How to Use .htaccess File to Customize or Improve Your Website

Updated on Nov 21, 2022

Hypertext access files, abbreviated as htaccess, are configuration files that allow you to pass instructions and configurations to the web server. Depending on your objectives, you can do numerous things with the .htaccess file - from improving your user experience to security and performance optimizations. 

In this post, we will share some helpful tips and tricks you can do with the .htaccess file of your website. 

Note: 

.htaccess files are a powerful tool for managing your server, but it can be tricky. Make sure you are familiar with changes to your server before editing .htaccess files. We recommend you back up the htaccess file and your website. If you are uncomfortable making changes to your .htaccess file, you may contact our technical support for help.

Table of Contents:

What is an .htaccess File?

An .htaccess is a system file that allows you to pass specific instructions to the web server, valid only for your website, without affecting other parts of your hosting account or other users on the same server. As the web service handles all websites on a server, you need the .htaccess file to pass website-specific configurations when you don’t have access to the global server configuration.

Why is the .htaccess File Important?

The .htaccess file is important because it provides a wide range of features that can be easily set with a few lines of text instead of a much more tedious coding process to implement directly into your website code. For example, you can restrict access to your website with just two lines of code instead of building an IP access manager or installing third-party plugins. This guide will show you how to do that and a few more tricks. 

Block Access for Specific IP Addresses

order allow,deny
allow from all
deny from 192.168.0.1

Replace 192.168.0.1 with the actual IP address to block. If you want to block multiple IP addresses, add additional lines with the “deny from” rule. 

Allow access only from your IP address

Order allow,deny
Deny from all
Allow from 192.168.0.1

Replace 192.168.0.1 with your public IP address. You can check your public IP address by searching for “what is my ip” in Google search. 

Prevent PHP in Folders

You can prevent PHP files from being executed, which can be used to run scripts. However, you should not add the following .htaccess code to the root directory or any directories that require PHP files. PHP access is required for Content Management Systems (CMS) such as WordPress and Drupal. However, specific folders, including CMS folders like wp-content/uploads/, should not require PHP execution privileges. Another reason to include this code is in folders containing downloadable files (.zip, .pdf, .exe, etc.). They have no .php files, and users do not need to access that folder directly.

<files *.php>
deny from all
</files>

Please ensure that you only add the above code to the .htaccess file inside the directory where you want PHP disabled. Do not include the code in a .htaccess file in the root directory or an upper-level directory, as this will also disable .php execution in lower-level directories.

Add a Trailing Slash to The End of Your URL

URLs with a trailing slash usually refer to a directory. URLs without a trailing slash are usually files. Suppose you want to add a trailing slash to the end of a URL using your .htaccess file. In that case, the following code will do it for you:

#trailing slash enforcement
 RewriteBase /
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_URI} !#
 RewriteCond %{REQUEST_URI} !(.*)/$
 RewriteRule ^(.*)$ http://domain.com/$1/ [L,R=301]
Don’t forget to replace “domain.com” with your actual domain name.

Redirect Users to a Customized 404 Error Page

If you want your visitors to be redirected to a customized error page whenever they reach a page with a 404 error, use the following code. A 404 error occurs when the requested page cannot be found. This is usually because the page has been relocated or deleted. To keep your site looking streamlined and professional, use a custom 404 error page. You can use the code below to redirect users to your custom page if they arrive at a page that no longer exists at the address they entered.

# custom error pages
 ErrorDocument 401 401.html
 ErrorDocument 403 403.html
 ErrorDocument 404 404.html
 ErrorDocument 500 500.html

Please note that if your custom error page is not called 404.html, for example, you should edit the lines above with your actual page names. 

Create a Redirect While Performing Site Maintenance

While performing site maintenance, you want visitors to be redirected to a page that lets them know what’s going on and when your site is expected to be open to visitors again. You can use the .htaccess file to accomplish this using the following code:

RewriteEngine on
 RewriteCond %{REQUEST_URI} !/maintenance.html$
 RewriteCond %{REMOTE_ADDR} !^192.168.0.1
 RewriteRule $ /maintenance.html [R=302,L]

Be sure you have created an HTML document to be displayed during site maintenance and that you have labeled it that. That is the page this code will send visitors to while you are performing routine site updates and creating backups as this is a temporary redirect, we are serving a 302 header response.

To access your website while being under maintenance, you should replace 192.168.0.1 with your actual IP address. 

Enable gzip Compression 

One way you can speed up your site is to make it smaller. Optimizing your images is always an excellent way to do that, but you can also reduce the size of your text-based content, such as CSS, JS, and other text-based files.  Enabling gzip compression for static content via the .htaccess file is not hard. You can do it with the following code.

##### Enable gzip compression for resources
<ifModule mod_gzip.c>
    mod_gzip_on Yes
    mod_gzip_dechunk Yes
    mod_gzip_item_include file .(html?|txt|css|js|php)$
    mod_gzip_item_include handler ^cgi-script$
    mod_gzip_item_include mime ^text/.*
    mod_gzip_item_include mime ^application/x-javascript.*
    mod_gzip_item_exclude mime ^image/.*
    mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>

You should modify this code snippet to use the resources you want to compress during transfer.

Not all servers handle gzip without error. If this method does not work on your server, you may want to explore using deflate instead:

##### Compress resources
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/xml
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/opentype
</IfModule>

Redirect HTTP to HTTPS

If you want to have all HTTP requests to your website redirected to HTTPS, you can add the following lines in your .htaccess file:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

Remember to replace yourdomain.com with your actual domain name. 

Strip "www" Through an .htaccess File

If you would like to have all requests redirected from www to non-www version of your domain, you can use the following lines:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

Add “www” Through an .htaccess File

To force www for your website, you can use:

RewriteEngine On
RewriteCond %{HTTP_HOST}  !^www\.example\.com$ [NC]
RewriteRule ^(.*) http://www.example.com/$1 [L,R]

Conclusion

With that guide, you learned what a .htaccess file is and how to modify it to improve your website. If you experience difficulties managing your .htaccess file, feel free to contact our technical support team with any hosting-related questions via Live Chat or the ticketing system.

We hope you find this article useful. Discover more about FastCloud - the top-rated Hosting Solutions for personal and small business websites in four consecutive years by the HostAdvice Community!

SSD Cloud Hosting

  • Free Domain Transfer
  • 24/7 Technical Support
  • Fast SSD Storage
  • Hack-free Protection
  • Free Script Installation
  • Free Website Transfer
  • Free Cloudflare CDN
  • Immediate Activation
View More