.htaccess files provides us with ways to make configuration changes on a per-directory basis. This file works well in Apache Web Server and on Linux/Unix. Also, it works on Windows based system with Apache Web server.
There are several things that developers, site owners and webmasters can do by using .htaccess file. Let’s look at some of them:
- Prevent directory browsing
- Redirect visitors from one page or directory to another
- Password protection for directories
- Change the default index page of a directory
- Prevent hot-linking of images from your website
Since .htaccess file allows us to make changes on a per-directory basis, the following are valid places to put the .htaccess file in:
/.htaccess [placing in root folder of the site]
/content/.htaccess [placing in content folder]
/content/html/images/.htaccess [in the images folder]
Any command that you place in .htaccess file will affect it’s current directory where it is placed and also it’s sub-directories. You may put a .htaccess file in the root folder such that it will affect the whole site.
Make a backup of your .htaccess file [if you have any] before you attempt any of the settings mentioned in this article. I must not be held responsible for any consequences that arises due to editing your .htaccess file.
Working with .htaccess files
For creating and editing purpose, a normal text editor such as notepad will do. Alternatively, you can download a free copy of PSPad for easy editing. To be able to see files in your FTP software, you must enable settings in your FTP client to see hidden files on the remote server [applicable to your system as well]. When done editing, you can save the file with double quotes in windows. [Save file as “.htaccess”]. This will save the file as .htaccess and will not prompt you for a file name as such. I think you have quite understood these instructions. Let’s move on to some common examples and usages of .htaccess file.
Allow/Deny Directory browsing
With directory browsing on, people when open a URL from your site with no index page or no pages at all, will see all it’s files and folders. To prevent such directory viewing, just place the following line in your .htaccess file.
IndexIgnore */*
Many hosting companies, by default deny directory browsing and having said that, just in case you need to enable directory browsing, place the following line in your .htaccess file.
Options +Indexes
Redirect visitors from one page or directory to another
It’s quite simple. Look at the example lines below and place similar lines in your .htaccess file of the root folder and it will do the rest. [Remember to use permanent keyword in the line to tell the search engines that the old link has moved to the new link]
Syntax: Redirect permanent [old directory or file name][space][new directory or file name]
Redirect permanent /olddirectory /newdirectory
Redirect permanent /olddirectory /somedirectory/newdirectory
Redirect permanent /oldhtmlfile.htm /newhtmlfile.htm
Redirect permanent /oldhtmlfile.htm http://your-domain.com/newhtmlfile.htm
All the above lines are valid. Just remember to replace the file/directory names with actual ones.
Change the default index page of a directory or site
Almost every hosting company will have index.htm, index.html, index.php, index.asp, default.asp, default.html as the default index page names in their web server settings. So, in case your site or directory does not has a file name which matches a name from the list above, chances are that your visitors will either see a list of all the files and folders [through directory browsing] or will not see anything at all. To change the default index page’s name for a directory or the site, place the following line in the .htaccess file of the root folder or the particular directory for which you want to change the index page’s name.
DirectoryIndex homepage.htm
DirectoryIndex somepage.htm
To have more names, put a space between file names and it will take into considerations all those file names as possible index page names. Which means, if it finds a filename matching a list of names you supplied [in the given order] in .htaccess, then it will open that page as the index page for the directory. The below line, with multiple names, is also a valid usage:
DirectoryIndex homapage.html somepage.html myindexpage.html anything.html
Remember, each entry must be in one line only.
Prevening hot-linking of images from your website
If your website contains images which people from other websites are linking to and you get charged for the extra bandwidth, then placing the following lines will prevent any such image hot-linking. Most of the hosting companies provide this feature in their control panel itself, such as CPanel. This trick requires mod_rewrite engine to be on in Apache on your web server.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?your-domain.com/.*$ [NC]
RewriteRule .(gif|jpg)$ - [F]
In the above code, replace [your-domain] with your actual domain name [without www]
Prevent access to your .htaccess file
This article would have remained incomplete without mentioning this trick. To prevent visitors from viewing your .htaccess file, place the following lines in your file.
<Files .htaccess>
order allow,deny
deny from all
</Files>
More information and detailed documentation, visit Apache website.
Get more information
Can't find what you're looking for? Try Google Search!