Top 26 Htaccess Interview Questions You Must Prepare 24.May.2024

Creating a .htaccess file is very easy and can be done with any ASCII text editor like textpad or notepad. I´ve noticed that many people are confused about the strange filename. Well – actually this file doesn´t even have a name at all, it´s just a long file name extension – .htaccess. Hence, the DOT before “htaccess” is NOT a type.

To create a .htaccess file, simply open a new blank document in your favorite text editor and save the file as .htaccess. Some text editors (like notepad) do not support the Unix file format and therefore you won´t be able to save a file with the “.htaccess” extension only. In this case you can simply save the file as 1.htaccess or htaccess.txt and later (after you have uploaded it to your server) rename it to .htaccess through your FTP client.

SSI (server side includes) provide a very flexible and easy way to update the content and style of certain parts (footer, header, sidebars, menus, ad blocks) of all your webpages by modifying a single file only. To learn more about SSI, read the SSI tutorial.

To enable SSI on static .html and .htm webpages, you need to add the following line to your .htaccess file. Please note that this only works if your webhost supports SSI.

SetEnv APPLICATION_ENV development

  • RewriteEngine on
  • RewriteCond %{HTTPS} off
  • RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]

  • RewriteEngine on
  • RewriteCond %{HTTPS} off
  • RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]

It is used to set a base URL for your rewrites rules.

RewriteEngine On

RewriteBase /~new/

By setting the RewriteBase there in htaccess, you make the relative path come off the RewriteBase parameter.

Using this “.htaccess” file, we can control “php.ini” and “httpd.conf” file.

If you are offering downloads from your site, you may want to place these into a subdirectory of your website and protect it with a password in order to prevent the downloads from unauthorized access. This way, you can allow access only for registered members or for your newsletter subscribers and also change the password from time to time.

Most webhosts offer this password protection feature directly in their control panels, so I recommend you log into your control panel and define usernames and passwords for the directories that you want to protect there, because this requires more than just editing the .htaccess file.

301 - Permanent movement

302 - Temporary movement

400 - Bad request

401 - Authorization Required

403 - Forbidden

404 - Page Not Found

500 - Internal Server Error

You can define your own error pages to improve the communication with your visitors in case something´s wrong with your site or if they are trying to access pages that are no longer available. Simply create a webpage for each of the error codes you like.

Here are some of the most common errors:

401 – Authorization Required – occurs when users try to access password protected pages without giving the correct credentials.

403 – Forbidden – occurs when users try to access a file (web document, script, graphic, etc …) whose file permissions do not allow the requested action (execute / read / write).

404 – Not Found – occurs when users try to access a webpage that doesn´t exist on your site.

500 – Internal Server Error.

You can name these custom error pages anything you like, but I recommend you choose file names that remind you of the function of each document (f.ex. notfound.html or 404.html for the 404 error page) and you can store them in any location on your server that has web access (either your root directory or a subdirectory). Then you can define these pages as custom error pages in your .htaccess file.

Supposing you have named your error pages 401.html, 404.html and 500.html and stored them in your website´s root directory, then you would add these lines to your .htaccess file:

ErrorDocument 401 /401.html

ErrorDocument 404 /404.html

ErrorDocument 500 /500.html

If you have named these pages “notfound.html”, “authorization.html” and “internalerror.html” and uploaded them to a subdirectory named “errorpages”, you would add this to your .htaccess file:

ErrorDocument 401 /errorpages/authorization.html

ErrorDocument 404 /errorpages/notfound.html

ErrorDocument 500 /errorpages/internalerror.html

  • RewriteEngine On
  • RewriteCond %{HTTP_HOST} !^www.
  • RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

php_flag display_errors off

php_flag display_startup_errors off

  • htacces R flag causes a HTTP redirect to be issued to the browser and 301 me its permanent redirect.
  • htaccess L fag causes to stop processing the rule set, if the rule matches, no further rules will be processed.
  • Also we can set more than 2 flags in brackets []
  • More flags

for this, you have set the virtual host

Follow the following steps:

Step 1: Create a wildcard DNS entry

*   3600  A

Step 2: Setup the Virtual Host, in vhost file.

  DocumentRoot "E:wampwwwmyproject"


   AllowOverride All

        Order allow,deny

        Allow from all

Step 3: Now write your all codes in in Document Root path i.e.E:wampwwwmyproject

Step 4: Done, now you can access with

RewriteEngine On

  • RewriteBase /
  • RewriteCond %{HTTP_HOST} !^$ [NC]
  • RewriteRule ^(.*)$ [R=301,L]

Whatever the reasons are, sometimes you may want to ban certain IP addresses from accessing your website(s). This can easily be achieved by adding the following lines to your .

htaccess file (replace IP with the IP address you want to ban from accessing your site, f.ex.

  • order allow,deny
  • deny from IP
  • allow from all

Of course, you can specify more than one IP addresses and also C or B class IPs – this way you would ban all IPs from the entire class. F.ex. deny from 125.30.@would ban all the IPs that start with 125.30.@(,, etc …).

Add one IP per line in your .htaccess file like this:

  • order allow,deny
  • deny from
  • deny from 125.30.@
  • allow from all

Redirect /

Some examples of what can be done with a .htaccess file. They are all covered in this tutorial:

  • Define custom error pages
  • Banning certain IP addresses from accessing your site
  • redirecting users to other pages / sites
  • password protecting directories
  • enabling certain PHP modules
  • enabling SSI (server side includes)

If you want to execute dynamic PHP code on otherwise static .html and .htm webpages, you need to enable PHP parsing on this type of webpage. To do this, simply add the following line to your .htaccess file and then you can include PHP code directly in the source code of your .html and .htm webpages. Make sure that you embed all PHP code inside opening and closing PHP tags (<?php and ?>).

AddType application/x-httpd-php .html .htm

Please note that you cannot use SSI and PHP parsing at the same time. But don´t worry: you can include PHP code in SSI enabled webpages, too. For this purpose you would need to paste the PHP code into a blank text document, save the file as whateveryoulike.php, upload it to your server and then include it with SSI:

<!–#include virtual=”path-to/whateveryoulike.php” –>

ExpiresActive On

ExpiresByType application/javascript "now plus 3 day"

ExpiresByType application/x-javascript "now plus 3 day"

ExpiresByType image/jpg "now plus 1 week"

ExpiresByType image/jpeg "now plus 1 week"

ExpiresByType image/png "now plus 1 week"

ExpiresByType image/pjpeg "now plus 1 week"

ExpiresByType image/gif "now plus 1 week"

ExpiresByType text/css "now plus 3 day"

.htaccess files are configuration files of Apache Server which provide a way to make configuration changes on a per-directory basis.

order allow,deny

deny from #specify a specific address

allow from all