Everything You Need To Know About htaccess File | Web Hosting Knowledges

The .htaccess is the most sensitive Apache server configuration file. You can perform several sensitive tasks by writing a small code inside the htaccess file. You can use the .htaccess file to configure a server for a specific directory.

The .htaccess file is present by default inside the root directory, or you can also create one. The htaccess file is very useful in many cases such as authorization, error handling, user permissions, redirects, etc.

Today, in this tutorial, we're gonna walk you through all the tasks you can perform with the .htacess file.

Tasks you can do with the .htaccess file

1. Change the Default Homepage: So, suppose you want to change your website's homepage URL. For example, let me assume that your current homepage is index.html, and you want to forward your website to the different homepage which you've recently created or whatever which is home.html then, you can type below simple code in the .htaccess file to change the default landing page of your website.

DirectoryIndex index.html

It is also possible to add multiple default homepages at once. In this case, the .htaccess file will send a command to the server to check the open website with first landing page, and if the first one isn't present then it'll go for the second, and so on.

DirectoryIndex index.html home.html custom.html

2. Block a specific/range of IPs to browse your website: You can easily block a specific user from accessing your website by blocking his IP address from the .htaccess. Moreover, in case of any attacks or if your website is under construction then you can apply command in htaccess to block everyone from accessing your website while allowing only your IP address. Here is how you can do it.

• Deny Access To Files: The following command will through a 403 forbidden error when a visitor will hit any .inc file.

<Files ~ "\.inc$"> 

Order Allow,Deny 

Deny from All </Files>

• Block any desired IP: The below command will block a specific IP address to browse your website. Change the dummy IP address with your custom one.

Order Deny, Allow 

Deny from 192.206.221.140 

• Block multiple IPs: Block more than one IP address at once by following the below command.

Order Deny, Allow 

Deny from 185.120.120.120 

Deny from 192.190.190.190

• Block all IPs and allow only your: With the below command, you can block everyone from visiting your website except yourself. You just have to replace the dummy IP address with your own IP address which you can find from the IP Lookup website.

order deny, allow 

deny from all 

allow from 127.0.0.1

3. 301 Permanent Redirect: You can easily redirect your whole website to a new URL with the help of the htaccess command. Use the following command to redirect your website to a completely new URL.

RewriteEngine on 

RewriteCond %{HTTP_HOST} ^domain1.com [NC,OR] 

RewriteCond %{HTTP_HOST} ^www.domain1.com [NC] 

RewriteRule ^(.*)$ http://domain2.com/$1 [L,R=301,NC]

Or you can simply use the below code

Redirect 301 / https://newdomain.com

4. HTTP to HTTPS force redirect: Nowadays, using HTTPS is compulsory for every professional website. Using force HTTPS redirect command from the .htaccess will ensure your website uses HTTPS protocol always. You can easily do it by following the below command.

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
Header always set Content-Security-Policy "upgrade-insecure-requests;"
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

5. Customize your Error Pages: You can create your custom error page and add that page inside the .htaccess file. For example, you've downloaded a custom 404 error template from google and uploaded it inside your root directory. Now follow the below code to redirect all the 404 errors to the custom 404 page instead of the default one.

Example 1: redirect errors to html files
ErrorDocument 404 /404.html

Example 2: redirect errors to PHP file
ErrorDocument 404 /error.php?q=404

6. Directory Protection: Yes, you can also protect a specific directory with a username & password using the htaccess command. Once you'll add the following command in the htaccess file, the directory will ask for a username & password every time you'll open it.

AuthName "Your Authenticated Folder"
AuthUserFile /path/.htpasswd
AuthType Basic
require valid-user

Note: You'll have to have a .htpassword file where the username & password will have to be present. However, you can create it on your own by using any editor such as notepad, notepad++, etc.