What is .htaccess? What does it do? Where is it? How to Edit?

.htaccess File

This is a website file that is extremely powerful in controlling top-level configurations of the website.

The .htaccess file permits the user to tweak the website configuration without editing the files of the server configuration.

This is especially for servers that are powered by Apache web server.

In this article, we will discuss the usages of the .htaccess file along with various other functions.

Location 

Apache is configured to hide all the file names with .htaccess.

You asked why? These files have vital configuration information that can be utilized to compromise the server.

The file that is hidden is commonly found in the site’s public_html file.

Now, if you wish to access the .htaccess folder, you can do so in the following ways;

• You can access it from an FTP client or SFTP client.
• You can also access it from the cPanel’s File Manager of the hosting account.

After following these steps, suppose you still don’t find the file you’re looking for. Then you need to check the “show hidden files” option that will enable you to see all the hidden files.

Common Uses 

There are multiple ways to use .htaccess. Some of the most famous instances include;

• Prevention of hotlinking. 
• Specific directories on the server can be password protected. 
• Your WordPress website can be forced to utilize HTTPS and avoid HTTP. 
• You can also load various custom error pages that include 404 pages. 
• For a few URLs, you could add redirections.

Using .htaccess file can be a tool that offers plenty of power that helps you to manage the server. However, it can also be a bit tricky.

Before altering any files of .htaccess, make sure you’re familiar with how to make various changes to the server.

Before trying out anything, we strongly suggest that you back up all the files as well as the entire WordPress site.

At this point, if you have concerns about modifying the .htaccess file, you can always contact the website developer.

Utilizing Various Files of .htaccess 

You may now, with much ease, apply various settings to various directories on the server by simply utilizing many files of .htaccess.

Theoretically, you can build in any and all directories of the .htaccess file on the server. This can be done simply by creating it and later uploading a text file. 

A couple of things that you should bear in mind are; 

• Priority is always given to .htaccess files that are higher in the file path.
• As soon as the server finds the .htaccess file in the directory, it starts searching for similar files in every parent directory. This increases the resource usage of the server. 

In general, you need to reduce the amount of files of .htaccess on the server.

If you have many configurations, it will reduce the speed of the server. 

.htaccess File Editing

If you want to edit the .htaccess file at any point, you’ll need to download an existing folder by utilizing the FTP client.

You can also get it done through the host’s access system like the cPanel.

The .htaccess file of your WordPress site may have certain vital settings. If it does, then you will need to insert the latest code to the existing one.

Please note – you must avoid deleting the current .htaccess file. You can do so only if it’s empty and if you’re completely sure of being OK to delete the file.

Redirecting URLs 

If you plan to change your WordPress site organization or domain name, then you can, with much ease.

URL redirects can be set up, making sure the site visitors are not confused.

The simplest way to get this done is with the help of files of .htaccess.

For doing so, you will require to recreate a file by yourself. Post creation, upload it onto your server that uses SFTP.

1. You must log in to the server through SFTP.
2. Find and download the .htaccess file. You can usually find it in the content folder. Suppose you do not have a .htaccess folder; you’ll need to create a folder known as .htaccess on the system. This is done to hold the configurations.
3. Now through the text editor, open this file. 
4. You can now add the following line: 

# enable basic rewriting 

• Then, copy & paste the new configurations in the .htaccess folder. Make sure you save this file.
• This should be uploaded onto the directory from where you initially took the .htaccess file. 
• View the pages that you wish to redirect by simply going to the website. 

.htaccess file can also be utilized to redirect certain pages on the website by utilizing 301 & 302 redirects. 

Utilizing .htaccess for URL Rewrites 

Redirects and rewrites are very similar as they point to a single targeted URL to a specific URL. However, it is converted by a web server while managing traffic.

It’s like making modifications to a name with an eraser and pencil rather than directing to a new name with a signature.

Forcing Sites that are Non-WWW Addresses 

They ask you to add the information to the .htaccess file. Users that enter in www.example.com are going to be directed to example.com.

This can be replaced with the domain. For this, you require a high-level domain.

If you own a different high-level domain, such as .com,.org, or.net, you should use that high-level domain rather than .com/.

Do not delete ‘\’ because it’s required for the right syntax.

