your credentials of the application that you want to create or edit when you have opened a session to your server.
htaccess Access/Security Tips
Below, we will list all the actions that you will be able to achieve through the .htaccess file in order to control access to your site, or protect it. The best time to do this is while you are still developing your site or before it becomes public. You will also need to do this if your application is only to be accessed by a limited number of users. This ensures total control.
1) Password Protect Your Application
a) First, make sure that you find the path of the public_html folder of your application. You achieve this by running pwd from the shell.
[wjdjmhbxbg]:public_html$ pwd
/home/08518-6164.cloudwaysapps.com/wjdjmhbxbg/public_html
[wjdjmhbxbg]:public_html$
[wjdjmhbxbg]:public_html$ pwd
/home/08518-6164.cloudwaysapps.com/wjdjmhbxbg/public_html
[wjdjmhbxbg]:public_html$
b) Next, you will have to add the following code in the .htaccess file:
AuthName “Add your login message here.”
AuthType Basic
AuthUserFile /home/08518-6164.cloudwaysapps.com/wjdjmhbxbg/public_html/.htpasswd
require user name-of-user
AuthName “Add your login message here.”
AuthType Basic
AuthUserFile /home/08518-6164.cloudwaysapps.com/wjdjmhbxbg/public_html/.htpasswd
require user name-of-user
c) Now, it’s important that you create the password file .htpasswd, as well as adding a user using the code below. At this point, you want to ensure that you are in the public_html folder of the application that you wish to password protect.
[wjdjmhbxbg]:public_html$ htpasswd -c .htpasswd name-of-user
New password:
Re-type new password:
Adding password for user name-of-user
[wjdjmhbxbg]:public_html$
[wjdjmhbxbg]:public_html$ htpasswd -c .htpasswd name-of-user
New password:
Re-type new password:
Adding password for user name-of-user
[wjdjmhbxbg]:public_html$
This means that you will be required to provide login details (which you have set above). In order to open access again, you must revert the changes.
2) Block Access to Certain IP(s)
If you have been attacked before and happen to know the IP address that attacked you, you will need to take this step. You can add the following code in the .htaccess file of your application:
order allow,deny
deny from 46.228.47.114
deny from 46.225.88.5
allow from all
order allow,deny
deny from 46.228.47.114
deny from 46.225.88.5
allow from all
3) Block All IP(s) With Few Exceptions
You can allow access to certain IP addresses. We suggest you do this during development:
order deny,allow
deny from all
# Just Allow a Single IP
allow from 84.89.61.164
order deny,allow
deny from all
# Just Allow a Single IP
allow from 84.89.61.164