htaccess Tutorial

In this htaccess tutorial tutorial you will find out about the .htaccess file and the power it has to improve your website.

Although .htaccess is only a file, it can change settings on the servers and allow you to do many different things, the most popular being able to have your own custom 404 error pages. .htaccess isn’t difficult to use as it is really just made up of a few simple instructions in a text file.

What is the .htaccess file for?

You may be wondering what the .htaccess can do, or you may have read about some of its uses but don’t realise just how many things you can actually do with it.

There is a huge range of things .htaccess can do including:

  • Password protecting folders;
  • Redirecting users automatically;
  • Custom error pages;
  • Changing your file extensions;
  • Banning users with certain IP addresses;
  • Only allowing users with certain IP addresses;
  • Stopping/allowing directory listings; and
  • Using a different file as the index file to name just a few

Creating an .htaccess File

An .htaccess file is essentially a text file with no file name but an 8 letter file extension. Some earlier systems (e.g. Windows 3.1) made saving this file a bit difficult as it does not comply with the majority of file extension parameters. However, most modern operating systems will have no problems letting you save it. The easiest way is to create a basic text (*.txt) file and when you have finished editing it, simply change its name to:

“.htaccess” – (excluding the quotes and with no characters in front of the dot )

If you run into problems saving the file, you will need to name it something else (e.g. htaccess.txt) and then upload it to the server. Once you have uploaded the file you can then rename it using an FTP program.

Warning – Using With Microsoft FrontPage Extensions

Although using .htaccess on your server is extremely unlikely to cause you any problems (if something is wrong it simply won’t work), you should be wary if you are using the Microsoft FrontPage Extensions. The FrontPage extensions use the .htaccess file so you should not really edit it to add your own information. If you do want to (this is not recommended, but is possible) you should download the .htaccess file from your server first (if it exists) and then add your code to the beginning.

Using Custom Error Pages

The first use of the .htaccess file which I will cover is custom error pages. These will allow you to have your own, personal error pages (for example when a file is not found) instead of using your host’s error pages or having no page. This will make your site seem much more professional in the unlikely event of an error. It will also allow you to create scripts to notify you if there is an error (for example I use a PHP script on Free Webmaster Help to automatically e-mail me when a page is not found).

You can use custom error pages for any error as long as you know its number (like 404 for page not found) by adding the following to your .htaccess file:

ErrorDocument errornumber /file.html

For example if I had the file notfound.html in the root directory of my site and I wanted to use it for a 404 error I would use:

ErrorDocument 404 /notfound.html

If the file is not in the root directory of your site, you just need to put the path to it:

ErrorDocument 500 /errorpages/500.html

These are some of the most common errors:

401 – Authorization Required
400 – Bad request
403 – Forbidden
500 – Internal Server Error
404 – Wrong page

Then, all you need to do is to create a file to display when the error happens and upload it and the .htaccess file.

How To Restrict Directory Access by IP Address using the .htaccess file

This can be a very effective way to protect certain directories on a domain. Any other directory in public_html can be protected in the same way. This method only works if you have a static IP address assigned to you. Anyone attempting to browse such directories using a different IP Address will get a 403 Forbidden error.

    • In the directory you wish to protect, open/create your .htaccess file.
    • Add the following code to this file, replacing in this example with the static IP address you plan to allow:
      Order Deny,Allow
      Deny from all
      Allow from
  • Optional: You can enter partial IP Addresses, such as, 100.100.100. This allows access to a range of addresses.
  • Optional: You can add multiple addresses by separating them with comma’s.,

How To Allow Directory Listings using the .htaccess File

    • In the directory you wish to allow viewers to see a list of its contents, create/open your .htaccess file – you may need to enable “show hidden files” in your ftp client or site editor to see the .htaccess file
    • On a free line type the following command:Options +Indexes
  • Save your .htaccess file and try creating uploading a few files – note: always use dashes or underscores in place of spaces for files being uploaded to the web.

1. We do not recommend doing this on your root directory
2. To remove this capability, either delete the line added or replace the + with a -.

Using A File Other Than The Index.html As Your Home Page

By default the home page of your website is generally the index.html file(or maybe index.php if you’re using a database solution) as this is the file a browser will automatically look for on arrival at your site. However, there may be times where you would like to have your home page set to use another file in your site instead, e.g. home.html.

To do this is quite simple using the .htaccess file and the “redirect 301” command. This form of redirect is commonly used to redirect viewers to a completely different website altogether.

