htaccess-toolkit

Generate, validate, lint, and explain Apache .htaccess files. Use when asked to create htaccess rules, redirect URLs, set security headers, enable caching, configure CORS, protect files, or audit existing .htaccess configurations. Triggers on "htaccess", "apache redirect", "mod_rewrite", "URL rewrite", "apache config", "browser caching", "hotlinking protection".

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "htaccess-toolkit" with this command: npx skills add htaccess-toolkit

htaccess Toolkit

Generate, validate, lint, and explain Apache .htaccess files with security headers, caching, CORS, compression, and more.

Generate

# HTTPS redirect + security headers + compression
python3 scripts/htaccess.py generate --rewrites http-to-https --security strict --compression

# Full production setup
python3 scripts/htaccess.py generate \
  --rewrites http-to-https www-to-non-www \
  --security strict \
  --caching standard \
  --compression \
  --protect directory-listing dotfiles sensitive-files \
  --error-pages 404 500 \
  -o .htaccess

# WordPress hardening
python3 scripts/htaccess.py generate --protect wp-config xmlrpc dotfiles --security strict

# CORS for specific domain
python3 scripts/htaccess.py generate --cors specific --domain example.com

# Custom redirects
python3 scripts/htaccess.py generate --redirects "/old-page -> /new-page" "/blog -> https://blog.example.com"

# Hotlinking protection
python3 scripts/htaccess.py generate --protect hotlinking --domain example.com

Lint

# Basic lint
python3 scripts/htaccess.py lint .htaccess

# Strict mode (exit 1 on errors, CI-friendly)
python3 scripts/htaccess.py lint .htaccess --strict

# Filter by severity
python3 scripts/htaccess.py lint .htaccess --severity error warning

# JSON output
python3 scripts/htaccess.py lint .htaccess -f json

Lint Checks (10 rules)

  • rewrite-no-engine — RewriteRule without RewriteEngine On
  • duplicate-rewrite-engine — Multiple RewriteEngine On
  • redirect-no-slash — Redirect path not starting with /
  • missing-l-flag — RewriteRule without [L] flag
  • mixed-redirect-rewrite — Mixing Redirect and RewriteRule
  • unclosed-ifmodule — Unclosed IfModule blocks
  • unclosed-files — Unclosed Files/FilesMatch blocks
  • wildcard-cors — Wildcard origin with credentials
  • no-hsts — HTTPS without HSTS header
  • options-minus-indexes — Directory listing not disabled

Explain

# Human-readable explanation of each directive
python3 scripts/htaccess.py explain .htaccess

List Presets

python3 scripts/htaccess.py presets
python3 scripts/htaccess.py presets -f json

Available Presets

Rewrites: http-to-https, www-to-non-www, non-www-to-www, trailing-slash-add, trailing-slash-remove, remove-extension

Security: basic, strict

Caching: standard, aggressive

CORS: permissive, specific

Protection: directory-listing, dotfiles, sensitive-files, wp-config, xmlrpc, hotlinking

Error Pages: 404, 403, 500, 503

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Component Library Audit

Audit React, Vue, or Svelte component libraries — find unused components, inconsistent props, missing documentation, accessibility issues, missing tests, and...

Registry SourceRecently Updated
120charlie-morrison
Security

Repository Health Score

Score a repository's health across 8 dimensions — code quality, testing, documentation, CI/CD, security, dependencies, community, and maintainability. Produc...

Registry SourceRecently Updated
270Profile unavailable
Security

个人数字安全体检

检查邮箱泄露和密码强度,生成安全评分报告。

Registry SourceRecently Updated
1760Profile unavailable
Security

agent-bom registry

MCP server security registry and trust assessment — look up servers in the 427+ server security metadata registry, run pre-install marketplace checks, batch...

Registry SourceRecently Updated
7180Profile unavailable