.htaccess

Updated: July 15, 2026
By Willya Randika

.htaccess is a per-directory config file on Apache (and some compatible stacks such as certain LiteSpeed modes). Placed in the document root or a subfolder, it controls redirects, folder protection, URL rewrites, cache headers, and forcing HTTPS.

One bad character or flag can take the whole site to HTTP 500. That power is useful and risky at the same time if you edit without a backup.

A Simple Analogy

If the server is a building, .htaccess is the rules poster on each floor: it applies to that folder and its children without opening the main control room. Conflicting floor rules confuse guests — or lock them out.

Common Uses

  • Domain, www, and HTTP → HTTPS redirects
  • WordPress pretty permalinks (mod_rewrite)
  • Folder passwords, IP blocks, disabling indexes
  • Custom error pages
  • Browser cache rules (often conflict with cache plugins)

Safe Illustration

# Force HTTPS (example only — adapt to your needs)
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Do not paste random forum rules without backing up the previous file. Keep a .htaccess.bak before experiments.

Apache vs Nginx

This file only works when the web server honors .htaccess. Pure Nginx usually uses server config instead of per-folder files. When migrating hosts, rewrite rules often need translation. See also web server.

What to Watch For

  • Always back up before editing
  • HTTP 500 after a change → temporarily rename .htaccess to isolate
  • Cache/security plugins often rewrite this file
  • Too many nested rules make debugging painful
  • Test redirects in a private window so browser cache does not mislead you

FAQ

I cannot see .htaccess

It is a hidden “dotfile.” Enable show-hidden in cPanel File Manager or use ls -a over SSH.

Does Nginx use .htaccess?

Not natively. Rules must be translated into Nginx config or a panel that generates it.

Multiple .htaccess files in subfolders?

Allowed; rules stack. More files mean harder debugging — prefer root rules when enough.

Who keeps rewriting my .htaccess?

Often WordPress, security plugins, or cache plugins. Track manual edits outside plugins so updates do not overwrite them silently.

Disclaimer: Hosting Wiki articles are prepared for educational and reference purposes. Hosting technology keeps evolving, so some technical details may change over time.