In this example we will redirect to a file called home.html:

    • In the folder that contains the index.html and home.html files, open/create your .htaccess file.
    • At the top of the page enter the following:redirect 301 /index.html
  • Save the .htaccess file and your done.
  • Now test the redirect by entering the domain name into the address bar of your browser and hit go/enter. If the redirect is working properly, the address displayed should change to and display your home page.

Redirecting A Parked Domain To Your Main Domain Using The .htaccess File

Having multiple domains for the same site is now quite common. To add them to a site most people use the ‘Parked Domain” function so anyone who types them in will see your main site. However, from a search engine optimisation point of view this is not the best thing to do.

With a search engine like Google for example, you may loose ranking status for having duplicate versions of your site online. When Google searches it sees your sites content attached to number of domains and basically counts this as a form of content spamming, instantly decreasing your possible ranking status. And the more parked domains you have, the bigger the impact on your rankings.

If you’re hosted on an Apache powered server however, this negative effect of parking domains can be avoided by using the servers mod rewrite function. The bonus of this method is that the redirect will also be telling the search engines that any previously indexed information has simply been moved to your main site and has not disappeared. This will mean you won’t lose any ranking status already applied to any particular page in your site.

To perform this redirect place the following code into the .htaccess file in your root folder:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^$
RewriteRule ^(.*)$$1 [R=301,L]

If you have multiple parked domains or want to always remove the “www.” you simply repeat the “RewriteCond” line for each parked domain with and without the www:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^$ [OR] RewriteCond %{HTTP_HOST} ^$ [OR] RewriteCond %{HTTP_HOST} ^$ [OR] RewriteCond %{HTTP_HOST} ^$
RewriteRule ^(.*)$$1 [R=301,L]

Step by step htaccess tutorial

The .htaccess file is a configuration file used by Apache-based web servers that allows you to customize server behavior for specific directories. It can override many server configuration settings and can be used for authorization, cache control, URL redirection, and more.

This tutorial provides an overview of some common uses of .htaccess.

1. Creating a .htaccess file:

If you don’t have a .htaccess file already:

  • Connect to your server using FTP or cPanel’s File Manager.
  • Create a new file named .htaccess (the dot at the beginning is essential).
  • Upload it to the root directory of your website.

2. Basic Redirection:

Redirect a single page:

Redirect 301 /oldpage.html /newpage.html

Redirect an entire domain:

Redirect 301 /

3. Custom Error Pages:

Direct users to a custom error page, like a personalized 404 error page:

ErrorDocument 404 /404.html

4. Deny/Allow Access:

Deny access to everyone:

Deny from all

Allow only specific IP addresses:

Order Deny,Allow
Deny from all
Allow from

5. Password Protect Directories:

First, create a .htpasswd file (this can be outside the public_html for better security). The contents should be:


The password should be encrypted. Many online tools can generate this for you.

Then in your .htaccess file:

AuthType Basic
AuthName "Protected Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

6. Rewrite URLs (mod_rewrite):

Enable the rewrite engine:

RewriteEngine On

Example: Turn dynamic URLs into clean, readable URLs:

RewriteRule ^product/([0-9]+)/$ /product.php?id=$1

This would convert into

7. Prevent Directory Listing:

To prevent users from viewing lists of files in a directory:

Options -Indexes

8. Force HTTPS:

If you have an SSL certificate, ensure all visitors use HTTPS:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

9. Set default charset:

To set the default character set:

AddDefaultCharset UTF-8

10. Reduce Server Load with Caching:

Enable browser caching for static assets:

<FilesMatch "\.(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"

This sets images to cache for one week.


Always be cautious when editing the .htaccess file. Incorrect settings can make your website inaccessible. Always take a backup before making changes, and if you’re unsure about a directive, consult the Apache documentation or other reliable resources.

Previous Post
Keeping your Linux server up to date
Next Post
How to install WAMP

Get Online Today!


Your perfect domain name is waiting!

Search our huge portfolio for more domain name extensions and pricing below
domain name extensions

Classic Domain Names

.COM | .AU | .CO | .NET | .BIZ | .ME | .EU | .ASIA | .TV | .MOBI | .NAME | .INFO | .ORG | .US | .NL| .FM | .HK | .ES | .CO.NZ | .DE | .CO.UK | .RU | .IM | .PM | .TW | .FR | .CN | .CA | .CH | .VN | .PL | .IL | .JP | .KR |