Build Beautiful WordPress Websites Using Divi and Divi Builder

What Is WordPress .htaccess File And How To Configure It?

Rifat WordPress Tutorials Jul 29, 2021

The .htaccess is a much-needed WordPress core file that we normally use to modify or override server-level configuration. Many times, updating or changing rules on WordPress .htaccess file can easily resolve complex operational problems. This is a very familiar topic to WordPress web developers. In today's tutorial, we will try to demonstrate everything about the .htaccess file and learn how to configure the .htaccess file on WordPress. Today's post is significant for new WordPress developers. So let's move forward without delay.

What is the .htaccess file?

Thie .htaccess file is a configuration file that we use to regulate the Apache webserver. It gives the server a mixture of directions to control our website, such as redirecting users, implementing password protection to the admin section, defending the file directory, and so on. It resides in the root folder of WordPress and conclusively controls redirects, cache, and permalinks.

The .htaccess file location

If we visit the website's root directory from the file manager through Cpanel, we will see that almost all the files have usual identification names and extensions. However, there is no general name or extension for the .htaccess file. Its name begins with a dot sign because the location of this file is hidden on the Unix and Linux platforms. If you do not find the .htacess file in your root directory, then your FTP client is probably hiding the file. In that case, you need to find an option to display hidden files from FTP clients to see the .htaccess file.

Here you can see some file names started with .htaccess in a lighter color than the rest of the files. We will be talking about viewing these files if they aren't available on the root directory.

Download Divi The Best WordPress Theme

The Most Popular WordPress Theme In The World And The Ultimate WordPress Page Builder

Download Divi

The use of .htaccess files in WordPress

The .htaccess file is used to redirect URL's which makes URLs easily readable and SEO friendly. We already know that the .htaccess file resides in the root directory, and the reason it stays here is we install WordPress in the same directory. Here lies another file called index.php. You can easily manage link formats for your published item from the WordPress dashboard. You can easily put a URL with the mixture of the month, day, post name, category from the Settings > Permalinks option.

If you change the formats, WordPress will save this straight on the .htaccess file. Changes in URL structure will be rewritten in the .htacceess file, and the changes will occur immediately. Here is a simple example of how URL rewriting looks on the directory.

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

These rules can vary in number if you have more plugins installed in WordPress. For example, activated security plugins of your website can add more rules to the list to prevent accessing this website from certain IP addresses that are blacklisted globally and only accessible to whitelisted IPs. Also, these plugins can bring many rules to the .htaccess file to block spambots and comments, hotlinking images, and anonymous threats.

The image above is an example of rules in the .htaccess file set by the All in One WP Security plugin.

Also, you will find different types of files created by caching plugins you have installed in WordPress for optimization. Here is an example of rules regarding expiration dates set by a cache plugin.

Finding and Updating the .htaccess files

The Apache web server and the .htaccess files work together. It means you cant find it on Nginx or others servers. If you don't find it on the root directory, notify your hosting provider to check whether it's running on Apache or any other server technology.

Also, WordPress needs to have the required permissions to access and modify the .htaccess file. Change file permissions to give WordPress sufficient authorization to update the file.

Basic Understandings of .htaccess files

Security plugins in the website have a lot more to do than just writing few lines on the .htaccess file. We need to understand the basics of this file and the working method to know better and how modifications will occur. Also, this basic knowledge will help you to add rules to do simple tasks like redirect URLs, page security, and altering URLs without any plugins installed.

You need to make a backup for the .htaccess file before making any changes because mistakes will cost a lot if we don't do so. Even your website can behave strangely, and your design layout can collapse. If something unexpected happens, you can replace the changed file and get your website running at no time.

You can write both comments and codes inside the .htaccess file. Comments start with # as the first character. Let's take a look at how to write things on .htaccess files.

Old URL redirection

Assume you would have a widely known post with an old URL that is no longer functional. It might be something associated with a product you don't sell anymore on your website. In such situations, you may want to redirect visitors to your new webpage via the old URL. You can add the following line of code on the .htaccess file.

Redirect 301 /some-old-post-url/ /new-post-url/

You can redirect an entire website to a new URL using the same command. For example, we want to redirect a page to our home page. This will be the code for that.

Redirect 301 /post-url/

Caching common files

A Cache is a special set of temporary files stored by our browsers or devices to make the app/website run faster and more efficiently. If we visit a website/app for the first time, a cache stashes images and other pertinent data on the browser/device. For a website, the .htaccess file owns rules for that cache functionality instead of load data repeatedly for every new visit. Here is an example of cache functionality on the .htaccess file.

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css A604800
ExpiresByType text/javascript A1296000
ExpiresByType application/javascript A1296000
ExpiresByType application/x-javascript A1296000
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000

Here numbers written after A indicate the total seconds for files to be cached. In another way, you can add a human-readable time period instead of seconds.

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType text/css "access plus 1 week"
ExpiresByType text/javascript "access plus 15 days"
ExpiresByType application/javascript "access plus 15 days"
ExpiresByType application/x-javascript "access plus 15 days"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"

Redirecting to a Secure Page

We can also use the .htaccess file to redirect users from one HTTPS page to another. Here, the R flag commands the server to send the required response code and L flag commands to stop processing the set rules.

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


Today we have a detailed introduction of the .htaccess file and how we can modify them according to our needs. Simple adjustments in this file can save from installing a heavy plugin for cache or security scheme—lastly, some common rules to add to your .htaccess file if they don't exist already. I hope you find this post useful, and if so, leave us a valuable comment regarding this post or any suggestions. Also, you can share the post, and that will be very AWESOME of you.