Htaccess file - how to create a .htaccess file instruction for beginners

Listen to this article

htaccess file - how to create a .htaccess file for a beginner? The .htaccess file, as a rule, has only the extension under Unix - systems. And it benefits sites running the Apache server.

Htaccess has a set of rules for a specific site on the server. The file controls many configuration options for the Apache web server. Apache is a widely used server software for cross-platform operating systems.

While the syntax it uses can be a bit confusing at first, this .htaccess file can do a lot of useful things. Some of its features include redirection, password protection, access restriction based on certain conditions, and more. In this post, we'll look at how to create and configure an .htaccess file and implement some of the most common uses for it.

The content of the article:

• Instructions for creating a .htaccess file
• A simple page redirect example
• An example of creating an error document in .htaccess
• Example password protection in .htaccess
• How to block visitors by IP address
• Example rules contained in my .htaccess file
• Customization Features and Common Mistakes
• What impact does it have on the site

Instructions for creating a .htaccess file

htaccess is commonly known as a "dot file" because it starts with a dot. Dot files are almost always a configuration file. Such files may be for an operating system or a piece of software. By default, the operating system hides dot files in search windows or any system file manager. Usually, you need to select the "Show hidden files" option in your operating system's settings. Or you can use the command to list all files on the command line. ls-a

There can be several similar files on the server, and each file always works recursively. This means that each file will affect the directory it is in, as well as all files and subdirectories.

1. In order to create this file, it is enough to use any available text editor (for example, notepad).
2. Name (.htaccess) - without quotes and other things.
3. We save the file.
4. Then we transfer it to your server (hosting) using an FTP client, necessarily in the root directory of the site. You must transmit in ASCII mode. By default, most FTP clients will transfer data using a mode that is inefficient for transferring dot files. Your FTP client should be able to set the transfer mode. BINARY
5. Then you can edit it as you like, but be sure to update the version of the file on the server (hosting). If for some reason it seems that the rules have not taken effect, it may be due to incorrect file permissions. The .htaccess file permissions should be set to 755. Your FTP client should have a "File permissions" option. In addition, you can run the command in the terminal .chmod 755 .htaccess (it is better to specify the full address before the file).

A simple page redirect example

One of the main popular rules in .htaccess is page redirection. You can route from any relative path in your site director. You can also redirect the page either to an absolute path on your site, or to any other place on the Internet. The basic syntax to use in your file is:

Redirect /directory_to_redirect_from/ https://mysite.com/new_directory/index.html

You must always use a relative path as the source directory. The absolute path must be the directory to redirect to.

An example of creating an error document in .htaccess

Creating custom error pages is very useful as it allows you to show your website visitors a friendly error message, for example, if a URL on your website doesn't work. This avoids the unfriendly "404 File Not Found" error and allows you to display a friendly error, explaining possible solutions and guiding the visitor back to your website content rather than leaving them frustrated and lost.

To set up custom error documents, create an .htaccess file following the basic instructions and guidelines, which include the following text:

ErrorDocument 404 /error_pages/404.html

The above line tells the Apache web server to render the document located at /error_pages/404.html (under your domain name/website address) whenever a 404 (file not found) error occurs.

In this example, we have assumed that you created an error document and named it "404.html" and placed it in a directory named "error_pages" under your domain name. For example, http://www.yourdomain.com/error_pages/404.html.

The 404.html document is a regular HTML document like others on your website and can display any content you want, however we recommend that you include a "File not found" message.

To set up additional error documents, such as 401 Unauthorized, 403 Forbidden, and 500 Internal Server error messages, create an htaccess file (dot) following the basic instructions and guidelines, which include the following text:

ErrorDocument 401 /error_pages/401.html ErrorDocument 404 /error_pages/404.html ErrorDocument 500 /error_pages/500.html

Example password protection in .htaccess

The password protection and authentication systems offered by the Apache web server are probably the most important use of .htaccess files. Very easily, we can password protect a directory (or several) of a website that require a username and password to access. The login procedure for these secure directories is automatically handled by the web browser using a pop-up login interface (you've probably seen it before). Passwords are also encrypted using one of the best encryption methods available, which keeps your login credentials secure.

