What is an htaccess file?
This is a special file (starting with a dot) in which you can add specific directives such as :
- Performing redirections,
- Add entries for the cache,
- Create address rewriting rules,
- Modify PHP settings on your account,
- Perform an authentication (with the
- Modify PHP properties (if PHP is executed in Apache module),
- Manage access (restrict, block totally..., for IP addresses, force the use of identifiers...) to a file and/or folder, to a URL,
- And many other features that we will not mention in this article which aims at an advanced and not expert use of the htaccess file.
.htaccess only changes the behavior of the directory (and subdirectories) where it is located, it is possible to put a file in a subdirectory that overrides or sets different rules than the one in the parent directory.
This configuration file of Apache, allows to define rules for directories of the web site. It is generally used to set up :
- access rights
- personalized error messages
In this article we present some guidelines to help our subscribers understand the mechanism of this file.
Note that this help link is not a reference for expert use of htaccess.
Call a custom error page
First, you can block or allow access to your website for specific IP addresses and/or domains.
To do this, you must first create a .htaccess in the root folder of your website (/www/monsite/ for example) and add the following directives:
Blocking by IP address
Blocking by domain
Authorize a domain
Authorize and block
Prevent directory listing
First of all, add the following line to an .htaccess file in the directory in question: You must add lines of this type to an .htaccess file:
Forbidding a directory to everyone
First, enter this line in the .htaccess file of the directory in question:
Create a secure authentication
In order to set up secure authentication to access a directory, please follow these steps first:
- First, generate a encrypted password
- Secondly, copy the login/password pair obtained in a file named .htpasswd
- Lastly, create an .htaccess file in the directory to be protected and write the following content in it (to be adapted according to your needs):
- AuthName Set the text that will be displayed in the authentication window.
- AuthUserFile : contains the path to the file .htpasswd. Please note that you have to enter the absolute path to the file.
Redirect http to https
First of all, indicate the following lines at the beginning of your site's .htaccess file so that the http flow is automatically redirected to https :
Then contact your webmaster before adding this redirection if you use a CMS (WordPress, Drupal, Joomla, other) that will avoid creating loops of redirections that jeopardize the proper functioning of your website.