ISPA Winner 2018 16 Years of Krystal

What is .htaccess?


Krystal

By: James Miller in Servers

Posted on: November 08th 2019 at 9:04am


The .htaccess file (Hypertext Access) is a configuration file that is used to detail exactly how visitors interact with the website and how data on the website itself is presented within the web browser. The dot at the start of the file name (.htaccess) signifies that it is a hidden file. This file is usually hidden from your view and always hidden from general users, as the file contains configuration information and other security-related data. You can make changes to this file either via the file manager within your hosting account or by accessing your hosting via FTP. 

There are a huge number of reasons you may want to view and edit the .htaccess file. We’re going to expand on just a few of the more common ones.

These include:

  • URL Rewriting
  • URL redirection 
  • Access Control
  • IP Whitelisting
  • URL Rewriting


We use URL rewrite to shorten links when visitors are browsing your website, they can see in the URL (in the address bar) what stage they are at in their journey of your site. For example, if a visitor sees ‘/checkout’, they know they’re on your checkout page. It’s important for the URL of each page to match the location - as this creates a consistent and user-friendly experience. Long and complicated URLs could confuse your visitor. Therefore, it’s important to shorten each URL.

Here are some generic examples of URL shortening:

Before: http://mydomain.com/store/view/product/technology/usb/San-Disk-8GB
After: http://mydomain.com/technology/San-Disk-8GB

Before: http://mydomain.com/index.php?page=template/content/pages/cart
After: http://mydomain.com/cart

Before: http://mydomain.com/blog/posts/2019/09/03/Paris-2019
After: http://mydomain.com/blog/Paris-2019

URL Redirection

From time to time you may update your website and update products with new versions. You’ll want your visitors to click on the newer version of your product instead of the old version, but how can you do that? Well, it’s simple! You can use a permanent 301 redirect. This URL redirects search engines and visitors to your new link - which replaces your old link. It’s the advised way of redirecting traffic from an existing page or website for SEO purposes. 

Types of Redirects: 

301 - This is for permanent redirects only as it updates the search engines to use the new link essentially say it's permanently moved.

302 - This is for temporary redirects and should not be used for long term redirection, as the original URL will continue to be considered valid by search engines.

You can add a redirect inside cPanel > Redirects. This will add the instructions into the .htaccess file without having to edit it yourself.

Access Control

We regularly see htaccess used to prevent unauthorised visitors from reaching administrator panels, staging/developing zones and testing areas of websites.
An example of configuring access control in .htaccess would be:

AuthName "Protected Folder"
AuthType Basic
AuthUserFile /web/krystal/files/.htpasswd
require valid-user
A .htpasswd file is created in advance, this contains the username and password hash required to access the specified destination.

IP Whitelisting

You can set up your admin panel or any folder to only be accessible by yourself and specified guests. All they need is a username and password! Any IP that isn't in this trusted list will get refused access to the area.  You can whitelist your own IP address using a simple line of code to deny all other users. 
An example of this code would be:

order deny,allow
deny from all
allow from 192.168.0.1


192.168.0.1 would be replaced with the IP address that you want to allow to connect.

There is plenty more we could say about .htaccess as it’s a wide topic, however, we hope that covering the basics has given you an insight into its functions.Our support team are available 24/7 to answer any questions you may have. You can get in touch with us via support ticket, live chat or telephone, here.

 

More from the blog...