08/02/2023 | News release | Distributed by Public on 08/02/2023 05:08
Published: August 02, 2023
WordPress offers non-technical users numerous website creation and management advantages, including the ability to achieve various tasks without modifying core files.
However, certain tasks like implementing redirects or enabling HTTPS require editing the WordPress core file known as .htaccess. With .htaccess, you can configure specific settings for your site easily.
Use the following jump links to navigate all you need to know about .htaccess:
If you'd rather follow along with a video, check out this walkthrough from Fix Runner:
Let's get started with a brief overview of what .htaccess is and why it matters in WordPress.
In WordPress, .htaccess is a special configuration file that can control how your server runs your website. As one of the most powerful configuration files, .htaccess can control 301 redirects, SSL connections, password protection, the default language, and more on your WordPress site.
More specifically, the .htaccess file name provides commands for controlling and configuring the Apache web server where your site is hosted. This server hosts hundreds or thousands of other sites as well on what are termed "server farms." These farms are set up and run by web hosting providers. Without .htaccess, every site owner on the same Apache web server would have to use the same settings for their site. Thankfully, almost every hosting provider allows .htaccess.
With this file, you can set up redirects, force SSL, block IP addresses, deny access to sensitive files, send custom HTTP responses to certain requests, prevent hotlinking, and configure other settings required for your unique site.
Below, we'll cover where this powerful file is located, how to create and edit it, and more.
The WordPress .htaccess file is located in the root directory of your WordPress site. Depending on your hosting provider, the root directory may be a folder labelled public_html, www, htdocs, or httpdocs. You can locate it by using File Manager in your hosting account's cpanel. Let's walk through the process step-by-step.
Log in to your hosting account's control panel.
You should now be able to see the .htaccess file.
If you still can't see the .htaccess file, then it's possible it doesn't exist. Don't worry - you can create one in a few easy steps. Let's walk through the process in the next section.
WordPress should automatically create an .htaccess file for you - but sometimes it is unable to because of an issue with file permissions. In that case, follow the steps below.
# BEGIN WordPress
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
Now that you know how to create a default .htaccess file for your WordPress site if it doesn't exist already, you're ready to edit it. Let's look at how below.
Editing the .htaccess file - or any core WordPress file - is risky. You could end up deleting code you shouldn't, adding incorrect code, or making another mistake that breaks your site.
To mitigate the risks, you should take at least one of the precautionary steps below before making direct edits to the htaccess file.
Once you've completed at least one of the steps above, you're ready to edit. There is more than one way to edit the .htaccess file in WordPress. Let's go over how to do so manually and using a WordPress plugin.
If you'd rather not add another plugin to your WordPress site, then you can use cPanel in your hosting account. If you opt for this method, you'll have to complete at least one of the precautionary steps outlined above yourself.
Here are the steps for editing the .htaccess file in WordPress using cPanel.
If you'd like to automate some of the prep work before editing your .htaccess file, you can use a plugin like Htaccess File Editor. Htaccess File Editor allows you to test edits before saving and automatically backup and restore the default version of your htaccess file. That makes it a must-have WordPress plugin for beginners trying to edit this special configuration file.
Below is the process for editing htaccess in WordPress with the Htaccess File Editor plugin.
Below we'll walk through two common examples of what you can do with the htaccess file: set up redirects and force HTTPS.
Setting up redirects - specifically, 301 redirects - on your WordPress site can prevent your visitors from seeing a 404 error page instead of the content they requested. It also tells
search engines that a post or page has permanently moved so they know to find, crawl, and rank the new page in approximately the same position as the old page on SERPs.
Let's say you decide to consolidate duplicate content on your site. In that case, you can set up redirects from outdated posts to single, updated pages. Or let's say you rename the URL of a single post or page. You can set up a redirect so that any internal or external links on your site with the old URL will send visitors to the new URL. Or let's say you change your domain name. In that case, you can set up redirects so that any visitors trying to visit the old domain name will be sent to the new one.
These are just a few reasons you might want to set up redirects using the .htaccess file in WordPress. Now let's look at how.
To redirect a single post or page, add the following line of code for each post or page you want to redirect.
Redirect 301 /old-url-slug https://yourdomain.com/new-url-slug
Notice you only have to include the WordPress slug of the old URL (ie. the part after your domain name). You should include the full URL of the new post or page, however.
Let's look at a specific example. Say have two duplicate blog posts about WordPress appointment plugins. Then you can combine the content of both posts and redirect the URL with less traffic and backlinks to the URL with more traffic and backlinks. So let's say you'd like to redirect "https://blog.hubspot.com/website/best-appointment-booking-plugins-for-wordpress" to "https://blog.hubspot.com/marketing/wordpress-appointment-plugin". Then, you would add the following line of code in the .htaccess file:
Redirect 301 /best-appointment-booking-plugins-for-wordpress https://blog.hubspot.com/marketing/wordpress-appointment-plugin
Anyone who clicks on an internal or external link with the old URL will now be redirected to the new URL.
To redirect an entire website to a new domain, add the following code snippet to the .htaccess file in WordPress:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^olddomain.com [NC,OR]
RewriteCond %{HTTP_HOST} ^www.olddomain.com [NC]
RewriteRule ^(.*)$ https://newdomain.com/$1 [L,R=301,NC]
Replace the placeholder text in the second, third, and fourth lines with your actual old and new domain names. This code snippet will preserve your link structure. So, for example, your contact page which was "www.olddomain.com/contact" will redirect to "www.newdomain.com/contact".
Forcing HTTPS is a necessary step if you've recently installed an SSL certificate on your WordPress site.
An SSL certificate is a standard security technology for encrypting information between a visitor's browser and your website. Because it helps keep sensitive information like passwords and payment information safe, visitors feel safer on sites that are encrypted with SSL. It also may help you rank better. Back in 2014, Google announced that it would give sites with SSL a minor ranking boost.
If you've recently installed an SSL certificate, then you need to take additional steps to configure your site so that it uses the secure URL with HTTPS instead of HTTP. According to the WordPress Codex, you can do so by adding the following code to the .htaccess file.
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "www.WordPress.com"
ErrorDocument 403 https://www.WordPress.com
This will ensure any visitors using the HTTP version of your site address will be redirected to the version with SSL.
For a more in-depth look at how to force HTTPS on your WordPress site using the .htaccess file or a plugin, check out How to Force HTTPS on Your WordPress Site.
The .htaccess file can offer you more sophisticated control over your WordPress website. You can set up redirects to the most up-to-date pages on your site, force SSL to ensure visitors are being sent to the HTTPS version of your site, and configure other settings to secure your WordPress site.