There’s a lot that you can do with an htaccess file, and of course, things can get pretty advanced in a hurry. Here, we’re going to keep things pretty simple. These are the 10 basic htaccess hacks that every webmaster should know.
1. Force Caching with htaccess
Use: The following htaccess code won’t help the initial pageload, but it will significantly help subsequent pageloads by sending 304 status when requested elements haven’t been modified.
FileETag MTime Size ExpiresActive on ExpiresDefault "access plus x seconds"
I generally set the cache for one day (86400 seconds). You can also set different expirations for each file type by breaking each file type up into separate ExpiresByType lines such as:
ExpiresByType image/gif "access plus x seconds" ExpiresByType text/css "access plus x seconds"
2. Set a Custom 404 Page with htaccess
Use: I think this one is self explantatory. Just change ‘/notfound.html’ to match the path to your custom 404 page.
ErrorDocument 404 /notfound.html
3. Implement a 301 Redirect with htaccess
Use: If you have permanently changed the URL structure on your site (via either optimization change or CMS migration), you will want to implement 301 redirects from the old URL to the new URL.
The syntax for a basic 301 redirect is:
Redirect 301 relative/path/to/oldurl/ http://www.domain.com/newurl/
The first URL should be a relative path to the old URL and the second one should be an absolute path to the new URL.
4. Only allow specific IP addresses in certain directories
This is especially useful for admin directories. I generally set my home IP and work IP as the only allowable IPs who can even attempt a login. Unlike other .htaccess hacks, this one doesn’t work from the root folder. You will need to create a new .htaccess file, put the following code in it, and upload it to your admin directory (that’s wp-admin if you’re using WordPress).
order deny, allow deny from all allow from xx.xx.xx.xx
To allow a second IP, just add another ‘allow from’ line.
5. Prevent Image Hot Linking with htaccess
Removed. Here is a MUCH better way to go about this thanks to Maurizio Petrone
6. Enable gzip with htaccess
Gzip is a means of compressing the files on your server so they will load faster. To enable gzip, just
7. Remove ‘category’ from a URL with htaccess
Many content management sytems use the ‘category’ URL segment. For instance:
Well, that’s fine, and it’s necessary to make the CMS work the way it’s supposed to, but it doesn’t need to be visible to do its job in some cases. Just drop the following code into your htaccess file to get rid of it.
RewriteRule ^category/(.+)$ http://www.yourdomain.com/$1 [R=301,L]
8. Define any page as the home page with htaccess
You can set any page as the homepage by adding the following to the htaccess file in your root directory.
9. Disable Directory Browsing
You want to keep people out of any directories that might reveal security weaknesses — for instance, plugin directories.
You can block vistors from browsing the directories by adding the following line to the htaccess file in the directory you’d like to block:
Options All -Indexes
10. Protect your htaccess file
Lastly, you want to protect your htaccess file. Hopefully your host has protected it for you, but you can’t be too safe with these things. The following hack will prevent anybody from accessing your htaccess:
<Files .htaccess> order allow,deny deny from all </Files>
Are there any useful htaccess hacks I’ve left out? Let me know!