How to set up basic rules and redirects using the .htaccess file

The .htaccess file is a directory-level configuration file supported by the Apache web server. It is used to alter web server behavior and configuration (enable or disable additional features) for the specific account without changing global server settings.


Further reading:

The htaccess file and its uses

The .htaccess file takes effect over the entire directory it is placed in, including all files and subdirectories. The changes made in this file will be implemented immediately and no server restart is required.


Further reading:

Default Home Directory Folders


How to locate .htaccess file

List of commonly used .htaccess rules:

  • Authorization/authentication
  • Blocking
  • Custom Error Pages
  • Mod_Rewrite (redirect rules)
  • Domain root directory change

To access the main .htaccess file of your hosting account, follow the steps below:

1. Log into your cPanel.
2. Navigate to the section Files >> File Manager:
3. If you wish to edit .htaccess file for your main domain, navigate to public_html folder. If you need to make some changes to the addon domain, move to public_html/ folder.
Once there, make sure that Show Hidden files (dotfiles) option is enabled in Settings menu:
4. Locate .htaccess file, right-click >> Edit:
5. If there is no .htaccess file located in your File manager, feel free to create a new one using File option:

You are ready to add your own configuration rules and save them.

Further reading:

How To Create, Edit, and Delete a File in CPanel Using File Manager

CPanel Login Tutorial


The common usage rules of an .htaccess file are listed below:

Authorization/authentication – specifies security restrictions for a directory/subdirectory.

You can password-protect a directory, or several of them, and any time a visitor tries to access it, username and password will be required.

To set up such protection, you need to:

1. Create the directory you want to protect in /home/cpanel_user/.htpasswds/ folder (e.g., for public_html/test the path will be .htpasswds/public_html/test/).

2. Create a passwd file in this directory and add hashed access details using this online generator.

3. Add the following directives to .htaccess:

AuthType Basic
AuthName "Directory Name"
AuthUserFile "/home/cpanel_user/.htpasswds/public_html/test/passwd"
require valid-user

Blocking – blocks users by IP address or domain. It is very useful to block unwanted visitors or to allow accessing certain sections of the website by its owner, administration area, for example.
To set up certain blocking rules, create an .htaccess file with the following text:

to allow access to everybody else and block users with an X.X.X.X IP address

Require all granted
Require not ip X.X.X.X

to block all the visitors except for the specific X.X.X.X and Y.Y.Y.Y IPs

Require ip X.X.X.X Y.Y.Y.Y

NOTE: Do not mix the deprecated Allow, Deny, and Order directives with the new Require directive.


Further reading:

Step by Step Approach to Password Protect a Directory in cPanel

CPanel Security

Custom Error Pages – allows creating custom error pages for a site. This option is very useful as it allows you to show website visitors an error message matching your website theme if a URL on your website does not work. This helps to avoid the default '404 File Not Found' error for example and allows you to display a custom design error page with the guiding directions back into your website content, rather than leaving puzzled.

To set up a custom error document, create an .htaccess file with the following text below:

ErrorDocument 404 /404.html

Whenever a 404 (File Not Found) error appears, this line tells the Apache Web server to load an 404.html file located in the directory root of the domain you set the error page for.

NOTE: To set up a document for other errors (403, 500, etc.), just replace 404 with the corresponding error code and /404.html with the path to the error file.


Further reading:

Custom error page is not working

How to Fix 404 Errors in WordPress After Changing Permalinks


Mod_Rewrite – specifies how web pages and URLs are displayed to the visitors.

We would like to draw your attention to the usage of Mod_Rewrite rules in .htaccess file.

By default, Mod_Rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL.

Before creating a redirect, you should choose the redirection type which would be more preferable for you:

Permanent redirect has a status code of 301, and unlike the temporary one, it is cached in the browser memory. It implies that the page has been moved and requests all search engines and user agent coming to the page to update the URL in their database. This is the most common type of redirect.
Temporary redirect means that the page is sending status code 302 to the browser. Code 302 tells the browser not to cache this redirect into its saved data. It will redirect the visitor or search engine, but the search engine will continue to index to the original page. This is the recommended type of redirect, unless you are absolutely sure that you will never change it in the future.


Further reading:

How to force your website url with www or non-www using htaccess

How to optimize your website to use less server resources

How to Create a Website/Domain Redirect in cPanel


The list of the most common and useful redirects, which can be set through the .htaccess file, can be found below (the domains specified in the examples should be replaced with your own ones):

Permanent redirect from to

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^(.*)$ "http\:\/\/example1\.com/$1" [R=301,L]

Temporary redirect from to

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^(.*)$ "http\:\/\/example1\.com\/" [R=302,L]

NOTE: Below are the examples of permanent redirects. Temporary one can be defined by replacing [R=301,L] with [R=302,L] in the end of the code (where necessary).

Redirect from to

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^subfolder$ "http\:\/\/example1\.com\/" [R=301,L]


Further reading:

How to Create Redirects in WordPress

How to force your website url with www or non-www using htaccess


Redirect from HTTP to HTTPS for

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule .*{REQUEST_URI} [R,L]


RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} ^example\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.example\.com$
RewriteRule ^(.*)$$1 [R,L]

Redirect from non-WWW to WWW

for any domain .htaccess takes effect on:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

for a certain domain,

RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^(.*)$$1 [R=301,L]


Further reading:

How to force your website url with www or non-www using htaccess


Redirect from WWW to non-WWW

for any domain .htaccess takes effect on:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]

for a certain domain,

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.example\.com [NC]
RewriteRule (.*)$1 [R=301,L]

Redirect all pages to the corresponding pages

RedirectMatch 301 ^/(.*)$$1

NOTE: All the pages’ names have to match on both domains or the redirect will lead to a "Page not Found" message on the target website.

Redirect one page to a new URL

Redirect 301 /old_page.html

NOTE: This might be useful when you want to redirect a deleted page to a 404 error or for SEO purposes after the content references updates.


Changes the directory root for the main domain to public_html/subfolder

RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?$
RewriteCond %{REQUEST_URI} !^/subfolder/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /subfolder/$1
RewriteCond %{HTTP_HOST} ^(www.)?$
RewriteRule ^(/)?$ subfolder/index.php [L]

NOTE: The .htaccess file should be located in the directory root of the domain you wish to configure certain rules for.


Disabling existing .htaccess rules

If you need to disable some of the existing rules, for example, for testing purposes, you can simply comment them out. In order to do so, add the pound sign # at the beginning of each line of the rule.
Also, it is possible to disable the line or even the block of lines by selecting ones and using the Ctrl + / shortcut.

That's all!

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

I have a full backup of account through cPanel. How do I restore it?

It is recommended that you maintain healthy backup of your website and possibly download the...

How To Create, Edit, and Delete a File in cPanel Using File Manager

This tutorial will be useful for you to understand how to create a file, edit a file or delete...

How to Create and Manage a MySQL Database

Create MySQL Database and User via cPanel The MySQL Database Wizard is another useful tool...

How do I create and remove an Addon Domain?

An add-on domain is a separate domain name that you add to your web hosting subscription with...

How to Set Up and Delete a Cron Job

A cron job allows you to run a certain command at times set by the job. For example, you could...