ARTICLE AD BOX
What Is an .htaccess File?
An .htaccess record is simply a website record utilized to configure definite aspects of your site. Like redirects, customized mistake pages, and more. All without having to edit the main server configuration files.
It’s utilized connected servers that tally Apache, an open-source web server software. If your website runs connected Nginx instead, you won’t person an .htaccess file.
Here’s an illustration of what an .htaccess record mightiness look similar for a WordPress website:
Where Is the .htaccess File?
Your .htaccess record is usually located successful the basal directory of your website whether you’re utilizing a content absorption system similar WordPress oregon you created the tract from scratch.
One mode to entree your site’s basal directory is done your web host, typically done a record manager interface. Which is simply a directory wrong your web big wherever you tin entree and edit your site’s files—like your .htaccess file.
Your web host’s server files mightiness look akin to the record folders you person connected your computer:
But the nonstop determination of an .htaccess record depends connected its purpose.
For example, accidental you person an .htaccess record successful the “image” directory of your website. The directives wrong that .htaccess record would only impact files successful that directory.
But if your .htaccess record is successful the basal directory of your website—the folder that contains your main website files—the file’s directives would use to each the files (and pages) connected your site.
How to Edit Your .htaccess File
If you’re utilizing WordPress, an .htaccess record should already person been generated erstwhile you installed WordPress (we’ll spell implicit what to bash if this isn’t the lawsuit successful the adjacent section.)
And determination are 3 main ways to edit it:
1. File Manager
Many web hosts connection the quality to entree cardinal website files done a record manager.
To bash this, log successful to your host, caput to your record manager, and find your .htaccess file.
Your .htaccess record is apt located successful your basal folder. The basal folder is titled “public_html” successful our illustration below:
Double click “.htaccess” to unfastened the plain substance editor.
Then, marque immoderate changes—like adding oregon removing directives—and deed the prevention button.
2. FTP Client
A record transportation protocol (FTP) lawsuit is an exertion that lets you transportation files betwixt your machine and your website. Cyberduck is an illustration of an FTP client.
You request to acceptable up an FTP lawsuit if you don’t person one. Which whitethorn entail reaching retired to your big for the details you request to link to it.
Once you’re acceptable up with an FTP client, you tin log successful to your tract via FTP. We’ll usage Cyberduck for our example.
Click “Open Connection” and participate your login details. Your web big usually provides these.
Next, alteration hidden files. Any files that statesman with a dot (like the .htaccess file) are hidden by default. Meaning you can’t view—or edit—them.
To amusement hidden files successful Cyberduck, spell to “Edit” > “Preferences” > “Browser” and cheque the container adjacent to “Show hidden files.”
Exit retired of the preferences. Then, find your .htaccess file. Again, it’s apt successful your basal folder.
Select the record and click “Edit.”
This opens your .htaccess record connected your machine arsenic a plain substance file.
Make immoderate edits straight successful the record and deed save. Your saved changes are automatically added to your .htaccess file.
3. WordPress Plugin
Plugins similar Yoast marque it casual to edit your .htaccess record from your site’s backend.
Log successful to WordPress to download and activate the Yoast plugin.
Then click “Yoast SEO” and prime “Tools.”
Click “File editor.”
Scroll to the .htaccess record country and marque your edits straight successful the substance box. And prevention them by clicking “Save changes to .htaccess.”
How to Create an .htaccess File
If you don’t already person an .htaccess file, travel the instructions beneath to make 1 yourself.
File Manager
To make an .htaccess record successful your host’s record manager, prime the folder you’d similar your .htaccess record to beryllium in. And support successful caput that the .htaccess record tin impact the directory you enactment it successful and its subdirectories.
Then click the caller record button.
Next sanction your record “.htaccess” (with the dot). Click “Confirm.”
You present person an .htaccess record acceptable to edit.
FTP Client
To make an .htaccess record utilizing your FTP client, prevention a plain substance record connected your machine arsenic “.htaccess” (with the dot). You tin make a plain substance record utilizing apps similar the Notepad.
Then, wrong your chosen FTP lawsuit (we’re utilizing Cyberduck), prime the directory you privation to spot the .htaccess record successful (like “public_html”). And click “Upload” and prime the .htaccess record saved to your computer.
Your .htaccess record is present acceptable to use.
4 Common .htaccess Directives
These 4 .htaccess directives tin assistance you amended and customize your site.
1. Add Redirects Using .htaccess
You tin redirect URLs utilizing .htaccess successful respective ways depending connected what you privation to redirect.
Before adding immoderate types of redirects, you whitethorn request to load the RewriteEngine module by adding this directive to your .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
</IfModule>
Then, adhd your redirect directives nether this module.
We’ll see the “RewriteEngine On” codification wherever required successful each illustration beneath for clarity. But depending connected however your .htaccess record is acceptable up, you whitethorn not request to see it each time.
