Practical Ecommerce

Get To Know Your .htaccess File

A valuable tool many web developers either don’t understand or aren’t aware of is the .htaccess file. The file is available only to websites hosted on servers running the Apache web server, which is the overwhelming majority of hosting servers. An .htaccess file is a small, plain-text file residing in any directory of a website, and can contain directives to adjust the way the Apache web server reacts. The configuration changes apply to the directory that the .htaccess file is saved in, and to any directories that it might contain. To better understand them, let’s take a look at some of the things web developers can do using .htaccess files.

Uses for the .htaccess file

Probably one of the most common directives in an .htaccess file is one preventing “directory indexes.” A directory index occurs when a website visitor types in the URL of a directory on a website, and that directory also has no index file. Without anything to send out, the Apache web server will then send the visitor an index, or itemized listing, of all the files in that directory. In some cases, this can represent a security risk, and is generally just bad form. A developer can put a simple directive into a text file that will stop that from happening. Simply save the file as “.htaccess” and place it in the directory of choice, and Apache will no longer allow visitors to view a directory index.

Another common use of .htaccess files is to define custom error pages the web server should send out if it come across an error. All of us have seen that generic “Page Not Found” error, which is sent by Apache when a request is made for a file that cannot be found on the server. Again, it is often ideal to have a custom error page sent to visitors. Just like with directory indexes, there are simple directives to put in an .htaccess file that will serve out a custom page for each error defined. In this case, the .htaccess file should be in the root directory of the website, so that the directives apply to the entire site.

While these are just a couple of common examples, the greater lesson is that every web developer should be intimately familiar with .htaccess files and what they can do with them.

Brian Getting

Brian Getting

Bio   •   RSS Feed


email-news-env

Sign up for our email newsletter

Comments ( 5 )

  1. Legacy User January 3, 2007 Reply

    Great article! Just thought I would let you know…

    — *Albert Bell*

  2. Legacy User May 15, 2007 Reply

    Nice but incomplete info. How about some pointers where a budding developer or site-owners themselves can get some of the goodies you can put in the .htaccess file? This article is only saying it's possible, but does not even hint at where to get the info you REALLY need… Suppose one can find out, but would've been nice to have a little more substantive info in this article.

    — *rkuipers_jm@yahoo.com*

  3. Legacy User May 15, 2007 Reply

    I would also like to get some practical example I can use.

    — *Craig*

  4. Legacy User May 16, 2007 Reply

    .htaccess is very powerful. I use it to password protect parts of my web site as well as the examples used in the article. Here's some information to fill in the blanks left by the article.

    For those interested in learning the technical side of .htaccess, visit this great tutorial which I use as a reference.

    http://www.freewebmasterhelp.com/tutorials/htaccess/

    Apache also has a useful HowTo that can be found at:

    http://httpd.apache.org/docs/1.3/howto/htaccess.html

    — *DaveW*

  5. Legacy User May 16, 2007 Reply

    Here's additional information on .htaccess:

    http://apache-server.com/tutorials/ATusing-htaccess.html

    — *patocrow*