.htaccess files (or Hypertext Access files) are configuration files that run on your Apache server. They are very powerful, and extremely useful in a variety of projects. You can do things like prevent hotlinking, redirecting, special error pages, password protect directories, and even redirect iPhone users. .htaccess can make a huge impact on your next project, so here are some useful resources, tools, techniques, articles.

Getting Started

In order to use htaccess, you need to create a .htaccess file. This will only work on a Apache web server, but most hosts use Apache, so chances are you will be fine. If you are unsure, you should get in touch with your host and ask them if they support .htaccess files.
Once you find out that your web server supports .htaccess, start by creating a blank file in a text editor of your choice. Name this file ".htaccess" (without the quotes), and upload it to the root directory of your web server.
Congratulations! You now have a .htaccess file to modify!

Snippets

Here are some simple ways to make a big difference by only adding a few lines to your .htaccess file! Open up that .htaccess file with an editor of your choice and simply copy and paste the snippets below. Make modifications to them when you need to, and finally, upload the .htaccess file to the server!

Custom Error Pages

Users receive an error page if they type a url wrong, a link redirects them to a invalid URL, or the server is down. Replacing the standard (and boring) error page on your server is easy. By adding a few lines to our .htaccess file, we can redirect users to custom error pages.

A default 404 file not found page.

ErrorDocument 401 /error/401.php
ErrorDocument 403 /error/403.php
ErrorDocument 404 /error/404.php
ErrorDocument 500 /error/500.php

Now, simply create a directory named "error" and place the respective error pages inside.

Now you can create custom error pages like the one found at Pattern Tap

Prevent Hotlinking

If some of you keep a blog, resource site, or host your own images, music, and other files, then you may be interested in preventing hotlinking. By preventing hotlinking, you can save that valuable bandwidth and server resources. Simply post this snippet in your .htaccess file.

Now when someone links to your image, they will get something like this!

RewriteEngine On
#Replace ?mysite\.com/ with your own url
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
#Replace /images/do-not-hotlink.png with your "don't hotlink" image url
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/do-not-hotlink.png [L]

You can easily change this snippet to suit your own needs. First off, change the URL to your own domain. Next, you can specify your own URL for the image users will see when they attempt to hotlink. Place this image inside the images directory, or a directory of your choice.
Also, you can prevent hotlinking to other file types by changing the file extension specified.

You can also prevent hotlinking from specific domains. Just use this snippet instead.

RewriteEngine On
#Replace with your own urls
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?myspace\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?blogspot\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?livejournal\.com/ [NC]
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/do-not-hotlink.png [L]

Compress your site with gzip

Most browsers these days claim to have gzip capabilities, which means you can make your site load up to 75% faster by compression your files automatically with gzip.

Yahoo uses gzip compression on their home page, compressing their page by 90%!

Adding this snippet to your .htaccess file will check if the browser supports gzip, and then compress all your web files.

<ifModule mod_gzip.c>
  mod_gzip_on Yes
  mod_gzip_dechunk Yes
  mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
  mod_gzip_item_include handler ^cgi-script$
  mod_gzip_item_include mime ^text/.*
  mod_gzip_item_include mime ^application/x-javascript.*
  mod_gzip_item_exclude mime ^image/.*
  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>

Force File Download

Adding this to your .htaccess file will force a "Save As" dialog on the file types you specify.

# Change file extension to your own needs
AddType application/octet-stream .avi
AddType application/octet-stream .mpg
AddType application/octet-stream .wmv
AddType application/octet-stream .mp3

Secure Connection

You can redirect your visitor over a secure https connection by adding these few lines.

RewriteEngine On  
RewriteCond %{HTTPS} !on  
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}  

Paypal uses a secure https connection.

Change PHP upload limits

Override your server's default maximum upload limits with this quick snippet. This will allow you to upload bigger files that you normally couldn't. Be sure to check with your host before doing this, as it may not work on some servers.

php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200

Protect Directory View

This one liner will prevent visitors to see your directory if they do not have a index file.

Options All -Indexes

Sample default directory showing all the files inside that directory.

Adding the snippet will not allow visitors to see inside the directory.

Redirect to new domain

If you have switched to a different domain, you can redirect the visitors that go to your old domain.

# redirect from old domain to new domain
RewriteEngine On
RewriteRule ^(.*)$ http://www.newdomain.com/$1 [R=301,L]

Change Default Page

You can set the default page from the regular index.html to something else with this quick snippet.

# serve alternate default index page
DirectoryIndex something-else.html

Redirect Visitors while in Maintenance

If you are performing site maintenance or updating, you can redirect users to a page of your choice.

order deny,allow
deny from all
allow from 123.123.123.123
 
ErrorDocument 403 /maintenance.html
 
<Files maintenance.html>
allow from all
</Files>

Whenever Twitter is undergoing maintenance, they display this page.

Better URLs

Clean up and make your URLs easier to remember and more user friendly.

RewriteEngine on
RewriteRule ^about/$    /pages/about.html [L]
RewriteRule ^news/$ /news.php [L]
RewriteRule ^contact/$  /pages/contact.htm [L]

Redirect users to a new page

If you have recently changed a page, and want to redirect users to the new one, check out this snippet below.

Redirect 301 /old.html http://mydomain.com/new.html

Redirect iPhone Users

You can use htaccess to redirect users visiting with the iPhone.

RewriteEngine on
RewriteCond ${HTTP_USER_AGENT} iPhone
RewriteRule .* http://mydomain.com/iphone

Block Spammers and other unwanted visitors

If you know the IP address of a spammer, you can block them with a few lines of code.

Order Deny,Allow  
Deny from 123.123.123.123

Secure the .htaccess file

One of the last things to do is to secure your .htaccess file, and prevent users from viewing it.

<Files .htaccess>
order deny,allow
deny from all
</Files>

Tutorials and Resources

If you are interested in looking more in depth about .htaccess and what it can do, below are some tutorials, articles, and other resources related to .htaccess.

Ultimate guide to htaccess files

Extensive and very in depth guide on using htaccess understanding how it works.

5 Fun and Practical .htaccess solutions

Five easy and practical solutions using .htaccess

Do's and Don'ts of .htaccess

A dozen techniques to get you started

Htaccess Tricks for your Wordpress Blog

Neat tricks to improve your wordpress blog.

Htaccess Password Protection Tricks

Easy ways to protect files and directories.

CSS File Protection

Learn how to protect your CSS files from rippers and other bad people.

Htaccess Password Generator

A script that will generate .htaccess and .htpasswd files to protect directories.

Enjoy this article? Be sure to follow us on twitter.