Setting Up .htaccess File

Setting Up .htaccess File

The .htaccess (Hypertext Access) file is a powerful configuration file used by Apache web servers. It allows you to control URL redirects, security settings, caching, and more at the directory level without modifying the main server configuration.

What Is .htaccess?

The .htaccess file is a plain text file placed in your website’s directory (typically public_html). It affects the directory it’s in and all subdirectories. Common uses include:

• URL redirects and rewrites
• Custom error pages
• Password protection
• Access control
• Caching rules
• Compression settings

Creating or Editing .htaccess

1. In cPanel, go to Files > File Manager.
2. Navigate to public_html.
3. Click Settings (top right) and check Show Hidden Files to see files starting with a dot.
4. If .htaccess exists, right-click and select Edit. If not, click + File, name it .htaccess, and click Create New File.

Common .htaccess Rules

Force HTTPS

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Redirect WWW to Non-WWW

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]

Redirect Non-WWW to WWW

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

Custom Error Pages

ErrorDocument 404 /error-404.html
ErrorDocument 500 /error-500.html
ErrorDocument 403 /error-403.html

Enable Gzip Compression

<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/css
    AddOutputFilterByType DEFLATE application/javascript application/json
    AddOutputFilterByType DEFLATE application/xml text/xml
    AddOutputFilterByType DEFLATE image/svg+xml
</IfModule>

Browser Caching

<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/svg+xml "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
</IfModule>

Block IP Addresses

<RequireAll>
    Require all granted
    Require not ip 192.168.1.100
    Require not ip 10.0.0.0/8
</RequireAll>

Prevent Directory Listing

Options -Indexes

Block Hotlinking

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\.)?yourdomain\.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|svg|webp)$ - [F,NC]

Important Tips

• Always back up your .htaccess file before making changes.
• Test changes immediately after saving — a syntax error can cause a 500 Internal Server Error.
• .htaccess rules are processed top to bottom — order matters.
• Use # for comments: # This is a comment
• If your site breaks, rename or delete .htaccess via FTP or File Manager to restore access.

Troubleshooting

• 500 error after editing: Revert your changes or check for syntax errors.
• Rules not working: Ensure mod_rewrite is enabled (RewriteEngine On).
• File not visible: Enable “Show Hidden Files” in File Manager settings.

For help with .htaccess configuration, contact 10Corp support.