Best WordPress Hosting

The Basics of .htaccess: How to Use & Examples

What’s an .htaccess file?

The .htaccess file is an Apache HTTP Server (usually simply referred to as Apache) configuration file. The file is extraordinarily highly effective and can be utilized to assist management a number of aspects of net pages which are served up by Apache. This contains issues like managing redirects, hotlink safety and extra.

The place is the .htaccess file?

There ought to be one .htaccess file in your net host root folder – the folder (often /public_html or /www) that holds the content material of your web site.

You’ll be able to have a couple of .htaccess file in your internet hosting account, however every listing or folder can solely have one.

For instance, you’ll be able to have separate .htaccess recordsdata in your root folder and one other in a sub-folder. This permits you to set totally different server conduct based mostly on listing construction.

The .htaccess file is highly effective however may be accessed and modified if not protected appropriately. Just be sure you take steps to forestall entry to this file.

I am unable to discover my .htaccess file

First of all .htaccess is an Apache file, this implies you’ll be able to solely discover it in an Apache server.* Cease looking in case your host is working on a unique net server software program (ie. Microsoft IIS or NGINX).

File names that start with a dot often hidden recordsdata. This implies they aren’t sometimes seen by default.

To view this file, merely activate “Present Hidden Recordsdata” in your FTP shopper or Internet hosting File Supervisor (see picture beneath).

Find .htaccess file - How to show hidden files in cPanel file manager
Instance – Show your hidden recordsdata by enabling this feature in cPanel File Supervisor.

You could really feel that the .htaccess file is an inconvenience because it requires coding however take into account the person who wants to set up the identical server behaviour throughout a number of websites. All that particular person will want to do is duplicate the .htaccess file.

.htaccess recordsdata are server configuration recordsdata and since they handle behaviour immediately, there isn’t a necessity for one thing to be run every time a request is made. It’s due to this fact a lot much less useful resource intensive as utilizing a plugin, for instance.

* Observe: Apache has about 30% market take up rate based mostly on W3Techs report. Hottest internet hosting manufacturers talked about at WHSR – A2 Internet hosting, BlueHost, GreenGeeks, Hostinger, InMotion Internet hosting; are powered by Apache. 

What .htaccess is For?

Though there’s a dot in entrance of the filename, htaccess is the identify of the file and the dot doesn’t make it an extension. Particularly, it’s this actual filename that Apache seems for when it’s run. Something contained in the .htaccess file units parameters for Apache to allow or disable features and even execute particular duties when sure situations are met.

For instance, based mostly on directions contained within the file, Apache can robotically load customized error pages in case your web site guests are on the lookout for a useful resource which isn’t there. Every error sort has its personal code and every of these may be redirected individually.

There’s a large listing of what may be performed utilizing the .htaccess file and as we speak I’ll be sharing some of these with you.

1. Managing Customized Error Pages

Using .htaccess ErrorDocument 404 to redirect your users to another page.
Examples of some creatively custom-made 404 Error pages

When left at default settings, most net server software program sends a really bleak-looking error web page to your guests. If you would like to show a extra user-friendly (or on the very least, presentable) error web page then you definately’ll want to use customized error doc dealing with in your .htaccess file.

Let’s say that you simply’ve designed a customized 404 error web page referred to as “404.html” and saved it right into a sub-folder in your net listing referred to as “error_pages”. Utilizing the next line of code in .htaccess, you’ll be able to name that web page up each time a 404 error is encountered by a customer;

ErrorDocument 404 /error_pages/404.html

Utilizing this system, it can save you custom-made copies of every particular person error sort you need to account for and set them up to be referred to as by together with the mandatory code in your .htaccess file. The mostly encountered error codes embrace;

  • 400 – Dangerous request
  • 403 – Forbidden
  • 404 – File Not Discovered
  • 500 – Inside Server Error
  • 503 – Service Unavailable

2. Deal with Redirects

There could also be events if you need to set a blanket redirect to be able to direct your guests to particular pages with out them realizing. For instance, in the event you initially used HTTP however have since then put in SSL and moved to HTTPS, you’d need all of your customers to use the HTTPS model of your web site.

