Advertisement

Hosting Reviews

The Basics of .htaccess: How to Use & Examples

What’s an .htaccess file?

The .htaccess file is an Apache HTTP Server (usually simply referred to as Apache) configuration file. The file is extraordinarily highly effective and can be utilized to assist management a number of aspects of net pages which are served up by Apache. This consists of issues like managing redirects, hotlink safety and extra.

The place is the .htaccess file?

There ought to be one .htaccess file in your net host root folder – the folder (often /public_html or /www) that holds the content material of your web site.

You may have multiple .htaccess file in your internet hosting account, however every listing or folder can solely have one.

For instance, you’ll be able to have separate .htaccess information in your root folder and one other in a sub-folder. This permits you to set completely different server conduct primarily based on listing construction.

The .htaccess file is highly effective however could be accessed and modified if not protected appropriately. Just be sure you take steps to forestall entry to this file.

I am unable to discover my .htaccess file

First of all .htaccess is an Apache file, this implies you’ll be able to solely discover it in an Apache server.* Cease looking out in case your host is operating on a unique net server software program (ie. Microsoft IIS or NGINX).

Advertisement

File names that start with a dot often hidden information. This implies they aren’t sometimes seen by default.

To view this file, merely activate “Present Hidden Recordsdata” in your FTP shopper or Internet hosting File Supervisor (see picture beneath).

Instance – Show your hidden information by enabling this selection in cPanel File Supervisor.

Chances are you’ll really feel that the .htaccess file is an inconvenience because it requires coding however take into account the person who wants to set up the identical server behaviour throughout a number of websites. All that individual will want to do is duplicate the .htaccess file.

.htaccess information are server configuration information and since they handle behaviour instantly, there isn’t a necessity for one thing to be run every time a request is made. It’s subsequently a lot much less useful resource intensive as utilizing a plugin, for instance.

Advertisement

* Word: Apache has about 30% market take up rate primarily based on W3Techs report. Hottest internet hosting manufacturers talked about at WHSR – A2 Internet hosting, BlueHost, GreenGeeks, Hostinger, InMotion Internet hosting; are powered by Apache. 

What .htaccess is For?

Though there’s a dot in entrance of the filename, htaccess is the title of the file and the dot doesn’t make it an extension. Particularly, it’s this precise filename that Apache appears to be like for when it’s run. Something contained in the .htaccess file units parameters for Apache to allow or disable capabilities and even execute particular duties when sure situations are met.

For instance, primarily based on directions contained within the file, Apache can routinely load customized error pages in case your web site guests are in search of a useful resource which isn’t there. Every error sort has its personal code and every of these could be redirected individually.

There’s a enormous checklist of what could be completed utilizing the .htaccess file and in the present day I’ll be sharing some of these with you.

1. Managing Customized Error Pages

Using .htaccess ErrorDocument 404 to redirect your users to another page. Examples of some creatively custom-made 404 Error pages

When left at default settings, most net server software program sends a really bleak-looking error web page to your guests. If you would like to show a extra user-friendly (or on the very least, presentable) error web page you then’ll want to use customized error doc dealing with in your .htaccess file.

Let’s say that you just’ve designed a customized 404 error web page referred to as “404.html” and saved it right into a sub-folder in your net listing referred to as “error_pages”. Utilizing the next line of code in .htaccess, you’ll be able to name that web page up at any time when a 404 error is encountered by a customer;

ErrorDocument 404 /error_pages/404.html

Utilizing this method, it can save you custom-made copies of every particular person error sort you need to account for and set them up to be referred to as by together with the mandatory code in your .htaccess file. The mostly encountered error codes embody;

  • 400 – Unhealthy request
  • 403 – Forbidden
  • 404 – File Not Discovered
  • 500 – Inner Server Error
  • 503 – Service Unavailable

2. Deal with Redirects

There could also be events whenever you need to set a blanket redirect as a way to direct your guests to particular pages with out them figuring out. For instance, when you initially used HTTP however have since then put in SSL and moved to HTTPS, you’d need all of your customers to use the HTTPS model of your website.

