.htaccess
Contents
Definition
“.htaccess” is a powerful file whose function is to give instructions to the server. The name stands for “Hypertext Access”, which refers to its original function of controlling user access to several text-based website files. When this tool was first devised, its main role was to limit access to specific parts of a site. By coding certain instructions into an .htaccess file, a system administrator was able to set up password-only access to a page or directory. Nowadays, the functionality of .htaccess has been expanded to several other uses, as will be discussed further down in this article.
How is .htaccess different to httpd.conf?
These two files are used to change server configuration or to give the server additional instructions.
However, httpd.conf is the main or master configuration file, and there can only be one instance of it. On the other hand, .htaccess can exist more than once and in multiple specific directories. Moreover, any directives included in httpd.conf are read once when the server, whereas those placed in .htaccess will be read every time a page is loaded, either in the directory where it lives or in any of its subdirectories.
How to create an .htaccess file
To create a new .htaccess file, open a new document using a plain text editor, such as Notepad++, Brackets, or TextMate. As mentioned before, .htaccess essentially gives the server instructions, so the specific content will vary depending on what you want to achieve for each given site. Some examples are listed in section 3 of this article.
Once the instructions have been coded, save the changes. To do this:
- Navigate to File > Save As in your text editor. This will open a new dialogue box.
- Type the file name as .htaccess
- Under file name, the dialogue box will also have a “file type” or “save as type” option. Set this to “All Files”.
- Ensure the file is saved without any extension. Some editors will have .txt as a default extension – if so, delete it from the name.
- Ensure it's not saved in UTF-8, but instead in ASCII format.
.htaccess can then be uploaded to the root directory, either by using a web-based file management system such as cPanel or via FTP. However, it can also be uploaded to other parts of a website. There might be multiple .htaccess files in directories and subdirectories other than root or public_html. In any case and before uploading it, it’s important to remember that .htaccess has the ability to override other instructions that may be in child (or lower) directories.
What is .htaccess used for?
.htaccess can serve a variety of functions, depending on the specific directives it contains. Some of the most common uses include:
Rewriting dynamic URLs into static URLs
PHP-generated static URLs are preferable from an SEO and search ranking perspective. The following code can be inserted into the .htaccecss file to rename a dynamic URL into a static URL.
RewriteEngine On RewriteRule (.*)_(.*).html$ /example.php?url_isbn=$1 [qsappend,L]
In the example above, /example.php is the dynamic URL that is to be rewritten to /example-1.html, with 1 being a backreference.
Setting up password-protection
Some sites must restrict users from accessing certain pages or directories. This requires setting up two files:
An .htpasswd file that stores usernames and passwords saved outside the public directory so it cannot be publicly accessed:
user1:password1 user2:password2 user3:password3
An .htaccess file with the following instructions:
AuthType Basic AuthName "restricted area" AuthUserFile /<absolute path to password file>/.htpasswd AuthPGAuthoritative Off require user User1 User2 User3
Redirects
To automatically redirect site visitors from an old to a new page location while maintaining SEO ranking, the following code can be added:
Redirect 301 /old-path/file.html http://www.example.com/new-path/file.html
To redirect visitors from an old domain to a new domain:
RewriteCond %{REQUEST_URI} (.*)
RewriteRule ^(.*)$ http://new-domain.tld/$1 [L,R=301]]
Blocking specific IP-addresses
In some cases, it may be necessary to blacklist certain IP addresses from accessing a website. Blocking IP addresses can be achieved by adding the following instructions:
order allow,deny deny from 111.1.1.1 allow from all
In the example above, 111.1.1.1 is the IP address to be blocked. Additional IPs can be blocked by adding them above “allow from all”. For example:
order allow,deny deny from 111.1.1.1 deny from 222.2.2.2 allow from all
When should an .htaccess file be used?
Because this is an incredibly powerful part of a website, incorrect use of an .htaccess file can cause significant damage. Therefore, it’s essential that it is only edited or created by those who are knowledgeable about server configuration. This is one of the reasons why .htaccess files are typically hidden and also why a warning message is usually displayed every time an attempt to edit them is made.
Related links
- https://www.whoishostingthis.com/resources/htaccess/
- https://phoenixnap.com/kb/how-to-set-up-enable-htacc
Similar articles
| About the author |
 |