The Ultimate Guide to .htaccess Files
What is .htaccess?
.htaccess are used by Apache-based web servers to make configuration changes for each directory. Generally, a file containing at least one configuration directive is placed in a specific document directory. Next, the directives are applied to that directory and subdirectories.
Developers typically encounter .htaccess files when using a Content Management System (CMS), such as Wordpress or Magento. It is one of the files that lie on your web server which you can access via FTP, but it does not necessarily need to be edited before uploading. If you do change it, you must ensure that the filename remains as '.htaccess', and doesn't end up with .html, .txt., or another extension.
To edit the file, go the public_html directory, and open it using File Manager in the cPanel. Alternatively, connect to your account via your preferred FTP Client.
Keep in mind that some web hosting services don't let you change the contents of the .htaccess file. However, in most cases, you should be able to create your own .htaccess file or edit the one that comes with your installed CMS. The .htaccess file is intended to give you control over a directory and all its contents.
You can use the .htaccess file to:
- Protect specific folders with a password
- Prevent directory listings
- Create and use personalized error pages
- Automatically redirect visitors to other pages
- Ban or allow users using IP addresses
- Change how files with specific extensions are utilized
How to use .htaccess
Using .htaccess file to create custom error pages for better SEO
The common error codes include:
- 400 – bad request
- 404 – file not found
- 403 – forbidden
- 401 – authorization required
- 500 – internal server error
Using .htaccess to deny users based on their IP address
You can use different variations of IP addresses depending on what you want to block, including:
- Blocking a specific IP address
- Blocking a specific domain
- Blocking multiple IP addresses
- Blocking an entire subnet
- Blocking an IP based on CIDR
- Blocking IPv6 addresses
- Blocking IP based on regular expression
- Redirect based on IP address
- Block specific request types
- Complete notatio
You can also block all users except yourself (webmaster), by including the following lines in your .htaccess file:
You can add as many 'allow from' and 'deny from' records as you want after the 'order allow,deny' line. Also remember to change the bottom line, 'allow from all' or 'deny from all' depending on what you want.
Blocked users will be directed to the '403 Forbidden' error message, which you can amend to your liking.
Changing server signature
That said, you should keep in mind that every edit that can be implemented with a .htaccess file is also doable with httpd.conf file, but the converse is not true. In fact, you must enable .htaccess files in the httpd.conf file for it to be executable. Once enabled, they can be superior to certain settings, which gives you greater control over the features and functions you can manipulate.