Create a Custom Error Page 404 

404 page, what is it? It is an error note that reflects non-existent pages on a site. This page will usually read as ‘page not found‘.

However, you’ll find various examples of hilarious 404 pages which are specially customized to offer the visitor a pleasant experience. 

Any website could have an error page. Website visitors are definitely going to encounter these error pages sometime or the other.

You can decide to use a custom error page. You will have the option to change the error to an experience that is positive by including some humour.

Let us discuss a couple of ways that you could use to customize your error page of the website by utilizing .htaccess file.

Now before you can set up the error page, you will require to create the error page. You can go ahead and do it.

However, you might like to hand code the page by utilizing a website builder that is convenient to you.

Once you have created the error page, you can save it in order to upload it to the server.

In order to set up the custom error page, you need to add the website’s .htaccess file. Follow the below steps; 

1. Prior to editing the .htaccess file, you must upload the customized error page to the server. This can be done through the SFTP. These files need to be placed within the website’s content directory.
2. Through the SFTP, log in to the server by utilizing an FTP program that you prefer.
3. Now the .htaccess file needs to be downloaded for the domain where you need to use the custom error page.
4. Proceed to open the file in the text editor and then add the required information.
5. Ensure to replace the information with your file path on to the error page that you uploaded. 
6. You can add the lines that you require, change the arrow digit as well as the path of the file as preferred.
7. After you’ve finished adding to the .htaccess file, make sure to save it and then exit it. Upload it to your directory from where you took it.
8. At this stage, you can test the website and make sure the error page is functioning properly.

Forcing HTTPS 

To ensure that every visitor to your site is making use of a secure connection, you must make use of the .htaccess rules. This will filter out insecure traffic.

This will work only if you own an SSL and have it installed for the domain. Today many web hosts offer an SSL with their hosting packages with absolutely no extra charges.

Password Protected Directories 

Some of you will prefer to protect your website with a password during the development, creation, and testing phases. Or at least until it is totally ready for public display.

You could also have certain web directories or pages that you would prefer to lock for certain users. A .htaccess file is indeed a brilliant tool that will assist you in achieving it within the hosting framework.

Let’s have a look at how you could create a password for protecting your directories, website, and other components.

1. You will require access to your document root of the specific website. This is the place to save the .htaccess File as well as the .htpasswd File. This will help you to password protect the site.
2. .htpasswd file will be placed in a directory higher than root access. It will be kept out of the .htaccess file, as well.
3. You are required to generate syntax for .htpasswd and files of .htaccess.
4. You will be required to keep the syntax on the server. If your website already has a .htaccess file, you can add the extra syntax to it. 
5. The location decided in the second step should now be used to upload the .htpasswd file.
6. The files have certain permissions that need to be checked. This is done to verify that the users to whom you’ve granted permission can access the files.

Hotlink Protection 

Hotlink, what is it? While building a website, some administrators prefer to include pictures and other content.

This is done to make the site more appealing as it provides character. By doing so, they tend to upload images by adding them to the pages that are viewed by the visitor.

They can also, although we don’t recommend it, utilize images that are uploaded by various other individuals.

This doesn’t require downloading and uploading that specific image to the site. This entire process is known as hotlinking.

Individuals who have had their images hotlinked by multiple websites will notice a sudden rise in their resource usage.

This is because the new site is utilizing these images. By doing so, they are also utilizing that individual’s server resources. This is indeed extremely unfortunate.

Now luckily, you can keep away from this if you enable hotlink protection on the site. It is a very simple process, and we have explained it below;

1. You will have to log in to the site through SFTP.
2. Here from the /web/content folder, the .htaccess file needs to be downloaded.
3. As soon as you get the file on the computer, you must add the required text to the file.
4. Ensure to alter the domain in order to match the domain. Do not change any .htaccess code that is inside the .htaccess file. We strongly advise against it. 
5. After you’ve successfully added the appropriate code, the .htaccess file needs to be uploaded to the content directory.
6. As soon as you have uploaded it, you can disconnect from the SFTP. You can now take a look at your website to ensure that it is error-free.

Conclusion 

We do hope that this article has given you clarity on the .htaccess file and its various uses. Do share with us the way you have used the .htaccess file.

That’s all for today, and I hope to see you guys soon! You can also check our article on What is a CDN and Why would I Need it?