8 htaccess hacks that every developer should know

Setting up the Apache (hypertext access) .htaccess file can be a very powerful tool in web development if used properly.


By .htaccess we can perform redirections, protect files and directories with password, prevent hotlinking and bandwidth theft, compress files and much, much more. Be sure to make a backup of your current .htaccess file before applying any of these hacks.


1. Prevent Hotlinking
Are you tired of people using your bandwidth by putting the images hosted on your server on your website? Add the following code to the end of your .htaccess file to prevent hotlinking:

Options +FollowSymlinks 
#Protect against hotlinking 
RewriteEngine On 
RewriteCond %{HTTP_REFERER} !^$ 
RewriteCond %{HTTP_REFERER} !^http://(www.)?domainname.com/ [nc] 
RewriteRule .*.(gif|jpg|png)$ http://domainname.com/img/do_not_steal_my_bandwith.gif[nc]

Code (markup):

2. Block all user-agent requests
It is possible to block all unwanted user-agents that may be potentially harmful or perhaps simply to keep the server load as low as possible.

#Block bad bots 
SetEnvIfNoCase user-Agent ^FrontPage [NC,OR] 
SetEnvIfNoCase user-Agent ^Java.* [NC,OR] 
SetEnvIfNoCase user-Agent ^Microsoft.URL [NC,OR] 
SetEnvIfNoCase user-Agent ^MSFrontPage [NC,OR] 
SetEnvIfNoCase user-Agent ^Offline.Explorer [NC,OR] 
SetEnvIfNoCase user-Agent ^[Ww]eb[Bb]andit [NC,OR] 
SetEnvIfNoCase user-Agent ^Zeus [NC] 
  
Order Allow,Deny 
Allow from all 
Deny from env=bad_bot

Code (markup):

3. Redirect everyone except certain IPs
If for some reason you want to deny access to all users or only allow a certain group of IP addresses to access your site, add the following code to your .htaccess file:

ErrorDocument 403 http://www.domainname.com 
Order deny,allow 
Deny from all 
Allow from 124.34.48.165 
Allow from 102.54.68.123

Code (markup):

4. SEO Friendly 301 Redirects
If you have transferred domain names or want to redirect to a specific page without affecting search engine results like Google, use the following code:

Redirect 301 /d/file.html http://www.domainname.com/r/file.html 

Code (markup):

5. Create a custom page for each type of error If you got tired of the default layout of error pages 401, 403, 404, 500, etc. you can easily create your own and refer to it this way:

ErrorDocument 401 /error/401.php 
ErrorDocument 403 /error/403.php 
ErrorDocument 404 /error/404.php 
ErrorDocument 500 /error/500.php

Code (markup):

6. Create a list of prohibited IPs Did you get tired of always getting the same comments from certain users over and over again? It simply prohibits access to certain IPs, by adding the following code:

allow from all 
deny from 145.186.14.122 
deny from 124.15

Code (markup):

7. Redirect 301 from an old domain to a new one
Including this snippet in the htaccess of your old domain, you will be able to write a new one (without being penalized by Google for duplicating content, since 301 is a "permanent redirect" warning):

# Redirect from an old domain to a new one 
RewriteEngine On 
RewriteRule ^(.*)$ http://www.newdomain.com/$1 [R=301,L]

Code (markup):

8. Force the caching
The next snippet will not directly increase the load speed of your site in general, but it will load faster when the same user returns to visit it when sending a status 304 when asking for items that have not been modified. You can change the frequency of caching by changing the number of seconds (in this example it is given once a day):

FileETag MTime Size 
ExpiresActive on 
ExpiresDefault "access plus 86400 seconds"

Code (markup):