When using a almost empty file named index.html in my apache directories in order to avoid directory listings (e.g. /image folder), what is the minimum content of this file? Can it be empty, or should I include something like:
<!DOCTYPE html><title></title>
or
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title></title>
</head>
<body>
&npsp;
</body>
</html>
or something in between?
Indeed the first line of code is the minimum valid HTML5 code. <!DOCTYPE html><title> </title>
Though you must have a title, wether that be a space or text. Otherwise use the full declaration if you do not wish to give a title in order to be valid markup.
This can be verified using the W3C validator
If you just want to avoid directory listing, it might just be better to make one single page for the error code 403, then change the following in your Apache configuration:
Options Includes Indexes FollowSymLinks MultiViews
to:
Options Includes FollowSymLinks MultiViews
removing Indexes from the list. If you don't have access to the http.conf file, placing Options -Indexes in a .htaccess file will have the same effect. This will make Apache send a 403 Access Denied error whenever a visitor is trying to access a URL which resulted in the directory list before. Now, all you need to do is to redirect these errors to your own custom error page. You can do this using
ErrorDocument 403 /path/to/custom403errorpage.html
This is not just an easier and more secure way of doing it, but also lets the users know that they shouldn't be looking around your stuff.
To avoid directory listing you need no HTML file at all. You can just add a .htaccess file in the folder with the options you want. To disable folder listing add this line to your .htaccess file
Options -Indexes
Note that on most live hosts directory listing is disabled by default
As a question about formally minimal HTML document, this depends on the version of HTML. Regarding the alternatives in the question, the first one is not valid according to current HTML5 drafts (the title element must have some content, e.g. a space), and the second one is not minimal at all (it has many optional tags) and it is not valid (URL is missing from the doctype declaration, and the entity reference &npsp; is undefined); besides, HTML 4.0 was obsoleted by HTML 4.01 in 1999.
For the purposes of avoiding directory listings (which can be avoided in other ways, too), any file will do, even an empty one.
However, an empty file, or an HTML document with blank content, will result in a blank page shown to the user when the user tries to access, say, http://foo.example.com/images/, when http://foo.example.com/images/index.html exists with no content. Therefore, you may consider using content like this:
<!doctype html>
<title>Directory listing not allowed</title>
Directory listing not allowed.
Related
I tried this
Options +Indexes
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
HeaderName /header.html
ReadmeName /footer.html
IndexIgnore header.html footer.html .htaccess
How To Include a PHP File Site-wide Using .HTACCESS or other methods
Apply .htaccess HeaderName to all lower levels?
How To Include a PHP File Site-wide Using .HTACCESS or other methods
It just simply does not do anything. I also followed an old guide to enable Layout Header (something with mod_layout in apache) but it seems it's too old.
The best i managed to do is to show the content of my "header.html" into the directory (which is listed with Option +Indexes)
I am doing all of this in a specific folder .htaccess, not in the root .htaccess
It looks like this :
Options +Indexes
IndexOptions IgnoreCase FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* SuppressHTMLPreamble
HeaderName header.html
Please, help
I think you're confusing HTTP Headers with a HTML "Header" (meaning the top of the page)
A HTTP header is used to define things like the encoding, content type (eg JSON/XML), not to add HTML to the top of another HTML page.
If you want to add HTML to the top of each page, .htaccess isn't the place to do this - you need to use some kind of scripting/programming language (eg ASP/PHP) to include the files.
Note that none of the three SO questions you link do what you want either:
How To Include a PHP File Site-wide Using .HTACCESS or other methods and How To Include a PHP File Site-wide Using .HTACCESS or other methods both use PHP to include the files (and just use htaccess to tell PHP where to find the files).
Apply .htaccess HeaderName to all lower levels? as you discovered, adds the header to the Apache directory listing page only, not to every page on your site.
If someone has the same problem, when you write the full path, /www/pages/header.html is not enough, you must write /home/User/www/pages/header.html (if you're on linux or C://etc... on windows)
Why? because it is shown on several folders (recursively), so the path changes depending on the directory you're in
We have a page that has been using a server side include for many years. Recently it stopped working. No changes have been made to the page
<!--#include virtual="..\..\includes\nav.include" -->
Near the bottom of a page called contact.html
The 'nav.include' page simply contains html for a navigation bar. No javascript. No server side scripting. Just html.
Is there some setting somewhere that needs to be set to make SSIs work in the way it is implemented here (including a file with an uncommon extension inside a html file)?
A solution that I discovered yesterday:
I duplicated and renamed all my pages to .php (retained the original html files just in case!)
I have replaced all the {<#include virtual="folder_name/file_name.ext" -->} with
<?php include "folder_name/file_name.ext" ; ?>
with the appropriate number of dots and slashes depending upon where the pages are in my folder hierarchy. ( The {} above is to mark out the code only)
Finally, I renamed the original index.html to some other name so that the index.php is picked up instead of the index.html
This seems to be working out - I am still testing out all the pages and links - a very tedious and time consuming exercise!
INCLUDES SYNTAX:
In a php file use
<?php include "..//folder_name/file_name.ext" ; ?>
In an html file use
<!--#include virtual="../folder_name/file_name.ext" -->
EXPERIMENT WITH NUMBER OF "..." AND NUMBER OF "///" IN THE ABOVE SYNTAX TO GET THE CORRECT COMBINATION!!!!
