Basics of .htaccess
Learn the key uses of .htaccess such as customizing error pages, managing redirects, implementing password protection, enabling cache and expires headers, restricting user access by IP and files. You need to enable "mod_rewrite" in order for .htaccess to work.
What is .htaccess?
htaccess stands for Hypertext Access, which is default name for Apache configuration file. Lets not confuse .htaccess with a filename its rather an extension without any filename. This file works on any directory it resides in, which can be either website's root directory or any sub-directory.
How to create .htaccess file?
You don't need any special program for creating .htaccess file just simple text editor would be enough. When you save .htaccess file just keep in mind this file has no name just ".htaccess" extension so when you save, choose "All Files" in file type box and file name must be only ".htaccess".
Error redirection with .htaccess
You can redirect users to specific pages when they try to access invalid pages. For example if a user tries to visit a page that does not exist causing 404 error. Show a 404 page for 404 errors with .htaccess like this:
ErrorDocument 404 /404.html
Common Error Codes:
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden Access |
| 404 | Not Found |
| 500 | Internal Server Error |
| 502 | Bad Gateway |
| 504 | Gateway Timeout |
Custom redirection with .htaccess
However if you ever wanted to redirect a specific old page to any new page you can also do it with .htaccess. Redirect user from old page to a new page it with .htaccess like this:
Redirect /OldDir/OldFile.html /NewDir/NewFile.html
Password protection with .htaccess
You can also password protect web pages. To achieve this you will need to create a new file (.htpasswd) that houses all the username and passwords. You have to create ".htpasswd" file same as you created .htaccess. The structure of .htpasswd file to store usernames and passwords is like:
admin:123456 user:123123
After creating .htpasswd, it is important that you add the below content to your .htaccess file. Remember this password protection will apply on the directory ".htaccess" resides in and all the subdirectories.
AuthUserFile /absolute/pathto/.htpasswd AuthType Basic AuthName "Authorization Required" require valid-user
Deny users access via IP address with .htaccess
You can also restrict visitors with specific IP Address from viewing your web pages or accessing certain files. For example if you wanted to block IP "199.155.88.25" the code would be as below:
order allow,deny deny from 199.155.88.25 allow from all
Restricting access to certain files with .htaccess
You can restrict access to certain files with .htaccess like below:
<Files .env>
Order Allow,Deny
Deny From All
</Files>
# For multiple files
<FilesMatch "\.env|\.htaccess">
Order Allow,Deny
Deny From All
</FilesMatch>
Enable Gzip compression with .htaccess
You can enable compression for better page performance. The compression with htaccess can be enabled on directory level or certain MIME types.
# Enables compression for documents where htaccess is places
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>
# Enables compression by MIME type for plain text files, html, css, javascript and xml files
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/xml
</IfModule>
Enable cache and expiry with .htaccess
You can restrict access to certain files with .htaccess like below:
# Cache headers
<ifModule mod_headers.c>
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Cache-Control "max-age=691200, s-max-age=691200, public"
</FilesMatch>
</ifModule>
# Expire headers
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
ExpiresByType text/plain "access plus 1 month"
ExpiresByType text/html "access plus 1 month"
ExpiresByType text/css "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType application/x-javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType application/x-icon "access plus 1 month"
</IfModule>
NOTE: .htaccess file requires "mod_rewrite" to be enabled.