First, decide which directory you want to password protect (note that all files and subdirectories in the directory will be password protected), then create an .htaccess file following the basic instructions and guidelines, which include the following text:

AuthName "Member's Area Name" AuthUserFile /path/to/password/file/.htpasswd AuthType Basic Require valid-user

The first line tells the Apache web server that the safe directory is named "User Zone Name", which will be displayed when the login prompt pops up. The second line specifies the location of the password file. The third line indicates the type of authentication, in this example we are using "Basic" because we are using HTTP basic authentication, and finally the fourth line indicates that we require valid login credentials, this line can also be used to specify a specific username, such as "require username username" will require the username "username".

You would use this if you were password protecting the admin area rather than setting up a password protected public directory.

The location of the password file can be anywhere on your web server, "/location/of/password/file/" should be replaced with the full/absolute path to the directory containing the password file and the ".htpasswd" file. should exist, but you can call it whatever you like.

We use the filename ".htpasswd" because the server will recognize the filename and hide it from visitors. Note that some servers require the password file to be in the same directory as the .htaccess file. It is also important to use the full/absolute server path for the location of the password file, a relative path or any variation of the URL will not work.

The password file will contain something similar to the following text:

username:encryptedpassword fred_smith:oCF9Pam/MXJg2

Now you can't just come up with a password, on Unix/Linux servers they have to be encrypted by the server, on Windows servers you just use a plain text password as Windows doesn't offer any encryption methods. You can have any number of user entries in the password file, one account per line, separating the username and password with a colon. If you do not have access to the server, ask your service provider to enable this feature. Please, the control panel has this feature built in.

How to block visitors by IP address

The visitor blocking tools offered by the Apache web server allow us to deny access to certain visitors or allow access to certain visitors. This is extremely useful for blocking unwanted visitors or for allowing the website owner to access only certain sections of the website, such as the administration area.

To set up visitor restrictions and blocking, create an .htaccess file following the basic instructions and guidelines, which include the following text:

order allow,deny deny from 255.0.0.0 deny from 123.45.6. allow from all

The above lines tell the Apache web server to block visitors from the IP addresses "255.0.0.0" and "123.45.6.", note that the second IP address is missing the fourth set of numbers, this means any IP address that matches the first one. three sets of numbers will be blocked, for example, "123.45.6.10" and "123.45.6.255".

To set up blocking all visitors except yourself, create an .htaccess file following the basic instructions and guidelines, which include the following text:

order allow,deny allow from 255.0.0.0 deny from all

The lines above tell the Apache web server to block all visitors except those with the IP address "255.0.0.0", which you should replace with your own IP address.

You can add any number of "deny from" and "allow from" entries after "order allow, deny". Notice the change from "allow from everyone" to "deny from everyone" on the bottom line, this is important and should be changed depending on your requirements. If you want to allow your visitors access, you should use "allow from everyone" and place the "deny from" lines above.

Blocked visitors will be shown the error message "403 Forbidden".

Example rules contained in my .htaccess file

# AMPFORWPLBROWSERCSTART Browser Caching - amp hashing on the browser side.

ExpiresActive On AddType application/vnd.ms-fontobject .eot AddType application/x-font-ttf .ttf AddType application/x-font-opentype .otf AddType application/x-font-woff .woff AddType image/svg+xml .svg ExpiresByType application/vnd.ms-fontobject "access 1 year" ExpiresByType application/x-font-ttf "access 1 year" ExpiresByType application/x-font-opentype "access 1 year" ExpiresByType application/x-font-woff "access 1 year" ExpiresByType image/svg+xml "access 1 year" ExpiresByType image/webp "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType image/x-icon "access 1 year" ExpiresByType text/css "access 3 month" ExpiresByType text/javascript "access 3 month" ExpiresByType application/javascript "access 3 month" ExpiresByType application/x -javascript "access 3 month" ExpiresByType application/xhtml-xml "access 3 month" ExpiresByType application/pdf "access 3 month" ExpiresByType application/x-shockwave-flash "access 3 month"

# BEGIN GZIP COMPRESSION - gzip compression

mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file \.(html?|txt|css|js|php|pl) item_exclude mime ^image /.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*

