Support

Find answers, guides, and tutorials to supercharge your content delivery.

Popular .htaccess Examples

Updated on October 4, 2018
Popular .htaccess Examples

What is .htaccess?

The .htaccess file (also known as the Hypertext Access file) is used to define specific configurations for web servers running on Apache. This configuration file affects the directory that it is stored in as well as all subdirectories within that directory. For example, if the .htaccess file is located within your root directory, it will affect the entire site. On the other hand, if the file is located in a specific directory it will only affect that directory and any subdirectories within it.

Some CMS platforms such as WordPress and Drupal also come with .htaccess files to allow you to specify certain configurations that are applicable solely to that site. The .htaccess file can be used to achieve a variety of things including:

  • Performing redirects
  • Customizing error pages
  • Restricting users based on IP
  • Adding MIME types
  • Setting HTTP headers
  • Password protecting certain folders

The .htaccess file can be used to achieve much more, however the above list is amongst the most popular uses of .htaccess. The section below will outline various .htaccess examples and how they can be used within your own site.

.htaccess examples

There are a vast amount of configuration possibilities that can be achieved within the .htaccess file. The list below is a few of the more commonly used examples.

1. Redirect users to a specific error page

Based on the status code that a particular file or page returns, you can redirect the user to a custom error page. The example below shows a few variations that you can use. Each one dependant upon the status code that is returned.

ErrorDocument 403 /forbidden.html
ErrorDocument 404 /notfound.html
ErrorDocument 500 /servererror.html

2. Adding a custom header and value

Custom HTTP headers can also be added via the .htaccess file. There are a few syntax options, such as set which will replace any previous header that has the same name, add which will add the header even if another with the same name exists. Visit Apache's page header guide to learn more.

Header set X-Custom "Custom Value"

In the above example, the X-Custom text corresponds to the HTTP header that will be returned in the HTTP response while the Custom Value text corresponds to the value for this particular header.

3. Blocking users based on IP

For security purposes, you can block users based on their IP within the .htaccess file. In the example below, there are two IPs that are blocked. We can also decide to not include the last digit of the IP address which will result in all IPs that contain the first three digits being blocked.

order allow,deny
deny from 255.x.x.x
deny from 123.x.x.x
allow from all

Blocking referrers, also known as hotlink protection, is a method used to block certain referrers from referencing your website's assets and thus stealing your bandwidth. Use the snippet below to define which domains aren't allowed to refer to your content and thus they will receive a 403 Forbidden error.

RewriteCond %{HTTP_REFERER} unwanteddomain\.com [NC,OR]
RewriteCond %{HTTP_REFERER} unwanteddomain2\.com
RewriteRule .* - [F]

Similar functionality can also be achieved via the KeyCDN dashboard. To learn how to implement hotlink protection in your KeyCDN Zone, visit our Zone Referrers guide.

5. Adding MIME types

MIME types define what a particular file extension refers to. Therefore, it is sometimes required to set this in your .htaccess file to inform the web server what type of file you are referencing. To see a full list of MIME types visit the MIME Types List.

AddType image/gif .gif .GIF

6. Leveraging browser caching

The .htaccess file can also be used to help improve website performance by leveraging browser caching. Each file type can be defined with a particular expires value. You can define a custom list of file types and change each of their expires value, however the following snippet is a good starting point.

## EXPIRES CACHING ##
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access 1 year"
    ExpiresByType image/jpeg "access 1 year"
    ExpiresByType image/gif "access 1 year"
    ExpiresByType image/png "access 1 year"
    ExpiresByType text/css "access 1 month"
    ExpiresByType text/html "access 1 month"
    ExpiresByType application/pdf "access 1 month"
    ExpiresByType text/x-javascript "access 1 month"
    ExpiresByType application/x-shockwave-flash "access 1 month"
    ExpiresByType image/x-icon "access 1 year"
    ExpiresDefault "access 1 month"
</IfModule>
## EXPIRES CACHING ##

7. Enabling Gzip

Enabling Gzip on your origin server helps improve the performance of your assets as they are compressed and thus can be delivered faster. You can define a custom list of MIME types to be Gzipped, however the example below is a good starting point. To learn more about the benefits of Gzip and how it works, read our Enable Gzip Compression article.

<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
    AddOutputFilterByType DEFLATE application/x-font
    AddOutputFilterByType DEFLATE application/x-font-opentype
    AddOutputFilterByType DEFLATE application/x-font-otf
    AddOutputFilterByType DEFLATE application/x-font-truetype
    AddOutputFilterByType DEFLATE application/x-font-ttf
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE font/opentype
    AddOutputFilterByType DEFLATE font/otf
    AddOutputFilterByType DEFLATE font/ttf
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE image/x-icon
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE text/javascript
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/xml
</IfModule>

8. Denying HTTP request methods

There are several HTTP request methods that are used for achieving various outcomes. If there are certain HTTP methods that you do not want a user to employ on your website, you can deny them with .htaccess.

RewriteCond %{REQUEST_METHOD} !^(HEAD|OPTIONS|POST|PUT)
RewriteRule .* - [F]

9. Performing 301 redirects

If you need to perform a 301 redirect for a page that has moved, this can be easily achieved with .htaccess. Simply use the snippet below which takes the first URL (old link) and redirects it to the second URL (new link).

Redirect 301 https://yourwebsite.com/old-page https://yourwebsite.com/new-page

10. Enabling CORS

Enabling CORS is crucial for delivering static assets across various origins. The following snippet can be added to your .htaccess file in order to allow all origins to share resources. Otherwise, if this is not enabled and you origin is requesting resources from another origin, you will receive a CORS error. Read more about CORS in our How to Use CORS article.

<IfModule mod_headers.c>
    <FilesMatch "\.(ttf|ttc|otf|eot|woff|font.css|css|js|gif|png|jpe?g|svg|svgz|ico|webp)$">
        Header set Access-Control-Allow-Origin "*"
    </FilesMatch>
</IfModule>

The above .htaccess examples are a great starting point for those who are not yet familiar with using .htaccess, but still want to perform certain web server configurations. The .htaccess file has the ability to perform an array of tasks and is quite flexible to suit your website's needs. Although these .htaccess examples are a great starting point, you may be looking to perform some more advanced .htaccess configurations. For more on this topic consider checking out AskApache's .htaccess file guide article.

Supercharge your content delivery 🚀

Try KeyCDN with a free 14 day trial, no credit card required.

Get started
KeyCDN uses cookies to make its website easier to use. Learn more