SEO

– 7 min read –

November 14, 2018

Read later

The Ultimate Guide to .htaccess Files

Picture by: Maria Marikutsa

The Ultimate Guide to .htaccess Files 16261788115234

Sasneh R.

Brand Manager at TechWyse

.htaccess Apache configuration files are some kind of a mystery for many developers and SEOs. Learning the basics of this filename configuration can help automatically gzip content, improve caching, provide friendlier URLs, prevent hotlinking, and so on.

What is .htaccess?

.htaccess is not a file extension but a filename; it is an abbreviation for Hypertext Access. In other words, you will never find a file with the .htaccess extension, like file.htaccess.

.htaccess are used by Apache-based web servers to make configuration changes for each directory. Generally, a file containing at least one configuration directive is placed in a specific document directory. Next, the directives are applied to that directory and subdirectories.

Developers typically encounter .htaccess files when using a Content Management System (CMS), such as WordPress or Magento. It is one of the files on your web server, which you can access via FTP, but it does not necessarily need to be edited before uploading. If you do change it, you must ensure that the filename remains '.htaccess' and doesn't end up with .html, .txt., or another extension.

To edit the file, go to the public_html directory and open it using File Manager in the cPanel. Alternatively, connect to your account via your preferred FTP Client.

Directives

Apache uses this terminology, 'Directives', for the commands in Apache's configuration files. They're usually fairly short commands that modify the behavior of the Apache. .htaccess files allow you to execute multiple directives without necessarily accessing the Apache core server configuration file named httpd.conf or global configuration file.

Keep in mind that some web hosting services don't let you change the contents of the .htaccess file. However, in most cases, you should be able to create your .htaccess file or edit the one with your installed CMS. The .htaccess file is intended to give you control over a directory and all its contents.

You can use the .htaccess file to:

Protect specific folders with a password
Prevent directory listings
Create and use personalized error pages
Automatically redirect visitors to other pages
Ban or allow users using IP addresses
Change how files with specific extensions are utilized

How to use .htaccess

All you need to create a .htaccess file is a text editor like UltraEdit or TextPad, but not MS NotePad.

The Ultimate Guide to .htaccess Files 16261788115235

Here's another example:

AuthName “Subscriber's Name”
AuthUserFile /path/to/password/file/.htpasswd
AuthType Basic
Require valid-user 
ErrorDocument 401 /error_pages/401.html
AddHandler server-parsed.html

This example allows directory password protection, redirects visitors to a personalized error webpage if they input the wrong authentication information, and allows the use of SSI with '.html' files.

Using .htaccess file to create custom error pages for better SEO

You can use .htaccess files to redirect visitors to a custom error page. For instance, you can direct them to some of your best pages, a sitemap with links to the categories of your site, a specific landing page, or feature your FAQ page to assist your visitors without forcing them to leave your site to find something.

The common error codes include:

400 – bad request
404 – file not found
403 – forbidden
401 – authorization required
500 – internal server error

Using .htaccess to deny users based on their IP address

There are different ways to block visitors by IP address, whether from a specific country or specific users who are harassing your website. To enable visitor blocking and restrictions, simply create your custom .htaccess file and include the following text:

Order allow,deny 
Deny from 123.123.123.123 
Deny from 255.255.43. 
Allow from all

This example tells the Apache Web server to deny web access to users from the two IP addresses: '123.123.123.123' and '255.255.43.' The fact that the second IP address does not have the 4th digits implies that all IP addresses matching the first three digits will automatically be denied access.

You can use different variations of IP addresses depending on what you want to block, including:

Blocking a specific IP address
Blocking a specific domain
Blocking multiple IP addresses
Blocking an entire subnet
Blocking an IP based on CIDR
Blocking IPv6 addresses
Blocking IP based on regular expression
Redirect based on IP address
Block specific request types
Complete notatio

You can also block all users except yourself (webmaster), by including the following lines in your .htaccess file:

Order allow, deny 
Allow from 255.1.1.1 
Deny from all

These lines instruct the Apache Web Server to deny access to all users except visitors with the specified IP address - like your IP.

You can add as many 'allow from' and 'deny from' records as you want after the 'order allow, deny' line. Also, remember to change the bottom line, 'allow from all' or 'deny from all' depending on what you want.

Blocked users will be directed to the '403 Forbidden' error message, which you can amend to your liking.

Changing server signature

The server signature displayed as part of the default Apache error documents can be changed using the following code:

ServerSignature Email 
SetEnv SERVER_ADMIN nospace@pleasenospace.com

This sample code can be used to change the displayed/default address if it has been wrongly set. But to completely remove the server signature, use the following code instead:

ServerSignature Off

Final note

The ability to edit .htaccess files is particularly useful for hosting companies that offer shared hosting. The provider does not give clients access to the global configuration file. Allowing access to .htaccess, allows you and other webmasters to implement your own custom Apache directives.

That said, you should remember that every edit implemented with a .htaccess file is also doable with httpd.conf file, but the converse is not true. You must enable .htaccess files in the httpd.conf file for it to be executable. Once enabled, they can be superior to certain settings, which gives you greater control over the features and functions you can manipulate.

Speed up your search marketing growth with Serpstat!

Keyword and backlink opportunities, competitors' online strategy, daily rankings and SEO-related issues.

A pack of tools for reducing your time on SEO tasks.

Get free 7-day trial

The opinion of the guest post authors may not coincide with the opinion of the Serpstat editorial staff and specialists.

Rate the article on a five-point scale

The article has already been rated by 16 people on average 3.31 out of 5

Found an error? Select it and press Ctrl + Enter to tell us

Discover More SEO Tools

Backlink Cheсker

Backlinks checking for any site. Increase the power of your backlink profile

API for SEO

Search big data and get results using SEO API

Competitor Website Analytics

Complete analysis of competitors' websites for SEO and PPC

Keyword Rank Checker

Google Keyword Rankings Checker - gain valuable insights into your website's search engine rankings