On this scenario, what you want to do is make use of the Rewrite rule;

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

The code for this may be modified relying in your wants. For instance, if you’d like to redirect customers out of your previous area to a brand new one as an alternative, you then would use;

RewriteEngine On
RewriteCond %{HTTP_HOST} ^olddomain.com [NC,OR] RewriteCond %{HTTP_HOST} ^www.olddomain.com [NC] RewriteRule ^(.*)$ http://newdomain.com/$1 [L,R=301,NC]

There are various variations how one can arrange redirects. Particulars of the syntax for Rewrite could be discovered within the Apache documentation pages.

One of probably the most helpful issues that redirects can do for you is to enable you to information serps to pages which you’ve moved. Usually, serps will index hyperlinks and if they will’t discover the precise pages there they are going to assume the content material is gone.

By utilizing a redirect, you’ll be able to simply transfer content material and let net crawlers know the place to discover the content material they’ve beforehand listed. To take action, use;

Redirect 301 /archive/ /past-entries/

The 301 instruction not simply lets customers entry the previous content material seamlessly, but in addition serves as an instruction to net crawlers that the content material is moved completely. This helps them by permitting them to re-index hyperlinks shortly.

3. Enhance Your Web site Safety

I discover that many new web site homeowners have a tendency to rely overly a lot on exterior instruments to enhance their web site safety. Whereas it’s true that there are a ton of nice functions on the market, you can begin with the fundamentals in your .htaccess file.

Password Defend Directories

To do that you’ll want two information, .htaccess and .htpasswd. The .htpasswd file consists of some encryption, so use a device like Htpasswd Generator to create the file. The .htaccess file ought to embody this code;

AuthType Primary
AuthName “Password Protected Space”
AuthUserFile /path/to/.htpasswd
Require valid-user

Disable Listing Searching

That is one of the best to do and solely wants two traces of code to be included in your .htaccess file;

# Disable listing searching
Choices -Indexes

Block Particular IPs

To dam particular person IPs from visiting your website, add the next code to your .htaccess file;

Deny from XXX.XXX.XXX.XXX

The place you change XXX with the numeric IP values. There are variations of this code that can be utilized to block a variety of IP addresses or a number of IP addresses as nicely.

4. Hotlink Safety

Hotlinking happens when different web sites hyperlink to pictures that you’re internet hosting. That is undesirable as a result of they’re making use of each your area in addition to bandwidth. To forestall picture hotlinking, add the next to your .htaccess file;

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)instance.com/.*$ [NC] RewriteRule .(gif|jpg|jpeg|bmp)$ – [F]

The final line of that code is the place you specify what information you need to block websites from hotlinking. It’s principally instructing Apache to block all hyperlinks to these information which aren’t from the area title http://www.instance.com/.

Many individuals who hotlink typically don’t examine their posts once more, so when you actually need to embarrass them, you’ll be able to show a customized message to websites which are making an attempt to hotlink;

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)instance.com/.*$ [NC] RewriteRule .(gif|jpg)$ http://www.instance.com/stopstealing.gif [R,L]

Which may show an alternate picture on the offending website like this:

5. Defending the .htaccess File

By now you’re realizing how helpful a device the .htaccess file actually is. Because you’ve come to that realization, it’s time you considered defending this worthwhile file! For those who’re utilizing a .htpasswd file, you then’ll most likely need to protect that as nicely and the way in which to do each is to;

# defend .htaccess and .htpasswd

<Recordsdata ~ “^.*.([Hh][Tt])”>
Order permit,deny
Deny from all
Fulfill all
</Recordsdata>

Do notice that on most safe servers these information are already protected. Earlier than you add this code examine to see when you can entry the information in a browser window. Merely sort within the URL and add a /.htaccess behind to see when you can view the file. For those who can’t you’ll doubtless be proven an error message.

6. Setting Your Server Time Zone

For those who discover that for some purpose or different, occasions in your server appear to be off a bit of then you might want to power a time zone utilizing the .htaccess file. That is one thing that’s once more straightforward to do and desires solely a single line of code;

SetEnv TZ America/yourtimezone

There’s a enormous checklist of time zones obtainable and yow will discover the closest match to yours by referring to the list of supported time zones.

Embrace the Energy of .htaccess

The samples I’ve proven listed below are solely the tip of a really massive iceberg. It offers hosting customers a lot larger energy over their websites than would usually be allowed via a management panel and provides them a wider array of instruments to work with.

Studying to use the code is merely a step away with the ability of Google, and the perfect factor about it’s that you just solely want to decide and be taught the stuff you want to use.

Advertisement

Related Articles

Leave a Reply

Back to top button