Welcome to Dagon Design. In addition to free scripts, WordPress plugins, and articles, we offer a variety of services including custom theme design, plugin creation, and PHP scripting. Contact me for more information.

Updated Saturday, June 4th, 2005 at 6:18pm

Introduction to .htaccess

The .htaccess file is simply a text file containing directives (configuration settings) for the Apache web server. It allows you to control the behavior of your server and has an incredible number of uses. Many of the tutorials on this site involve the use of the .htaccess file and this article will give a bit more information for those of you who have no previous experience with it.


As stated above, the .htaccess file contains directives for the Apache web server. If you are running IIS then you can achieve much of the same functionality with commercial applications such as ISAPI Rewrite, but that will not be covered here.

If you are not sure what software your web server uses, or if you even have access to the .htaccess file, you can simply ask your hosting company.


An .htaccess file can be placed in any directory on your web server and there is no standard limit on how many instances of it you can have. The directives in each file apply to all the files and directories beneath, unless told otherwise. This means that you can have one global .htaccess in your root directory and a separate .htaccess in a specific directory which counter-acts the global settings.


Before you create the file, it is best to check to see if you already have one on your server. If so, it may contain important code that you do not want to loose. Be sure to back it up before making changes.

Many FTP clients will hide the .htaccess file by default, so you may need to check your settings to see if there is an option to display hidden files. In Windows, I personally like using CuteFTP.

Remember that the .htaccess file is a simple text file. This means you can create it in any standard text editor such as Notepad.

If you are running the Windows operating system, you are not allowed to save a file without a prefix (the text before the period). This means you must name your file something else (such as htaccess.txt) and then rename it with your FTP client after it has been uploaded.

When uploading the .htaccess file, be sure that your FTP client is set to use ASCII (text) mode. This will prevent any formatting problems due to the transfer.

Other tips

Any line starting with a ‘#‘ (pound sign) is ignored (useful for adding comments to your code).

When I mentioned the root directory as the location for your primary .htaccess file, I am referring to the root directory for your html files. This is not necessarily the directory you start with when you connect using your FTP client. Most users will have a ‘public_html’ directory (or something similar) which is the true root of your web site.

Most .htaccess directives must be placed on a single line. If you are dealing with long lines of code, make sure word-wrap is turned off in your text editor to prevent problems.


If you wish to keep your .htaccess file fully secure, I recommend using both of the following methods:

1) Add the following code into the start of your .htaccess file. It will send a ‘403 Forbidden’ response to anyone trying to access it.

order allow,deny
deny from all

2) Be sure to set your .htaccess file to 644 (RW-R–R–) with CHMOD. This sets the proper file permissions. Many FTP clients allow you to set this in the properties of the file.


Always make sure your code is typed in properly!

It is very easy to cause problems with the .htaccess file. Even an extra character somewhere can bring down your site, or start an infinite loop. Generally this will not affect the other services (such as FTP), so you can easily get in and reverse your settings. Error logs can also be a great help when troubleshooting code.


Now that you know a bit more about the .htaccess file, feel free to take a look at some of the tutorials on this site that deal with its use.

If you want a fully detailed listing of all the available directives, you can check out the Apache directive documentation.