How to use .htaccess file on apache server?

htaccess(Hypertext Access) is a configurational file used on the webserver that runs on Apache. .htaccess file is used to enable/disable additional functions and features and is executed beforehand if found inside the directory.

In this article, we are going to learn about the .htaccess file and how can we make the website secure, rewrite the URL into a readable format, HTTPS redirection, and many more.

Creating .htaccess file

To create a .htaccess file, firstly open any text editor like notepad and save it as .htaccess name only(without .txt extension). So, now you are ready to add configuration content on the .htaccess file. You can download a sample of the .htaccess file by clicking on the download button below. After downloading rename it to .htaccess and put it in your root folder to watch it in action.

Hiding .php extension from url

We can rewrite a .php url to a non-PHP url like if you have a url like https://yoursite.com/abc.php, then after rewriting we can access that web page using https://yoursite.com/abc. The benefit of doing so is that it makes our url look cool and our visitors are not able to get the real language running behind the webpage. We can hide .php extensions of our url by adding the following code in our .htaccess file.

RewriteEngine on RewriteRule ^(.*)$ $1.php

We can also rewrite index.php to index.html,index.asp e.t.c. Add following code to .htaccess file in order to rewrite .php files to .html:

RewriteEngine on RewriteRule ^(.*).html$ $1.php

Redirecting HTTP to HTTPS

You can redirect our non-HTTPS url to an HTTPS url if the SSL certificate for your website is installed/enabled. To do  so add the code below into your .htaccess file:

RewriteCond %{HTTP_HOST} ^7topics.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://7topics.com/$1 [R,L]

Redirecting www URL to non-www URL

We can also redirect our url from www to a non-www url using the .htaccess file. First of all the necessity of doing so is to transfer traffic from www to non-www url and saving our pages getting marked as duplicate as if search engine find same content at two different url(www & non-www), then it is marked as duplicated. For example, if you access https://www.7topics.com from the browser’s url field it will be automatically redirected to https://7topics.com. Add the following code to your .htaccess file:

RewriteCond %{HTTP_HOST} www.7topics.com
RewriteRule (.*) http://7topics.com/$1 [R=301,L]

if you have SSL enabled on your domain then put the below code in your .htaccess file instead of the above code:

RewriteCond %{HTTP_HOST} www.7topics.com
RewriteRule (.*) https://7topics.com/$1 [R=301,L]

Disable Directory ListingBy default directory listing look something like this:

The above default listing exposes all files under the directory. To disable the same add the below code in your .htaccess file:

# Disable Directory Browsing
Options All -Indexes

The above code will make the index listing forbidden.

Custom Error Pages

You can also add custom pages replacing the default error page document. Put the below code into your .htaccess file:

ErrorDocument 400 http://yoursite.com/error_400.html
ErrorDocument 401 http://yoursite.com/error_401.html
ErrorDocument 403 http://yoursite.com/error_403.html
ErrorDocument 404 http://yoursite.com/error_404.html
ErrorDocument 500 http://yoursite.com/error_500.html

User-friendly url rewriting

First of all, to enable url rewriting, we need to make RewriteEngine On, for the same paste below code in your .htacces file:

RewriteEngine on

We can make our url look user friendly by rewriting url like ”https://site.com/profile.php?username=rahul” to ”https://site.com/rahul”. Put the code below into .htaccess code to enable same for your pages:

RewriteRule ^([a-zA-Z0-9_-]+)$ profile.php?username=$1
RewriteRule ^([a-zA-Z0-9_-]+)/$ profile.php?username=$1

Similar to above we can also rewrite https://yoursite.com/abc.php?value=xyz
to
https://yoursite.com/abc/xyz   using code below:

RewriteRule ^abc/([a-zA-Z0-9_-]+)$ abc.php?value=$1
RewriteRule ^abc/([a-zA-Z0-9_-]+)/$ abc.php?value=$1

Password protect directory

We can also set passwords to any folder using the .htaccess file. For example, If you have your personal file in folder name as ‘secure’ inside your root directory. Then firstly create a file ‘.htpasswd’ in any directory something like ‘/pass/file’ and store your password in it. Then create a .htaccess file inside the secure folder and put the below code in your .htaccess file:

AuthName "secure"
AuthUserFile /pass/file/.htpasswd
AuthType Basic require valid-user​

and add username and password to .htpasswd in the following format:

username:password

Here in the above code replace username and password with your real username and password that you want to set as folder credential. 

You can download a sample .htaccess script from below:

Download

Well, friends, I hope this article helped you in learning the use of the .htaccess file. For any doubts or any request, you can put your important feedback below in the comment box.