1.- What is a .htaccess?
The .htaccess (hypertext access) file is the default name for Apache’s directory-level configuration file. It is used to customize the configuration of directives and parameters defined in the main hosting configuration file.
2.- How do we create and where do we place a .htaccess file?
To create a .htaccess file, open a text editor and enter the required code. Save the file as a text file (.txt), for example “htaccess_file.txt”, and
upload it via FTP to the folder where it needs to be used. Once on the server, rename the file from “htaccess_file.txt” to “.htaccess”.
Important: if you already have a .htaccess file in your hosting, you can use it to apply these configurations. If you have recently performed a
domain migration, you may also need to make changes.
The .htaccess file must be placed inside the folder where you want it to take effect. For example, if you want to password-protect a folder called “private”, place the .htaccess file inside the “private” folder.
The .htaccess file has a wide variety of uses and utilities that can be very useful on a website. In the following tutorial, we show some of the most commonly used functions.
3.- Common .htaccess utilities
The .htaccess file has a large number of utilities. In this tutorial, we show some of the most common ones and how to configure them:
Redirect subdomain to subfolder In some situations, you may need to create a redirection to a subdomain’s folder using .htaccess. If you want the subdomain “test.example.org”, for example, to point to the folder “example.org/test”, you must add the following directives to the .htaccess file:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^test.example.com$
RewriteCond %{REQUEST_URI} !^/test/
RewriteRule (.*) /test/$1
The first line enables the rewrite engine and only needs to be specified if it has not been enabled previously.
The third and fourth lines perform the redirection.
The second line prevents the redirection from being applied again if the request is already in the “test” folder. This is necessary to avoid errors and loops, since the .htaccess file is executed again when redirecting the request to the “test” folder.
Redirect website using 301, 302 redirects If, when accessing the website, you want to redirect the page to another one:
(In “R=301”, you can specify the redirection method you want: 301, 302, etc.)
Redirect website to a subfolder If your website is located in a subfolder different from the “web” folder, you can redirect all requests to that subfolder:
RewriteEngine onRewriteCond %{HTTP_HOST} ^example.org\.org$RewriteRule (.*) http://www.example.org/$1 [R=301,L]RewriteRule ^$ folder [L]
Where:
example.org\.org could be, for example, cdmon.com\.com.
The folder could be, for example, “wordpress”.
You can configure access so that, if for any reason you want to deny access to all users or only allow access from a specific group of IP addresses, you can do so.
Require all denied
Require ip 124.34.48.165
Require ip 102.54.68.123
The IPs 124.34.48.165 and 102.54.68.123 are the IPs that will have access to the website.
Require all granted
Require not ip 145.186.14.122
Require not ip 124.15
The IP 145.186.14.122 and the 124.15.x.x network will not have access to the website.
A very common use of .htaccess is to restrict access to certain folders. You may want to completely disable access to a folder, for example, a folder containing programming libraries that are included in the main files. In this case, only the main files will be able to access them via the file system, but they will not be accessible via the web. Simply create a .htaccess file in that folder containing the following code:
#deny all access
Require all denied
#deny all access
Require all denied
Require ip 212.267.98.14
Require ip 192.168.0.0/24
Require all denied
You can also use .htaccess to display the contents of a folder as a directory listing.
Options +Indexes
Options +Indexes
IndexOptions -FancyIndexing
IndexIgnore*
If you want your website to always be displayed without www, add the following code to the .htaccess file:
RewriteEngine OnRewriteCond %{REQUEST_URI} !^/(robots\.txt|favicon\.ico|sitemap\.xml)$RewriteCond %{HTTP_HOST} !^example\.org$ [NC]RewriteRule ^(.*)$ http://example.org/$1 [R=301,L]
Conversely, to always display the website with www:
RewriteEngine OnRewriteCond %{REQUEST_URI} !^/(robots\.txt|favicon\.ico|sitemap\.xml)$RewriteCond %{HTTP_HOST} !^www\.example\.org$ [NC]RewriteRule ^(.*)$ http://www.example.org/$1 [R=301,L]
Where:
example.org could be, for example, cdmon.com
SEO-friendly website redirection If you have transferred domain names or want to redirect to a specific page without affecting search engine results such as Google, you can use the following code:
If you want that when someone tries to access a specific file they are redirected to another file, you can use the “redirect” directive:
Redirect to secure HTTPS connection If you want to redirect your entire site to a secure (HTTPS) connection, this is very useful if, for example, you have an SSL certificate and want to work with it.
