What can you do with an .htaccess file?

use the htcaccess file

Many people will have come across .htaccess files in their web hosting root directories. Many files in a root directory should not be touched, however the .htaccess files are an exception for advanced users. They can be extremely useful and enhance your website, in the right hands.

So, what is an .htaccess file and what can it actually do?

Accessing your .htaccess file

As you research the various web hosting options available you will notice that the best hosting accounts offer access via cPanel hosting. This is the safest way in which to access your .htaccess file by simply clicking on the file icon, locating the .htaccess file in the root directory and using the on-screen editor. CPanel hosting offers a whole array of different options but for many it is the simple access to files and the on-screen editor which makes the difference.

It is worth noting that this particular file can be extremely powerful if used correctly but if it falls into the wrong hands it could ruin your website. Hackers would be able to redirect traffic away from your website, introduce an array of mod rewrites and other potentially damaging instructions. As a consequence, it is worth researching the best hosting accounts available whether a shared hosting, VPS hosting or dedicated hosting account.  Security is very important.

What is the .htaccess file?

When you set up a website, either manually or through software such as websitebuilder, the .htaccess file is created as standard in the root directory. This is exactly the same whether using a shared host, VPS hosting or a dedicated server. It may look like a relatively innocuous file but in the right hands it is very useful.

6 Common uses for the .htaccess file

1. Mod_Rewrite

This is a very interesting option which on the surface may seem purely cosmetic but it can be useful for your visitors. In basic terms it allows you to rewrite how an individual webpage URL will look to the end user. Let us say for example you have an e-commerce system which creates a basic product URL such as:

www.monsterhost.com/show_a_product.php?product _id=7

This is perfectly fine as it relates to ID product number seven which will be in a database on your website. In this instance we will assume that the product is a lemon scented candle. However, would it not be better if the URL was rewritten as:-


So, the .htaccess file allows the original URL to be rewritten as a more descriptive URL even though in theory that pages not exist. The Mod_Rewrite will display the information from the original page, show the adapted URL and the visitor will be none the wiser. There are many other uses of this particular command but this will give you an idea of the potential.

2. Physical redirects

When it comes to customer experience and SEO there is nothing worse than a page which is missing and an error notice appearing on your screen. It makes your site look unprofessional and the search engines do not look on this very favourably. As a consequence, the redirect option in the .htaccess file is extremely powerful and can actually protect/enhance the power and rankings of your website. We will give you a couple of examples:-

Error messages

There are various error messages which you might come across such as:-

404 page not found

If you were to come across this on a website it does not look good. So, the best thing to do is use the .htaccess file to redirect different types of errors to specific pages. For example this code would redirect all 404 page not found errors to a specific page of your choice:-

ErrorDocument 404 /productnotavailable.html

So, for every 404 page not found error on your website the visitor would be redirected to the product not available page (and not see the actual error message). Here you can explain that the product is no longer available, offer the option to search for other products or even point them in the direction of similar products. If a visitor had received the simple error message they would likely leave your website. However, if they receive a descriptive page with other options there is a good chance they will remain.

While not as popular as it used to be, this type of instruction can mask/cloak the “real” destination of a particular URL. Historically it was used to mask affiliate links which would take visitors to third-party websites. The website owner would receive commission on any sales via their affiliate link and this created a strong income flow for many webmasters. Here is an example:-

Redirect 302 /product/lemoncandle.html 

This is just a very basic example but it will give you an idea of what is possible. So, those who click on a link to the lemon candle buy page on your website will be directed, via your affiliate link, to the candle store page for the lemon scented candle.

3. Blocking referrers

Some third-party websites will embed image URLs from your website into their website. This displays your images on their website but it actual uses your bandwidth. Sometimes referred to as “hotlink protection” it is a very useful way to protect your resources.

4. Blocking IP addresses

From time to time you will come across IP addresses which may attempt to gain unauthorized access. There is a very simple command you can add to the .htaccess file to block both specific IP addresses and those which begin with a certain reference.

5. Caching

You will likely have come across the word caching which allows your computer to “remember” a URL thereby saving time when you click on the link. It is possible to determine the period over which an individual image will be cached by using the .htaccess file. This may be useful if an image changes on a regular basis.

6. Protecting directories

There are ways and means of protecting individual directories in your hosting account. You can either determine which users of are able to access the directory or insert a password. Very useful when looking to deter hackers!

There are many other ways in which you can use the .htaccess file to make your website more efficient, add a new level of security or simply redirect URLs to more relevant pages.

Are there any downsides to using .htaccess files?

As mentioned, there are many ways to use the .htaccess file to enhance your customer experience and make your website more efficient. It is even possible to place different .htaccess files in different sub-directories to carry out specific tasks. However, there is only one potential downside. 99.9% of those using .htaccess files to their full will never see the difference.

Each time a page loads it will refer back to the root .htaccess file for specific page instructions. If you have dozens of redirects or long commands, this can impact the speed of your website. This is not an issue with 99.9% of websites utilizing .htaccess files but it is something to be aware of.

Search engines and .htaccess files

The way search engines view the use of .htaccess files differs. Especially for issues such as redirecting and rewriting URLs. As a rule of thumb, if you do not abuse the .htaccess file by adding line after line of commands (which will also slow down your website) it is unlikely the search engines will take much notice. The bottom line is that there are perfectly legitimate reasons to redirect URLs, or even whole websites. However, those who overstep the mark and add line after line after line of commands in the .htaccess file risk the threat of being penalized by the search engines.


The more you research about .htaccess files the more you will realize they are extremely useful in the right hands but potentially damaging in the wrong hands. So, it is vital that you secure your web hosting accounts, update software regularly and add security patches immediately. While there are obviously benefits to VPS/dedicated servers in relation to security and flexibility, there is no reason why you cannot make full use of the .htaccess file on a shared hosting account.

Also, while your host provider is the first line of defense it is also sensible for you to add additional layers of security. Protecting directories, adding passwords, regularly changing passwords, banning specific IP addresses and monitoring rogue traffic are just some options. Correct use of the .htaccess file can seriously improve the experience of your customers and your site efficiency. However, it is advisable to use it in moderation and not to abuse the power of this file.