Redirect Individual URLs
Redirect idiosyncratic URLs with this directive:
Redirect 301 /old-page/ https://www.yourdomain.com/new-page/
The “old-page” should notation the URL path—the information that comes aft your domain. This should statesman with a slash.
And the 2nd portion should beryllium the caller page’s full URL.
Users volition beryllium automatically redirected to the caller leafage whenever they effort to entree the URL from the aged page.
Redirect WWW URLs to Non-WWW URLs
If your domain uses the www subdomain, you tin usage your .htaccess record to redirect it to the non-www mentation with this directive:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.yourdomain.com [NC]
RewriteRule (.*) https://yourdomain.com/$1 [L,R=301]
Redirect Subfolders to New Locations
A subfolder is simply a folder that exists wrong different folder connected your site. For example, successful “www.yourdomain.com/blog,” the “blog” portion is simply a subfolder.
And you tin redirect subfolders to antithetic locations connected your domain utilizing the .htaccess record with this directive (using your URL paths):
RewriteEngine On
RewriteRule ^/?blog/(.\*)$ /news/$1 [R,L]
In the supra example, immoderate URL successful the “blog” subfolder volition beryllium redirected to the “news” subfolder.
Redirect an Old Domain to a New Domain
You tin besides usage the .htaccess record to redirect users from an aged domain to a caller 1 with this directive:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(?:www\.)?oldsite\.com$ [NC]
RewriteRule ^(.*)$ https://newsite.com%{REQUEST_URI} [L,R=301]
This redirects some the www and the non-www versions of your domain to the caller one.
Other Ways to Redirect URLs
There are different ways to redirect URLs if you don’t privation to edit your .htaccess file.
First, tally an audit of your tract to spot which pages whitethorn request redirects.
The Semrush Site Audit instrumentality tin place those pages for you.
Within the Site Audit tool, participate your URL and click “Start Audit.”
Configure your audit settings connected the pursuing page. Like however galore pages you’d similar to cheque during the audit. And however often you privation to tally the audit.
Click “Start Site Audit” aft configuring your audit settings.
When the audit is done, click “Issues” and look for “# pages returned 4XX presumption code.” Which means the server couldn’t scope those pages owed to a client-side error.
Click the “# pages” to presumption each affected page.
Review which pages you request to redirect. And which ones (if any) you’d similar to support arsenic 404 errors.
You mightiness so privation a leafage to show a 404 mistake if you’ve deleted the leafage and determination isn’t immoderate applicable leafage to redirect users to.
To instrumentality redirects for these pages connected WordPress without editing your .htaccess file, you tin usage a plugin similar Yoast.
Click “Yoast SEO” and “Redirects” successful the left-hand toolbar aft installing and activating the plugin.
Select the benignant of redirect you want. We'll usage 301 due to the fact that we privation to permanently redirect the aged leafage to a caller one.
Enter the aged URL slug—the past portion of the URL—and the destination URL slug. And click “Add Redirect.”
Lastly, trial the URL by entering the aged URL into your code barroom to marque definite it redirects to the caller page. You whitethorn privation to wide your cache first.
2. Load Custom 404 Error Pages with .htaccess
Your .htaccess record besides lets you load customized 404 mistake pages—the leafage that shows erstwhile the server cannot find a webpage astatine that URL. This tin hap erstwhile the leafage nary longer exists oregon if idiosyncratic enters an incorrect URL.
You mightiness privation a 404 leafage that reflects your brand, and possibly gives users directions to applicable contented oregon pages.
For example, our 404 leafage looks similar this:
First, make the leafage you’d similar to load erstwhile idiosyncratic encounters a 404 error.
Then, adhd this codification to your .htaccess file:
ErrorDocument 404 /404-page.html
And update the way to bespeak your customized 404 page’s path.
Your customized 404 leafage should past load immoderate clip idiosyncratic visits a leafage connected your tract that doesn’t exist.
Other Ways to Create a Custom 404 Page
If you’re utilizing WordPress, a plugin similar the Smart Custom 404 mistake page tin assistance you make a 404 leafage reasonably easily.
Here’s how:
Install and activate the plugin erstwhile logged into your WordPress site. Then caput to “Pages” and “AddNew Page.”
Create and people your customized 404 mistake leafage wrong the editor.
After publishing your page, click “Appearance” and “404 Error Page” successful the paper bar.
Select your mistake leafage from the drop-down paper and click “Save Changes.”
Test your 404 leafage by visiting a URL that doesn’t beryllium connected your site. It should redirect to your caller 404 page.
3. Force Your Site to Load with HTTPS Through .htaccess
Hypertext transportation protocol unafraid (HTTPS) encrypts communications betwixt the browser and your website. Which secures information sent from the browser to the server.
