Toolsvana→Developer Tools→htaccess Generator

htaccess Generator

Generate Apache .htaccess files for redirects and security

Redirects

Force HTTPS

WWW Redirect

Security

Prevent Directory ListingBlock Sensitive Files (.env, .sql, etc.)Block Bad Bots (AhrefsBot, SemrushBot, etc.)Prevent Image Hotlinking

⚡Performance

Enable Gzip CompressionEnable Browser Caching

⚠️Custom Error Pages

404 Page

403 Page

Generated .htaccess

About .htaccess Generator

The .htaccess Generator is a free online tool that helps you create properly configured .htaccess files for Apache web servers without manually writing complex directives. The .htaccess (hypertext access) file is a powerful configuration file that allows you to control URL redirects, security settings, caching rules, compression, and custom error pages on a per-directory basis.

Manually writing .htaccess directives can be error-prone and even a small syntax mistake can make your entire website inaccessible. Our visual generator eliminates this risk by providing checkbox-based configuration options that produce valid, well-commented Apache configuration code. Simply select the features you need, click generate, and copy or download the result.

Whether you need to force HTTPS, block sensitive files, enable gzip compression, set up browser caching, prevent image hotlinking, or configure custom error pages, this tool covers the most common and essential .htaccess configurations used by web developers, system administrators, and SEO professionals.

Key Features

Force HTTPS redirect to encrypt all traffic between users and your server
WWW redirect options to add or remove the www prefix for URL canonicalization
Custom 301 and 302 redirect rules for individual URL paths
Directory listing prevention to stop visitors from browsing your file structure
Sensitive file blocking for .env, .sql, .log, composer.json, and other critical files
Image hotlinking protection with configurable allowed domains
Bad bot blocking for known aggressive crawlers like AhrefsBot and SemrushBot
Gzip compression for HTML, CSS, JavaScript, JSON, XML, and SVG files
Browser caching with configurable expiration times for different file types
Custom error pages for 404, 403, and 500 HTTP status codes

How to Use the .htaccess Generator

Configure redirects: Enable HTTPS forcing and choose whether to add or remove the www prefix from your URLs for proper canonicalization.
Set security options: Check the boxes for directory listing prevention, sensitive file blocking, hotlinking protection, and bad bot blocking based on your needs.
Enable performance features: Turn on gzip compression and browser caching to improve your website's loading speed and reduce bandwidth usage.
Add error pages: Enter paths to your custom 404, 403, and 500 error pages to provide a better user experience when errors occur.
Generate the file: Click "Generate .htaccess" to create your configuration with proper syntax and helpful comments.
Deploy: Copy the output or download it, then upload the file as .htaccess to your web server's root directory or the target subdirectory.

Use Cases

SSL/HTTPS migration: Automatically redirect all HTTP traffic to HTTPS after installing an SSL certificate on your server.
URL canonicalization: Enforce consistent www or non-www URLs to prevent duplicate content issues in search engines.
Website security hardening: Block access to sensitive configuration files, prevent directory browsing, and stop malicious bot traffic.
Performance optimization: Enable gzip compression and browser caching to significantly improve page load times and Core Web Vitals scores.
Image bandwidth protection: Prevent other websites from embedding your images and consuming your server bandwidth through hotlinking.
Custom error handling: Redirect users to branded, helpful error pages instead of showing generic server error messages.
WordPress security: Protect wp-config.php, uploads directory, and other WordPress-specific files from unauthorized access.
SEO redirect management: Set up 301 redirects for moved pages, deleted content, or URL structure changes to preserve link equity.

Frequently Asked Questions

Is this tool free?

Yes, the .htaccess Generator is completely free to use. There are no usage limits, no registration required, and no premium features. Generate as many configurations as you need.

Is my data secure?

Yes. The .htaccess configuration is generated entirely in your browser. No data is sent to any server, and your domain names, URLs, and settings are never stored or logged.

Does .htaccess work on all web servers?

No. The .htaccess file is specific to Apache web servers. It does not work on Nginx, IIS, LiteSpeed (uses similar but different syntax), or other web servers. If you use Nginx, you need to configure equivalent rules in your server block configuration.

Where should I place the .htaccess file?

Place the .htaccess file in the root directory of your website (usually public_html or www). The rules will apply to that directory and all subdirectories. You can also place additional .htaccess files in subdirectories for directory-specific rules.

What happens if my .htaccess has a syntax error?

A syntax error in .htaccess will typically cause a 500 Internal Server Error, making your website inaccessible. Always test changes on a staging environment first, and keep a backup of your working .htaccess file so you can quickly restore it if needed.

Can I combine multiple .htaccess rules?

Yes. You can combine all the generated rules into a single .htaccess file. The generator produces well-commented code with clear sections, making it easy to merge with existing configurations.

Tips & Best Practices

Always backup first: Before uploading a new .htaccess file, save a copy of the existing one so you can quickly restore it if something goes wrong.
Test on staging: Always test .htaccess changes on a staging or development environment before applying them to your production server.
Force HTTPS everywhere: With free SSL certificates available from providers like Let's Encrypt, there is no reason not to enforce HTTPS on all pages.
Block sensitive files: Always prevent public access to .env files, SQL dumps, log files, and package manager files (composer.json, package.json) that could expose sensitive information.
Enable compression: Gzip compression can reduce file transfer sizes by 60-80%, significantly improving page load times with minimal server overhead.
Set appropriate cache durations: Use longer cache durations for static assets (CSS, JS, images) and shorter durations for HTML pages to balance performance with content freshness.