Controlling the Power

Htaccess – Your Guide to Control

Htaccess: Guide to Control
Htaccess: Guide to Control

Htaccess is just the file we need in today’s world of Content Management Systems (CMS) cPanels, plug-ins, applications and the like. Yet many people rarely encounter this old-world text file.

In general, .htaccess works on servers with the Apache Web Server set-up, but there are work-around tools etc. for others. With this in mind, let’s dive in detail to this topic.

What is .htaccess?

To see if you already have an .htaccess file, open up your website in your favorite FTP program, file manager, etc. and look at the root folder; you should see it there.

This powerful control mechanism is simply a text file, placed at the root directory (you can place it elsewhere, but root directory is highly recommended, and has server directives within.

For example, with .htaccess, you can redirect users, put in URL re-writes, provide password-protected directories and more.

If you’d like to create your own – just open up Microsoft Notepad or a similarly text-based application, turn off the word-wrap and save the file as htaccess.txt or some such. Then and this is important, rename the file as simply .htaccess. Upload it to your root directory with file permission settings at 644 and you’re ready to go.

Useful .htaccess Snippets

Now that we know what the .htaccess is, let’s look at how we can use it. Here are some code snippets you can use directly in your .htaccess file.

Directory Index

Specify the index file of your directory

DirectoryIndex welcome.html welcome.php

Custom Error Pages

Redirect users to your very own customized Error Page, whether it be for 404, 500, etc.:

ErrorDocument 400 /400.html
ErrorDocument 401 /401.html
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 504 /504.html

Remove www

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^ [NC]
RewriteRule ^(.*)$$1 [L,R=301]

Set Server's Timezone

Set your server’s timezone with:
SetEnv TZ Europe/London (obviously change the timezone to what you desire)

Control Access

Deny access from specific IP Addresses:
order allow,deny
deny from XXX.XXX.XXX.XXX
allow from all

301 Redirects with .htaccess

Creating, modifying, cleaning, etc. 301 Redirects are an extremely common activity for SEO Specialists.

Redirect 301 /olddirectory/file.html

Detect and Redirect Tablet-based users

RewriteCond %{HTTP_USER_AGENT} ^.*iPad.*$
RewriteRule ^(.*)$ [R=301]
RewriteCond %{HTTP_USER_AGENT} ^.*Android.*$
RewriteRule ^(.*)$ [R=301]

Hotlink Protection

Hotlinking is not cool. Here’s how to protect your site from it.

Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)? [nc]
RewriteRule .*.(gif|jpg|png)$ ^ [nc]

Force Save As

Want to force users to download files instead of viewing them in the browser?

AddType application/octet-stream .avi .mpg .mov .pdf .xls .mp4

Disable Directory browsing

# disable directory browsing
Options All -Indexes
# enable directory browsing
Options All +Indexes

Blocking Specific User Agents

<IfModule mod_rewrite.c>
SetEnvIfNoCase ^User-Agent$ .*(bot1|bot2|bot3|bot4|bot5|bot6|) HTTP_SAFE_BADBOT
SetEnvIfNoCase ^User-Agent$ .*(bot1|bot2|bot3|bot4|bot5|bot6|) HTTP_SAFE_BADBOT
Deny from env=HTTP_SAFE_BADBOT

What's Next?

This is just a quick glance into the .htaccess file, but I hope it gives you some idea of the power at your fingertips. Good luck and let me know if you have any questions!

You May Also Like
Scroll to Top