Basic .htaccess tutorial

.htaccess (distributed configuration files) is a file through which you can configure changes on directory basis. If you don’t have access to the Apache’s main configuration files and “AllowOverride All” is placed on the <Directory> section of your Apache configuration file then you can handle your directory level configuration changes by putting a .htaccess file. It’s a very helpful file for developers. But it’s advisable not to use .htaccess file if you have access to the Apache’s configuration file. It’s slow down the performance of the Apache Web server. In this article I will show you how to use .htaccess file.

How to Enable .htaccess

.htaccess files are basically controlled by AllowOverride directive of the <Directory> section in httpd.conf file. You have to make the value “All” if you find it “None” to enable the .htaccess file.

How to configure custom error page with .htaccess file:

If you want to show your visitor a custom error page if any error occurred like 404 (page not found), 400 (bad request) etc.. etc..

If you want to use a single error page for all type of errors then use the below code.

If you have separate error pages then you can configure them like below code:

Some common errors:

How to configure password protection with .htaccess file:

If you want some directories should not visible to everybody then you can make it protected by using .htaccess. No need to write any complicated codes in the application for this requirement. First we have to create a .htpasswd file which should contains the User Name and encrypted Password for authentication. You can use htpasswd to generate encrypted password for a user name. Or you can use some online tool to accomplish the job.

The file should look like below:

Now write down the below code in your .htaccess file to make the folder private or password protected.

When you try to access the folder which contains the .htaccess file with the above configuration it will ask you for user name and password in a popup.

Also you can pass the username and password like below:

How to stop Directory Index from being shown:

If your site have any directory without a index page then a full listing of the files will displayed while accessing the directory from the browser. It’s a security issue for your site. To prevent it write down the below code in your .htaccess file.

Redirection with htaccess:

There are times when you want to redirect some one from your old page to a new page. Below code will help you in this regard.

If you want a permanent redirection then use the below code

How to Allow or Deny certain IP address to your website:

If you want to block some specific IP address to your website then use the below code.

Alternetively if you want to allow some specific IP address to your website then use the below code.

Also you can use the below codes to allow or deny to all

How to change the default directory page:

If you are using a custom index page ignoring the format written in the Apache configuration then use the below code.

How to block users / site by Referrer

Sometimes we don’t want visitors from a referrer. So add the below code to block the visitors from a bad referrer.

If you want to block from multiple referrer the use the below code.


The following two tabs change content below.

Tapas Mishra

Sr. Engineer (DevOps)
Loves to work on Opensource products. Having experience on Linux environment. Knowledge on Public cloud services like AWS, Rackspace, DigitalOcean, Linode. Please don't hesitate to give a comment on the posts. Your comments are my strength.

Leave a Reply