Temporary site take down for updates


I need to take down my site for a few hours to make some updates. I don't want the users to see all the mess. Is there a way to take it down with .htaccess so that every page they access becomes unavailable, but without asking for a password or something, just a page telling them about what's going on.


If site is static, you could rewrite all .php pages to a temporary copy of the site's php pages in a subdirectory called "/old-site" using

RewriteCond $1 !old-site/
RewriteRule ^(.*\.php)$ /old-site/$1 [L]

As a distant second-choice, you could redirect all php pages to one "Site is temporarily offline" page using:

RewriteCond $1 !site-offline\.html$
RewriteRule ^(.*\.php)$ http://www.example.com/site-offline.html [R=302,L]

In both cases, the RewriteCond is used to prevent a loop, and the code is written for use in your root .htaccess file.

The first solution provides a seamless update; The site updates "instantly" when you remove the rule, and it will have zero impact or risk with the search engines.



Read more!

Running two apaches on different ports

You can try to run the multiple instance of Apache server with the same Apache binary.
But you need separate configuration file with own settings (logs path, pidfile path, port, etc) for every Apache instance.

Then while starting server, use the ./httpd -k start -f [config_path] where config_path - location of the separate configuration file for apache instance.

Running two Apache instances from sources

At first, configure servers with different prefix

./configure --prefix=/usr/local/apache1/

./configure --prefix=/usr/local/apache2/

Then, set up different ports in httpd.conf files:

Listen 80

Listen 8080

And finally, run servers.


You probably need at least a "make clean" in between the two configure's. Safer would be to rm -rf the compile directory and re-extract the tarball.

Read more!

Apache server on your USB drive

If you are a web developer I'm sure you have had that moment where you went: "If only I had a web server handy right now!"
Then Apache Mobile is something for you! Apache Mobile is a fully configured web server that runs from your USB-Key. Plug it in and off you go!

It can be use to show of a website to a costumer, share files with your friends (both ways thanks to DAV) or simply impress people but acting all geeky!
Are you special and do you depend on exotic 3rd party module?
Just drop them in the module folder and edit the configuration file.


  • Management Application

  • Apache 2.2.x
    • mod_deflate
    • mod_ssl
  • mod_security

  • mod_perl

  • PHP 5.1.2

  • Perl 5.8


* Windows 2000, Windows XP or Windows 2003
* 256mb USB-key



Read more!

Apache status features

Some little-known features about mod_status usage.

Official intro

The Status module allows a server administrator to find out how well their server is performing. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.

Sample configuration

<Location /server-status>
SetHandler server-status

Order Deny,Allow
Deny from all
Allow from .foo.com

Usage tips

/server-status - Returns page using tables
/server-status?notable - Returns page for browsers without table support
/server-status?refresh - Returns page with 1 second refresh
/server-status?refresh=6 - Returns page with refresh every 6 seconds
/server-status?auto - Returns page with data for automatic parsing

or in combination

/server-status?auto&refresh=1 - Returns automatic parsing page with 1 second refresh.


Read more!

Hide files from directory indexes


How to hide some files from appearing in directory indexes?


To prevent certain files from appearing in directory indexes, in case this needs to remain enabled. This is particularly useful for non html files (or raw files not parsed by apache and returned as a html to the browser), for example: php include files, libraries (that will not have the extension php), or log files, or any other file that you might want to prevent the users to easily see in the browser.

Use the apache directive IndexIgnore to hide the list of files:

IndexIgnore .htaccess
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
IndexIgnore *.inc

This configuration hide next files:

* .htaccess
* *.bak *~ (this can lead to download the source of some parsed web files that are saved as backup files)
* RCS CVS *,v *,t (hide cvs related files)
* *.inc (or whatever files extensions you might use to include in regular php files)



Read more!

Custom error pages


What I am trying to do is set server-wide 'custom' error pages, but when a user uploads his own set of 'custom' error pages it should over-right the server-wide pages and display the users pages.


Add an ErrorDocument directive for each error you wish to support. Use default to get Apache's default error page or specify a server-wide error document for each error type:

ErrorDocument 404 default
ErrorDocument 500 default

Now override the defined error page for each user directory if there is a file defined with a matching name. You will have to enforce the file naming convention for this to work and the error documents must live in the root of each of the user directories.

<DirectoryMatch "/home/(.+)/public_html">
# Add a <Files> section for each error type
<Files "404.shtml">
ErrorDocument 404 /404.shtml
<Files "500.shtml">
ErrorDocument 500 /500.shtml


Read more!

Reflection user directories attacks


There are hundreds 404 errors in my error log.
For like:

/~blah blah


The sequence of URL_paths indicates a simple dictionary attack for user directories on a server using mod_userdir.

What is the server response code for requests of /~ directories? Any 200-OK response may indicate that your server has mod_userdir enabled, and this might affect the solution.

If not, a simple mod_rewrite rule (assuming you already have other working rules) would likely take care of this problem:

RewriteRule ^~[a-z] - [F]



Read more!

5 free regular expression tools


Why doesn't my regular expression work?


Regular expressions are hard to write, hard to read, and hard to maintain. Plus, they are often wrong, matching unexpected text and missing valid text. The problem stems from the power and expressiveness of regular expressions. Each metacharacter packs power and nuance, making code impossible to decipher without resorting to mental gymnastics.

There are 5 free tools that can be used to test regular expressions for validity and accuracy before using it.

The Regex Coach

The Regex Coach is powerful graphical application for Windows which can be used to experiment with (Perl-compatible) regular expressions interactively.


- Build complex regular expressions by selecting components from a palette;
- Test expressions against real or sample input data
- Display all matches in a tree structure, showing captured groups
and other.

Regular Expression Designer

Rad Software Regular Expression Designer is a free download that helps programmers learn, develop and test Regular Expressions. It is an interactive Windows application that is designed to be simple and easy to use.


The Regulator is an advanced, free regular expressions testing and learning tool written by Roy Osherove. It allows you to build and verify a regular expression against any text input, file or web, and displays matching, splitting or replacement results within an easy to understand, hierarchical tree.

Regular Expression Workbench

Create, test, and study regular expressions with this workbench. With the "Examine-o-matic" feature, hover over the regex to decode what it means.

Read more!