The hypertext access file (commonly known as a .htaccess file) is a reliable configuration file that offers an easy way to set up your website’s details without having to modify the configuration files for your server. The file overrides many configuration settings making it an ideal tool for cache control, authorization, URL rewriting, and website optimization.
The file is unique because it starts with a dot. The dot means the .htaccess file is hidden in some FTP programs and it's not possible to edit the file without renaming it. This file can be created in any text editor and then uploaded to a website via an FTP client.
This file is incredibly useful and can deliver significant improvement to your site performance. However, there are a few things to consider, before making use of the .htaccess file. This include:
It impacts server speed
The .htaccess file may cause an indiscernible change in the server speed. As a result, you should not use the .htaccess file especially if you’ve access to the main server configuration file; httpd.conf.
If you use the AllowOveride directive to permit the .htaccess file then Apache web server will search for this file every time a request is made. Besides, the web server (Apache) scans the entire directory tree to pinpoint other .htaccess files above the location of this file to establish which directive has precedence. This ends up slowing down the Apache HTTP server.
If you permit users to alter your server configuration file using the .htaccess, then it may cause security issues especially when handled haphazardly.
With that in mind, lets now focus on the basics of .htaccess file:
Creating a .htaccess File
As aforementioned the .htaccess file can be created via any text editor and then uploaded to your website via an FTP client. Alternatively, run the command below to create this file in the terminal:
$ sudo nano /var/www/example.com/.htaccess
Activating the .htaccess File
Once the .htacccess file is created, it's not automatically activated. You will have to modify the Apache host configuration file to enable the newly created .htaccess file. Here, you require the access to your server settings to modify the configuration and permit .htaccess file to overrule the standard website’s configuration.
First, execute the command below to open the host configuration file for Apache2:
Note: You need sudo permissions to accomplish this
$ sudo nano /etc/apache2/sites-available/default
Once the configuration file is opened, locate the section below:
<Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory>
Change the value of AllowOverride from none to all.
<Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverrideAll Order allow,deny allow from all </Directory>
Save the file and exit your text editor. Now, run the command below to restart your Apache services:
$ sudo service apache2 restart
Using The .htacces File
The .htaccess file has a number of uses including:
One of the main use of the .htaccess file is enabling web redirects. Redirects make it easy to direct web traffic from a document to another within your website. For instance, if you have moved a website page and want your visitors to use the old link to access the content in the new location, then the .htaccess can be of great help.
To configure redirects using the .htaccess file, add the following line to this file.
Redirect /old_dir/ http://www.hostadvice.com/new_dir/index.html
This command above instructs Apache web server to display a document in ‘new_dir’ every time a visitor requests for a document in the old directory; ‘old_dir’.
Custom Error Page
In addition, the .htaccess file can be used to customize error pages such as 400 Bad Request, 401 Authorization Required, 404 File not Found, 403 Forbidden Page, and 500 Internal Error. Customizing your error pages offers a seamless experience to all visitors and provides in-depth information more than the details provided by the default error page.
It's easy to customize error pages because they are HTML documents which means you can add and display whatever details you wish. For instance, to create a 401, 404, and 500 error pages, add the text below to your .htaccess file:
ErrorDocument 401 /error_pages/401.html ErrorDocument 404 /error_pages/404.html ErrorDocument 500 /error_pages/500.html
Feel free to customize these pages with content that delivers the desired message to your website visitors.
Apache web server searches for error pages within your website’s root. If you store any new error page (for instance, 404 error page) in a subdirectory that is deeper in the directory tree, you should include a line to capture this detail:
ErrorDocument 404 /error_pages/new404.html
Better still, the .htaccess file offers an incredible authentication and password protection systems. Passwords for .htaccess are stored in the file; .htpasswd. Create this file and save it anywhere and not in the web directory (for security reasons).
Write all the usernames and passwords of all the authorized users to be given permission to view some of the protected sections of your website. Once, you create all the passwords and usernames, add the code below into your .htaccess file to activate the password function.
AuthUserFile /usr/local/username/safedirectory/.htpasswd AuthGroupFile /dev/null AuthName "Please Enter Password" AuthType Basic Require valid-user
Server Side Includes (SSI)
SSI offers a great way to save time when performing basic website setup. For example, they permit you to update multiple pages featuring critical data all at once.
To activate the Server Side Includes, add the code below to the .htaccess file:
AddType text/html .shtml AddHandler server-parsed .shtml
This first line tells .htaccess that the .shtml files are authentic, whereas the second line instructs the server to parse files ending with .shtml for every Server Side Includes command.
The .htaccess file delivers unprecedented flexibility to help you configure your websites. This was a summary of the things you can do with this file, you can explore further options and learn how to use .htaccess.