Plus, HTTPS is simply a ranking signal. So, utilizing it could person a affirmative interaction connected your rankings.
If your tract has a unafraid sockets furniture (SSL) certificate, you tin unit HTTPS alternatively of HTTP utilizing your .htaccess file.
To bash so, adhd these lines of codification to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Other Ways to Use HTTPS Instead of HTTP
Your big tin often assistance you power to HTTPS.
Some adjacent supply one-click options to unit HTTPS:
So, scope retired to your big for assistance mounting up HTTPS if you don’t privation to edit your .htaccess file.
4. Enable Password Protection with Your .htaccess File
You tin alteration password extortion connected your site—or circumstantial areas of your site—using your .htaccess file.
This whitethorn beryllium utile if you’re making tract updates and lone privation definite radical to entree your site. Like your web designer.
You’ll request 2 files to password-protect your site: .htpasswd and .htaccess.
First, caput to your website host’s record manager.
Add a caller record extracurricular your basal directory. Name it “.htpasswd” and click “Confirm.”
Important: It’s champion to spot your .htpasswd record extracurricular of your basal directory arsenic this whitethorn beryllium much secure.
Double click your .htpasswd record to unfastened and edit it. This is wherever you’ll adhd a username and password needed to entree your site.
You past request to encrypt your passwords (for information purposes). A escaped instrumentality similar HTPasswd Generator volition encrypt your password for you.
Just participate your username, password, and click “Generate .htpasswd file.” And transcript the output.
Paste the output successful your .htpasswd record and prevention your file.
Lastly, unfastened your .htaccess record and adhd this directive:
# Password protection
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /path/to/.htpasswd
Require valid-user
Make definite to alteration the way of the “AuthUserFile” enactment to the way of your .htpasswd file. And prevention the file.
Head to your website. Your tract should show a punctual upon loading if the directive works.
Enter your username and password and click “Sign in” to entree your site.
Other Ways to Password-Protect Your Site
If you’re utilizing WordPress, an easier mode to acceptable up password-protected pages is by utilizing the platform’s autochthonal password extortion functionality.
Log successful to your tract and caput to the leafage oregon station you privation to acceptable up password extortion for.
Next to “Visibility,” click connected “Public.”
Select the ellipse adjacent to “Password protected” and participate the password you privation to use. Then, exit retired of the punctual and click “Update.”
Now erstwhile idiosyncratic tries to entree the page, they’ll spot thing that looks similar this:
And they’ll request the password to entree the content.
But this means you tin lone person 1 password for each page—you can’t person antithetic passwords for antithetic users.
For other functionality, you whitethorn privation to see utilizing WordPress plugins instead.
Common Performance Issues Associated with .htaccess
Keep these issues successful caput if you determine to trust connected your .htaccess record to marque circumstantial changes to your site.
Speed
Using galore oregon precise analyzable .htaccess files tin interaction your site’s performance. And origin it to tally slowly.
Why?
Because Apache needs to work and construe each directive each clip a petition is made to your server.
So, cautiously see what’s indispensable to see successful your .htaccess and what isn’t.
And support it arsenic concise arsenic imaginable to debar tract show issues. Since page speed is simply a ranking factor, you privation your tract to load fast.
While there’s nary perfect magnitude for an .htaccess file, 1 mode to find if your .htaccess record is impacting broadside velocity is to tally velocity tests earlier and aft making immoderate .htaccess record changes.
Free tools similar Google’s Page Speed Insights fto you trial leafage velocity by entering a URL:
You whitethorn request to talk with a developer to reappraisal your .htaccess record if your leafage loads dilatory aft making updates.
Security
Because .htaccess files fto you redirect full sites, idiosyncratic who hacks your tract tin usage the .htaccess record to redirect your tract determination else.
So, cheque your .htaccess periodically for immoderate directives you didn’t add.
Also support regular backups of your site. Ideally, your big volition besides bash this for you, but you whitethorn privation to support your ain backups arsenic well.
That way, you tin rapidly revert your tract to an older mentation (which includes the older mentation of your .htaccess file, too) if thing happens.
Accessibility
Improperly configured .htaccess directives tin pb to accessibility issues. Like incorrect redirects that don’t instrumentality radical to the close page.
Users are much apt to permission your tract (and perchance caput to a competitor) if they can’t find the contented they want.
So, it’s important to support an oculus connected immoderate method issues that mightiness originate from improperly configured .htaccess directives.
Spot Technical Issues connected Your Site
Your .htaccess record allows you to marque almighty changes to your tract with comparative ease.
But those edits tin besides origin unwanted errors.
Use Semrush’s Site Audit instrumentality to assistance support your tract error-free erstwhile editing your .htaccess file.
Site Audit monitors errors and sends you regular updates, truthful you don’t request to interest astir keeping way of them yourself.
Try it today.
.svg)
English (US)