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Redirect users to use HTTPS for a specific folder If you only want to redirect a specific folder to a secure (HTTPS) connection instead of the entire site—for example, if you have a store in a separate folder—you should use the following code:
RewriteEngine OnRewriteCond %{SERVER_PORT} 80RewriteCond %{REQUEST_URI} folder_nameRewriteRule ^(.*)$ https://www.example.org/$1 [R,L]
Hotlinking consists of directly linking to files—usually images and videos—that belong to another website. This practice consumes the bandwidth of the original site hosting the image. To prevent others from “stealing” your bandwidth, you can configure .htaccess to block hotlinking.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.org/.*$ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ [L]
The last line is used to indicate which types of content (based on file extensions) you do not want to allow hotlinking:
RewriteRule .*\.(jpe?g|gif|bmp|png)$ [L]
Alternatively, you can use this other rule, which also displays a warning image (“no_steal_bandwidth.gif”, which you must have created beforehand) to indicate that the image is being loaded from your website.
RewriteEngine onRewriteCond %{REQUEST_URI} !^/IMG/no_steal_bandwidth.gif$RewriteCond %{HTTP_REFERER} !^$RewriteCond %{HTTP_REFERER} !^http://(www\.)?example.org/.*$ [NC]RewriteRule .*(gif|jpe?g|png|bmp)$ http://example.org/IMG/no_steal_bandwidth.gif [NC,R,L]
In the last line, specify the file extensions you want to block from being hotlinked and indicate the warning image you want to display.
You can make the default index page of your site something other than the well-known “index”. Here, “about.html” is set as the home page:
#Serve Alternate Default Index Page
DirectoryIndex about.html
The following code does not directly increase the overall loading speed of the site, but it does make it load faster when the same user visits again by sending a 304 status for elements that have not been modified. You can change the caching frequency by modifying the number of seconds (in this example, it is set to once per day):
FileETag MTime Size
ExpiresActive on
ExpiresDefault "access plus 86400 seconds"
Improve character compatibility This option is for those who do not use a standard character set recognized by the server. With this setting, the well-known 500 error is avoided.
AddDefaultCharset utf-8
An SEO-friendly URL consists of disguising a URL full of parameters to make it cleaner and more elegant, and to help achieve better search engine rankings. Depending on how the website is programmed, the code you need to use will vary.
Example 1:
For example, “folder/file.php?id=120&language=es” is not an SEO-friendly URL, so it should be transformed into “folder/file/120/es”, which is more elegant and helps with search engine positioning. This is an SEO-friendly URL. With the .htaccess file, you can perform this “disguise” for the URL.
You have a folder on your website that contains a file that receives parameters.
example.org/folder/file.php?id=25
Then, inside this folder, you must create a .htaccess file with the following code:
Options +FollowSymLinks
RewriteEngine on
RewriteRule folder/(.*)/(.*).php$ /folder/file.php?id=$1
The last line is where the change is performed.
(.*) will be the parameter you pass, $1.
(.*).php$ will be the file name used to “decorate” the URL.
Once the .htaccess file is created, in your website link you should use:
Link to file 25
Therefore, “folder/25/file-name.php” will be the same as “/folder/file.php?id=25”.
Example 2:
Options +FollowSymLinks
RewriteEngine on
RewriteRule ^(.*)$ /index.php?parameter=$1 [QSA,L]
Example 3:
Another example of converting to SEO-friendly URLs.
Options +FollowSymLinks
RewriteEngine on
RewriteRule ^(.*)/page-([0-9]+)$ /index.php?parameter=$1&paginator=$1 [QSA,L]
Example 4:
Code used by WordPress to create SEO-friendly URLs.
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]