Before we start the article on .htaccess files, find out why more than 2,5 MILLION websites host with
The Apache web server allows for great flexibility as to the configuration of your account
using .htaccess files. Placed in your main web directory ...
full path: /usr/www/users/username,
...it controls your entire site. You can also place the .htaccess file in subdirectories,
in which case the file will control only files under that subdirectory.
The .htaccess file can be created on the server while logged in via telnet / ssh, or
created locally and uploaded in ASCII mode via FTP.
Sample .htaccess file
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti*
<Limit GET POST>
deny from all
allow from all
<Limit PUT DELETE>
deny from all
DirectoryIndex index.php index.html index.htm index.shtml
Changing the Default File
When a URL specifying only a directory is requested ...
... Apache looks for file names by default (in the order they appear):
The .htaccess directive "DirectoryIndex" can be used to override this behavior.
In your .htaccess file, type the following line:
DirectoryIndex index.php index.html
In the above example Apache is forced to look for index.php first and look for index.html
only if there is no index.php file present.
"DirectoryIndex" can be used to make any file you would like to appear as
default. For instance, you could have:
DirectoryIndex firstpage.html first.html first.php
In the above example the web server would first look for firstpage.html, first.html, and
first.php, returning a directory listing if none of those files were present in the
Custom Error Pages
Apache allows you to replace the default error message pages with pages of
your own design. Doing so is as simple as creating the pages and adding one directive for
each type of error to your .htaccess file.
The most common error page is the "404 File Not Found" error generated when a
user tries to access a non-existent URL at your site. If your domain were example.com and
you created the page http://www.example.com/errors/404.html to replace the default page,
you would add the following directive to your .htaccess file:
ErrorDocument 404 /errors/404.html
This directive uses "relative addressing" (e.g. the http://www.example.com is
removed, as Apache already knows the domain name of your site).
Other common error messages you might wish to replace are the "500 Internal
Server" error that results when a CGI script crashes, and the "401 Authorization
Required" error that occurs when, for instance, someone tries to access a password
protected directory without legitimate authentication. If you followed the same file
naming conventions as the above example, your directives might look as follows:
ErrorDocument 500 /errors/500.html
ErrorDocument 401 /errors/401.html
Adding MIME Types
Multimedia files such as Macromedia's Flash may require special "MIME
Types" in order to work properly. In simple terms, MIME types help the server inform
the browser what type of content is being received, so it can load the appropriate
plug-ins and such. While we try to keep the server's preconfigured for all popular MIME
Types, Apache's "AddType" directive offers you the ability to immediately add
any to your account that you might need.
For instance, the MIME type for Flash is "application/x-shockwave-flash", and
the file extension Flash files use is .swf. To add this MIME type to your account, the
directive in your .htaccess file would be:
AddType application/x-shockwave-flash swf
NOTE: The Flash MIME type is actually preconfigured for your use -- it is included here
for example purposes only.
Preventing Directory Listings
In certain directories, there may be no default HTML filenames (eg.
index.html, index.htm, etc.). By default, anyone attempting to view that directory would
see a list of the files within it. This behavior can be changed with the
"IndexIgnore" directive. To prevent any of the files from being listed, create a
.htaccess file in that directory with the following directive:
The * symbol is a "wild-card" that matches all files, and so none will be
It is also possible to prevent only certain files from being listed (for example all
images - .jpg, .gif). Create a .htaccess file in this directory with the following
IndexIgnore *.gif *.jpg
In the above example, Apache ignores any files with .gif extensions (*.gif) and .jpg
extensions (*.jpg), but still allows it to list any other file types.