# Remove browser bugs (only needed for really old browsers)

BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html Header append Vary User-Agent

# Compress HTML, CSS, JavaScript, Text, XML and fonts

AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-ot f AddOutputFilterByType DEFLATE application/ x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE font/otf AddOutputF ilterByType DEFLATE font/ttf AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/xml

# Prevent HTTP Vary headers from being returned to MSIE family browsers

BrowserMatch "MSIE" force-no-vary BrowserMatch "Mozilla/4.[0-9]{2}" force-no-vary

# Hide server signature

ServerSignature Off

# Disable left bots

SetEnvIfNoCase User-Agent “^Missigua Locator” bad_bot #SetEnvIfNoCase User-Agent “^PEAR HTTP_Request class” bad_bot SetEnvIfNoCase User-Agent “^Java/1.4.1” bad_bot SetEnvIfNoCase User-Agent “^Java/1.5.0” bad_bot SetEnvIfNoCase User- Agent “^psycheclone” bad_bot SetEnvIfNoCase User-Agent “^WEP Search 00” bad_bot SetEnvIfNoCase User-Agent “^FlashGet” bad_bot SetEnvIfNoCase User-Agent “^GetRight” bad_bot SetEnvIfNoCase User-Agent “^GetWeb!” bad_bot SetEnvIfNoCase User-Agent “^Go!Zilla” bad_bot SetEnvIfNoCase User-Agent “^httplib” bad_bot SetEnvIfNoCase User-Agent “^Indy Library” bad_bot SetEnvIfNoCase User-Agent “^InfoNaviRobot” bad_bot SetEnvIfNoCase User-Agent “^InterGET” bad_bot SetEnvIfNoCase User-Agent “^Internet Ninja” bad_bot SetEnvIfNoCase User-Agent “^LexiBot” bad_bot SetEnvIfNoCase User-Agent “^libWeb/clsHTTP” bad_bot SetEnvIfNoCase User-Agent “^libwww” bad_bot SetEnvIfNoCase User-Agent “^libwww-perl” bad_bot SetEnvIfNoCase User-Agent “^LinkextractorPro” bad_bot SetEnvIfNoCase User-Agent “^Mozilla.*NEWT” bad_bot SetEnvIfNoCase User-Agent “^Octopus” bad_bot SetEnvIfNoCase User-Agent “^ProWebWalker” bad_bot SetEnvIfNoCase User-Agent “^SuperBot” bad_bot SetEnvIfNoCase User- Agent “^WebAuto” bad_bot SetEnvIfNoCase User-Agent “^Wells Search II” bad_bot SetEnvIfNoCase User-Agent “^Wget” bad_bot SetEnvIfNoCase User-Agent “^wget” bad_bot

I gave a minimum of rules that are contained in my file.

.htaccess File Customization Features and Common Mistakes

That's right, this file most often causes a banal server error 500 Internal Server Error. You must edit the file very carefully and follow the following rules:

• Always save a working copy of the .htaccess file before editing.
• Never introduce new rules to a production site without first reviewing the file.
• The encoding is usually UTF-8.
• Each rule must be written on a new line.
• Those instructions that are not processed by the Apache server are excluded - they immediately cause a server error.
• You cannot write several instructions on one line - you will get a 500 error.
• Be careful - an extra space or character can lead to an error.

What effect does the .htaccess file have on the site

As a rule, thanks to this file, you can perfectly optimize the site for search engines. Here's what he can do:

1. Setting up a 301 redirect on the site (the most common rule). Can be used for the necessary tasks.
2. Site hashing settings on the server side.
3. Enabling gzip compression (short for GNU Zip) - file compression on the server side.
4. Ensure site protection: blocking ip addresses, bans, etc.
5. Specify the required amount of allocated memory for the site.

This is the minimum available functionality for this file. The main thing is to follow all these recommendations correctly. In the following articles, I will try to describe some of the rules for this file, and we will also learn what a robots.txt file is and how to add a sitemap to search engines.

Reading this article:

• Caching site pages using .htaccess - Cache
• Website HTML code optimization - cleaning, compression, error correction

Thanks for reading: SEO HELPER | NICOLA.TOP