Learn how to use the .htaccess file

Written by 

A quick and handy tutorial for the various uses of the .htaccess file.

If you want to enhance your website's search engine optimization, if you migrated your website to a new domain or even a new CMS with a different link structure, if you want to apply security measures (such as password protection or blocking specific IP addresses) on certain parts of your website or if you want to maximize your website's performance, there is a little file you can use, to provide custom settings for each of your website's directories. 

What is .htaccess

The .htaccess file is a configuration file for websites being hosted on servers running the Apache web server software. In the web hosting plan that we provide, all our websites are hosted on servers running the Apache software, hence you won't need to perform any additional checking to find out whether you can use a .htaccess file.

How does .htaccess work

The .htaccess file provides configuration settings on a per-directory basis. This means that you can have different versions of .htaccess files, each one in a different directory of your website, and each version will provide specific settings for this particular directory.

How to make a .htaccess file

To make a .htaccess file you will only need a text editor, such as Notepad or UltraEdit (for Windows), TextEdit (for Mac OSX), Nano and Vim (for Linux). Create a new text file using the text editor of your choice, enter the appropriate directives, save your file as '.htaccess' and upload the file to the appropriate directory of your website.

What does the dot before the filename mean ?

The dot before the filename '.htaccess' means that this file is hidden, in Unix-like operating systems. This is an essential security measure, therefore pay extra attention not to miss the dot before the actual filename.

Why does the .htaccess not have an extesion ?

Even though the .htaccess file is a plain text file, it does not need any particular extension. Make sure you do not save the file as .txt file (such as .htaccess.txt) because this will make the file non-functional at all.

Possible uses of a .htaccess file

There are many cases that a .htaccess file can become useful. We have gathered the most common scenarios and the appropriate recipe for each case.

URL rewriting

In case some of your website's content has long, difficult to remember URLs, or if you want to enhance your website's search engine optimization by providing search engine friendly URLs, you may use this code in a .htaccess file to enable URL rewriting :

RewriteEngine on
RewriteRule ^new_fancy\.html$ old_long_and_ugly_url.html


As you may have noticed, there are some special characters in the code above. We will explain their meaning below :

^ This is an anchor which denotes that the pattern starts at the beginning of the string. ^new_fancy means that the string must start with 'new_fancy'
\ The backslash escapes a character which has a special meaning. This way, \. means a literal dot (.) character
$ This is an anchor which denotes that the string must end with the specified pattern. This way, html$ means that the rewrite rule applies to new_fancy.html url only


URL rewriting can be used to achieve massive URL reconstruction, especially for dynamic-driven websites with loads of content. For a more detailed tutorial on URL rewriting you may also see this link.

URL redirection

In the case of a website migration to a new domain or a new Content Management System (CMS) a URL redirection is an essential step that helps us maintain the current search engine ranking of the website. URL redirection is also needed to avoid duplicate URL entries, thus further enhancing our website's search engine optimization (SEO). Let's see some examples :

One of the first things you should do upon a website's completion is to decide whether the website will be reached with or without a www prefix on its domain. This is an absolutely essential SEO tip that helps to avoid duplicate search engine results for the same content.

To redirect domain.com to www.domain.com you may use this code :

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www.domain.com$ [NC]
RewriteRule ^(.*)$ http://www.domain.com/$1 [L,R=301]


In case you prefer to redirect www.domain.com to domain.com you may use this code :

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^domain.com$ [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [L,R=301]


For single URL redirection you may use this code :

Redirect 301 ^old\.html$ http://www.yourdomain.com/new.html


Enable gzip compression

This is an essential step to be taken, if you want to optimize your website's performance. In some cases (such as when using the Joomla! CMS) gzip compression can also by enabled in the configuration settings of the CMS, but it's also possible to enable it by using a .htaccess file with the following code :

mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*


Basic user authentication

If you want to password protect a specific directory of your website, the .htaccess file can be a quick and easy solution. First, you will need to create a second file, named '.htpasswd'. This file will contain the user credentials (username and password) for the users to be allowed to access this directory. The password must be in an encrypted form. An easy way to create a .htpasswd file is provided on this link.

After creating the .htpasswd file, you will have to upload to the directory of your choice. Then, you will have to type the following code in your .htaccess file :

AuthName "Restricted Area"
AuthUserFile /full/path/to/password/file/.htpasswd
AuthType Basic
require valid-user


Please note that you will have to provide the full path to your .htpasswd file. Figuring out the complete path to the file might be quite tricky, and in such a case you may use some additional instructions found on this link.

Deny visitors by IP address

As an increased security measure, you may also use the .htaccess file to deny access to certain visitors, by blocking their IP addresses. Just type in the following code to your .htaccess :

order allow,deny
deny from
deny from 123.45.6.
allow from all


With the code above, users from the IP address '' as well as from the IP range '' to '' will be blocked.

Disable directory listings

If you want to disable the listing for a specific directory you may use a .htaccess file with the following code :

IndexIgnore *


To prevent listing multiple file types you may use this code :

IndexIgnore *.zip *.jpg *.gif


Leverage Browser Caching

Another neat way to boost your website's overall performance is by enabling caching on the browser's side. Browser caching can be denoted as "remembering" the resources that a browser has already loaded. Many website performance optimization tools might suggest you to leverage browser caching, in order to optimize your website's speed. Here's how you can do this, by typing the following code at the top of the .htaccess file :

ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType text/html "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 1 month"


The above was just a collection of our own favorite uses of a .htaccess file. You may find even more uses of the .htaccess file in plenty other websites.

We hope you found this tutorial useful and, as always, you 're welcome to leave any comments!

Leave a comment


  • Synchronous learning
  • Asynchronous learning
  • OpenCourses
  • iTeach.gr

Contact Us

Location :

Stratigou Makrigianni 6

Nea Filadelfeia 143 42

Athens Greece

Tel :

(+30) 210 25 10 589

Our social profiles