Create .htaccess File & Command Examples

There are lots of different elements that you can accomplish with a .htaccess file. They can create redirects, rewrite urls, and password protect directories. You can even implement them to protect your bandwidth and website assets.

What is a .htaccess file?

.htaccess File

A .htaccess file is a way to config rules on your web server running Apache Web Server. With the file loaded in your index directory of your site, it will be detected by Apache and executed.

The default name is .htaccess, and must be name exactly like this to be usable. This file is mostly used for rewriting URL structures and redirects.

How to create the file?

Create .htaccess File

Creating a .htaccess file can be tricking on a client Operating System. The easiest way to get the file to work with the "dot" extension. Is to create it in a standard text editing program and upload it to your server.

To create one, use a standard notepad editor. Make the necessary changes and save as "All Files" .htaccess. Then upload the file to the root directory of your server. Check you CHMOD permissions and see if they are 644 (RW-R--R--).

Some web hosting server will not allow you to use a .htaccess file. Double check with your web hosting provider if your file is not working.

Create a .htaccess File Instructions

  1. Open your text editor software.
  2. Enter all custom rules and commands.
  3. File Save As, choose "All Types" as save type.
  4. File name: .htacess
  5. Save File
  6. Upload to Root Directory on Server

Download A Sample .htaccess File

If you are having problems with the instructions on how to create .htaccess file. You can download my exmaple file to get your progress kick started.

Download .htaccess File

Depending on your operating system, double check the download to see if the dot "." is in front of the file name. If not, just rename to ".htaccess" when uploaded on the server

Example Commands with .htaccess File

Here are a few of the most common commands that are used with a .htaccess file.

Main Directory Option Settings

Default setting that are commonly used.

Options -Indexes
Options +FollowSymLinks
DirectoryIndex index.php index.html index.htm
RewriteEngine on

Custom Error Pages

Send user to specified index page on a website error.

ErrorDocument 400 / badrequest.html
ErrorDocument 401 / authreqd.html
ErrorDocument 403 / forbid.html
ErrorDocument 404 / notfound.html
ErrorDocument 500 /notfound.html

Password Protect Directory

Password protect a directory. Place user name and password in .htpasswd file in this format:


AuthUserFile /var/www/.htpasswd
AuthGroupFile /var/www/html/users
AuthName EnterPassword
AuthType Basic

Require User admin

Block Users or IPs

These commands will prevent certain IPs and websites from accessing your website.

Order Allow, Deny
Deny from
Deny from 891.01.1.2
Allow from all

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} blocksite\.com [NC]
RewriteRule .* - [F]

Change Default Index File

This command will give you the ability to change what your index file goes to when accessed.

DirectoryIndex newhomepage.html


Redirect www., new, or old pages

RewriteCond %{HTTP_HOST} ^$
RewriteRule ^/?$ [R=301,L]

RewriteCond %{HTTP_HOST} ^$ [OR]
RewriteCond %{HTTP_HOST} ^$
RewriteRule ^oldpage.html$ newpage.html [R=301,L]

Prevent Hot Linking

Hot linking is when someone is accessing your images from your server and using your bandwidth.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?*$ [NC]
RewriteRule \.(gif|jpg|js|css)$ - [F]


Most servers support Gzip caching to compression the size of your site.


AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/x-javascript

SetOutputFilter DEFLATE

#Expires Headers
ExpiresActive on
ExpiresByType text/html "access plus 30 seconds"
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/xml "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType image/gif "access plus 3 months"
ExpiresByType image/jpeg "access plus 3 months"
ExpiresByType image/png "access plus 3 months"
ExpiresByType image/x-icon "access plus 1 year"

Tutorial, Tips and Techniques

There are even more elements you can accomplish with .htaccess. These are just some of the most common features web developers use on a daily basis. It’s a good idea to know some of these tricks to manage your website.

Do you have any .htaccess tips you would like to share?


3.3 (120 votes)

Comments (1)

Although there are many uses of the .htaccess file, by far the most popular, and probably most useful, is being able to relaibly password protect directories on websites. Although JavaScript etc. can also be used to do this, only .htaccess has total security (as someone must know the password to get into the directory, there are no 'back doors')

What Do You Think?

Copyright © 2024