On this state of affairs, what you want to do is make use of the Rewrite rule;

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

The code for this may be modified relying in your wants. For instance, if you would like to redirect customers out of your previous area to a brand new one as an alternative, then you definately would use;

RewriteEngine On
RewriteCond %{HTTP_HOST} ^olddomain.com [NC,OR]
RewriteCond %{HTTP_HOST} ^www.olddomain.com [NC]
RewriteRule ^(.*)$ http://newdomain.com/$1 [L,R=301,NC]

There are numerous variations how one can arrange redirects. Particulars of the syntax for Rewrite may be discovered within the Apache documentation pages.

One of essentially the most helpful issues that redirects can do for you is to provide help to information search engines like google to pages which you’ve moved. Usually, search engines like google will index hyperlinks and if they’ll’t discover the correct pages there they are going to assume the content material is gone.

Through the use of a redirect, you’ll be able to simply transfer content material and let net crawlers know the place to discover the content material they’ve beforehand listed. To take action, use;

Redirect 301 /archive/ /past-entries/

The 301 instruction not simply lets customers entry the previous content material seamlessly, but additionally serves as an instruction to net crawlers that the content material is moved completely. This helps them by permitting them to re-index hyperlinks shortly.

3. Enhance Your Web site Safety

I discover that many new web site homeowners have a tendency to rely overly a lot on exterior instruments to improve their web site safety. Whereas it’s true that there are a ton of nice purposes on the market, you can begin with the fundamentals in your .htaccess file.

Password Defend Directories

To do that you’ll want two recordsdata, .htaccess and .htpasswd. The .htpasswd file contains some encryption, so use a instrument like Htpasswd Generator to create the file. The .htaccess file ought to embrace this code;

AuthType Primary
AuthName "Password Protected Space"
AuthUserFile /path/to/.htpasswd
Require valid-user

Disable Listing Looking

That is one of the simplest to do and solely wants two strains of code to be included in your .htaccess file;

# Disable listing looking
Choices -Indexes

Block Particular IPs

To dam particular person IPs from visiting your web site, add the next code to your .htaccess file;

Deny from XXX.XXX.XXX.XXX

The place you exchange XXX with the numeric IP values. There are variations of this code that can be utilized to block a spread of IP addresses or a number of IP addresses as properly.

4. Hotlink Safety

Hotlinking happens when different web sites hyperlink to pictures that you’re internet hosting. That is undesirable as a result of they’re making use of each your area in addition to bandwidth. To stop picture hotlinking, add the next to your .htaccess file;

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)instance.com/.*$ [NC]
RewriteRule .(gif|jpg|jpeg|bmp)$ - [F]

The final line of that code is the place you specify what recordsdata you need to block websites from hotlinking. It’s principally instructing Apache to block all hyperlinks to these recordsdata which aren’t from the area identify http://www.instance.com/.

Many individuals who hotlink usually don’t test their posts once more, so in the event you actually need to embarrass them, you’ll be able to show a customized message to websites which are attempting to hotlink;

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)instance.com/.*$ [NC]
RewriteRule .(gif|jpg)$ http://www.instance.com/stopstealing.gif [R,L]

Which might show an alternate picture on the offending web site like this:

5. Defending the .htaccess File

By now you’re realizing how helpful a instrument the .htaccess file actually is. Because you’ve come to that realization, it’s time you considered defending this worthwhile file! For those who’re utilizing a .htpasswd file, then you definately’ll most likely need to defend that as properly and the way in which to do each is to;

# shield .htaccess and .htpasswd

<Recordsdata ~ "^.*.([Hh][Tt])">
Order permit,deny
Deny from all
Fulfill all
</Recordsdata>

Do be aware that on most safe servers these recordsdata are already protected. Earlier than you add this code test to see in the event you can entry the recordsdata in a browser window. Merely sort within the URL and add a /.htaccess behind to see in the event you can view the file. For those who can’t you’ll doubtless be proven an error message.

6. Setting Your Server Time Zone

For those who discover that for some purpose or different, occasions in your server appear to be off just a little then you might want to pressure a time zone utilizing the .htaccess file. That is one thing that’s once more simple to do and wishes solely a single line of code;

SetEnv TZ America/yourtimezone

There’s a large listing of time zones accessible and yow will discover the closest match to yours by referring to the list of supported time zones.

Embrace the Energy of .htaccess

The samples I’ve proven listed here are solely the tip of a really giant iceberg. It offers webhosting customers a lot larger energy over their websites than would usually be allowed by a management panel and provides them a wider array of instruments to work with.

Studying to use the code is merely a step away with the ability of Google, and the most effective factor about it’s that you simply solely want to decide and study the stuff you want to use.

Show More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button