Hello, Do SE robots see the .htaccess file or just the server sees it, executes it and returns the response to the robot? For example, when you 301 redirect a page in your .htacces file, the SE robots would know that the page has been 301 redirected because the server's response would state that. But if you use rewrite rules in your .htacces file to redirect page.html to newpage.php would the SE robot know that it's been redirected because it saw the .htaccess file or because the server's response told it to go to newpage.php?
A search engine will see what you see. If you can read .htaccess files on your server by pointing your browser to its location, so can a search engine. Your server shouldn't allow that but even if it did, I can't see why a search engine would bother attempting to read .htaccess files, let alone analyse them to work out what rewriting you're doing. As for the response, the server will send out whatever its told to. If you're using the mod_alias module with Redirect commands, it'll send out a moved response and tell the client the new location. The browser then updates the address bar as it requests the page from the new location. If you use the mod_rewrite module with Rewrite* commands, it won't send out a moved header and instead outputs the new page as if it had been requested directly. In this case, there's absolutely no way of knowing what rewrites have been done 'behind the scenes'. (Unless of course you specify the redirect flag, in which case it does send moved headers).
So, if I specify a 301 redirect flag with a rewrite command, a SE robot would get a 301 (moved permanently) response and be redirected to the new location?
Nothing other than apache should see the .htaccess file, in fact in most httpd.conf files any files starting with .ht are set to deny
.htaccess files need to be located in the directory that they handle. .htaccess modifies the behavior of the directory it is in and any subdirectories. So unless you don't want the htaccess to modify the behavior of the root directory you need to put it in the root directory.
That is simply not true. From the Apache docs (http://httpd.apache.org/docs/1.3/howto/auth.html): "Because this file contains sensitive information, it should be stored outside of the document directory. " You should always keep these files outside of your site root, and then reference them from the <Directory> scope container of the Apache config. files. (Unless of course you are on a shared server and do not have access to the conf file. Then your best option is not to use htaccess, but use scripting and a session structure to protect files or directories.)
From the site: .htaccess is NOT the password file. The password file is referenced by the .htaccess file which resides in the directory that it controls. Headings do mean things. The password file can be named anything and of course it doesn't belong on in a directory that is being used for hosted files. But, nobody was talking about the password file.