If you are a website owner, you probably already know a little bit about .htaccess files or at least know about their existence. In this tutorial, we will help you understand the purpose of .htaccess files. We will also discuss how you can access and configure the .htaccess file for your WordPress website.
What Does the .htaccess File Do?
The .htaccess file is used by the Apache web server to determine how it should serve files to visitors. You can use this file to provide different configuration options for different directories. The options you set in an .htaccess file inside a particular directory will apply to all the files and sub-directories within that directory.
You can use an .htaccess file to do a lot of things like rewriting URLs, redirecting users from a non-secure to a secure version of your webpages, or controlling caching.
Where Is My WordPress .htaccess File Located?
Usually, file names contain the actual base name and an extension like contacts.pdf and log.txt. However, the .htaccess file doesn’t have an extension. It starts with a dot because this makes it hidden on the Unix and Linux operating systems.
The file is located in the root directory of your WordPress installation. However, you might not see it at first because your FTP client might be hiding it. If you don’t see the .htaccess file in your WordPress root folder, look for an option in your FTP client to show hidden files.
After that, you should see the file, as shown in the image above. The file name will probably still be lighter in color compared to regular files. If you still don’t see an .htaccess file, see below for some troubleshooting tips.
How Does WordPress Use .htaccess Files?
The WordPress Core uses the .htaccess files to redirect URLs in order to make them readable as well as SEO and user-friendly. The file is located in the root directory of your WordPress website. This is the location where you first installed WordPress. It will also contain another file called index.php in the same directory as the .htaccess file.
If you log into the WordPress admin dashboard and then go to Settings > Permalinks, you will see that WordPress allows you to pick a format for creating the URLs for any posts you publish. The URL can contain a mix of month, day, post category, and post name, among other things.
Choosing one of these settings and clicking on the Save Changes button will prompt WordPress to update the .htaccess file with some URL rewriting conditions. Your .htaccess file will then have some URL rewriting rules that look similar to the ones listed below.
1 |
# BEGIN WordPress |
2 |
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are |
3 |
# dynamically generated, and should only be modified via WordPress filters. |
4 |
# Any changes to the directives between these markers will be overwritten. |
5 |
<IfModule mod_rewrite.c> |
6 |
RewriteEngine On |
7 |
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
8 |
RewriteBase / |
9 |
RewriteRule ^index.php$ - [L] |
10 |
RewriteCond %{REQUEST_FILENAME} !-f
|
11 |
RewriteCond %{REQUEST_FILENAME} !-d
|
12 |
RewriteRule . /index.php [L] |
13 |
</IfModule> |
14 |
|
15 |
# END WordPress |
Your own .htaccess file could contain many more rules depending on the plugins that you have installed on your website. For example, any security plugins that you have installed can add rules to the file in order to prevent access from certain IP addresses or allow access only from whitelisted IP addresses. Security plugins can do many more things inside the .htaccess file, like preventing spam comments and hotlinking of images.
The following image shows some rules written in the .htaccess file by the All In One WP Security plugin.
You will also find some additional rules related to caching different types of files. These might be set if you have installed any WordPress optimization plugins that handle caching. Here’s an image with some rules about the expiration dates of caches of different types of files. These were added by a caching plugin.
Problems in Finding and Updating .htaccess Files
The .htaccess file is supposed to work with the Apache web server. This means that you won’t find a working .htaccess file on other servers like Nginx. If you have looked around in your root directory and still don’t see an .htaccess file, please confirm from your web host if you are running on Apache or some other technology.
WordPress also needs to have proper permissions in order to read and modify an .htaccess file. You will need to change file permissions to give WordPress the ability to update the file if it is not working by default.
Understanding the Basics of .htaccess Files
Any security and caching plugins that you install on your website will usually do more than simply writing a bunch of lines inside your .htaccess file. However, having a basic understanding of some common commands will make you more comfortable when it comes to modifying an .htaccess file if the need arises. This can also help you avoid installing any plugins to do simple tasks like redirecting users to secure pages or from an old non-existing URL to a new one.
It is always important to take a backup of your original .htaccess file before you start making any changes to it. This is because any mistake while changing the file can take your website down or make it behave unexpectedly. Having a copy of the original will allow you to get the website up and running by simply replacing the changed file with the original version.
You can write your rules as well as comments to provide instructions to others or explain why you wrote those rules. Any comments in an .htaccess file must begin # as the first character. We will show you how to complete some basic tasks by directly editing your .htaccess file instead of installing a plugin.
Redirecting Old URLs
Let’s say you had a popular post on some old URL that no longer exists. This could be something like an older version of a product that you no longer sell. In such cases, you might want to redirect people visiting the old URL to your new webpage.
You can add the following line to your .htaccess file to do so. Remember to replace the paths with your actual URL values.
1 |
Redirect 301 /some-old-post-url/ /new-post-url/ |
You can also redirect your entire website to a new URL by using the same command. In my case, the WordPress installation is in a directory named wordpress. So I can add the following line in my .htaccess file to redirect it somewhere else.
1 |
Redirect 301 /wordpress/ https://code.tutsplus.com/ |
After you add the above line, someone visiting /wordpress/some-post/ will be redirected to https://code.tutsplus.com/some-post/.
Caching Common File Types
Regular visitors to your website will request the same CSS, JavaScript, and image files again and again. Therefore, it makes sense to let them get those files from a cache instead of a regular transfer. You can add basic caching functionality with an .htaccess file. Here is an example that caches these files.
1 |
<IfModule mod_expires.c> |
2 |
ExpiresActive On |
3 |
|
4 |
ExpiresByType text/css A604800 |
5 |
ExpiresByType text/javascript A1296000 |
6 |
ExpiresByType application/javascript A1296000 |
7 |
ExpiresByType application/x-javascript A1296000 |
8 |
|
9 |
ExpiresByType image/jpeg A2592000 |
10 |
ExpiresByType image/png A2592000 |
11 |
</IfModule> |
The number after A sets the total number of seconds for which the files will be cached. There is another way of setting a caching period by specifying the time period as human-readable values.
1 |
<IfModule mod_expires.c> |
2 |
ExpiresActive On |
3 |
|
4 |
ExpiresByType text/css "access plus 1 week" |
5 |
ExpiresByType text/javascript "access plus 15 days" |
6 |
ExpiresByType application/javascript "access plus 15 days" |
7 |
ExpiresByType application/x-javascript "access plus 15 days" |
8 |
|
9 |
ExpiresByType image/jpeg "access plus 1 month" |
10 |
ExpiresByType image/png "access plus 1 month" |
11 |
</IfModule> |
You should now be able to specify caching instructions for file types that are not covered by caching plugins.
Redirecting Users to Secure Pages
Another use of the .htaccess file is to redirect users from HTTP pages to corresponding HTTPS pages. You can use the following rules to do so.
1 |
RewriteEngine On |
2 |
RewriteCond %{HTTPS} off
|
3 |
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
The flags R and L can be in any order. The R flag tells the server to send a specified response code, and the L flag tells the server to stop processing any more rules in the set.
Final Thoughts
We began this post with a brief explanation of the purpose of the .htaccess file. After that, we learned where you can find this file in WordPress and how WordPress and other plugins use it to do things like caching resources and improving security. Finally, we discussed some common rules and commands that you will find in your own .htaccess file and how to add them if they don’t already exist.
There is a lot more to learn about .htaccess files. One way to get started is to read this introductory .htaccess tutorial from Apache.
Recent Comments