For me, all my includes are small html files in a folder ABC which is directly under the webroot.
For pages which are under sibling folders of ABC i.e. in other folders directly under webroot, "..//" is the number of dots and slashes that work.
For pages which are directly in the webroot (i.e. not in any folder inside webroot), folder_name/file_name.ext without any dots or slashes has worked.
I haven't had the time to check out the number of dots and dashes required for any other level in the hierarchy!
I hope this helps!
Are you using GoDaddy? They did the same to my site, and I found on their forums someone that said to use include file instead of include virtual.
Just switched over to Godaddy servers and my SSI stopped working. I made a .txt file with the following:
AddHandler server-parsed .html
I uploaded it to the public html folder, then renamed it .htaccess, and everything started working.
I had too many files to convert all the extensions to PHP, so I had to find another answer, if at all possible.
For me, for a little while, exchanging include virtual to include file seemed to help, but then it broke again after a few days. I guess GoDaddy was not finishing monkeying around with the SSI configuration. o_O
The solution, as of tonight, was to convert all relative paths to absolute specification in regards to the site root. For example, I had to convert:
<!--#include virtual="..\..\includes\nav.html" -->
To:
<!--#include virtual="\includes\nav.html" -->
Using this approach, I was able to include HTML files inside other HTML files.
I discovered this on one of my pages that mixed absolute and relative path specification.
HTH
I've been seeing this problem frequently on my GoDaddy hosted site. I have to go into the Server configuration page, disable SSI, save the settings, then re-enable SSI and check "Use SSI on .HTM and .HTML files) and it starts working again.
The problem is on GoDaddy's side. For some reason, it's forgetting that it needs to parse SSI in files, until you turn off and turn on that option. Their Tier-2 support only suggested using Virtual instead of File on the Include command... which is preposterous, since not only does that not change a thing, the SSI includes work just fine most of the time... until it doesn't.
I'm also updating old .html pages to .php and replacing some of the with php include statements on all pages when some of the pages displayed [an error occurred while processing this directive].
The pages displaying the error also referenced an old .ssi file that wasn't even in the directory it pointed to. I deleted the old includes code to the non-existent .ssi file in those pages, and that fixed the error.
This error occurs when you have in your code html documentation like this
<!--#My awesome documentatacion-->
to fix it remove the #, like this
<!-- My awesome documentatacion-->
Any idea why when putting the example html files included on meteor's site in to an HTML 5 template with top level tags fails?
<!DOCTYPE html>
<html lang="en">
I see that they search for body/template tags etc and concatenate but not sure how to add the other tags then.
The '.html' file you're editing as part of your Meteor application isn't an HTML file at all, but a DSL (domain specific language) that is parsed by Meteor as HTML.
As soon as you run meteor to launch a server or deploy it, it will be parsed and interpreted, and all documents will be output as HTML5 (using the ).
You can see that on any deployed meteor app, that is the first line, even though entering it in to your '.html' file in the project will cause the compiler to crash.
I was confused by this at first as well, apparently the '.html' example files they include are intended to consist of html fragments rather than serving as html documents in and of themselves. According to the docs:
HTML files in a Meteor application are treated quite a bit differently
from a server-side framework. Meteor scans all the HTML files in your
directory for three top-level elements: <head>, <body>, and
<template>. The head and body sections are seperately concatenated
into a single head and body, which are transmitted to the client on
initial page load.
As far as I can tell, any html that is included that isn't contained within any of those three tags -- including <!doctype html> declarations, <html> tags or even <!--html comments--> -- causes the app to crash. Hopefully that's something that they'll fix eventually.
When the server is started and you access the page it automatically adds the DOCTYPE in.
My html folder contains many html files automatically generated, linked and named by a program. Example: AbcXyzPage1.html, AbcXyzPage2.html, ..., AbcXyzPage100.html, etc.
What is the simplest way to make a particular html file (AbcXyzPage1.html), the equivalent of default.html? So that a user just need to type http://mysite.com/myfolder/ and has that particular page loaded.
Renaming that starting page is NOT an option because all other pages in the folder link to it.
I don't want to use the meta refresh tag.
Add a file named .htaccess to myfolder/ with the following content:
DirectoryIndex AbcXyzPage1.html
If server is Linux, you can link (actually soft link is OK, too).
ln AbcXyzPage1.html index.html
Now you have created index.html - the standard default. Any changes to AbcXyzPage1 will always be "seen" in index.html (since they are the same file).
I'm trying to include one html file into another. I'm coding on the MAMP stack. I assume SSI's are automatically permitted. I type
<!--#include virtual="header.html" -->
in the body of one html file, the other file is called header.html, and they are both in the same folder. I even tried calling the file header.shtml instead. None of this works. It's frustrating.
The code isn't included. I'm including a form and a navigation bar, but they don't appear.
I assume SSI's are automatically permitted
That's a very big assumption. SSIs will only work if you've got mod_include loaded. You also need to enable the filter for the relevant files, e.g.
AddOutputFilter INCLUDES .shtml
...and of course ensure that Includes are not overridden elsewhere in the config.
Did you read this?