{"id":655,"date":"2024-02-26T21:50:02","date_gmt":"2024-02-27T05:50:02","guid":{"rendered":"https:\/\/blog.iabsolute.com\/?p=655"},"modified":"2024-02-26T21:50:02","modified_gmt":"2024-02-27T05:50:02","slug":"how-to-enable-set-up-htaccess-file-on-apache","status":"publish","type":"post","link":"https:\/\/blog.iabsolute.com\/?p=655","title":{"rendered":"<strong>How to Enable &amp; Set Up .htaccess File on Apache<\/strong>"},"content":{"rendered":"\n<p>What is an htaccess File?<\/p>\n\n\n\n<p>The&nbsp;<strong><em>.htaccess<\/em>&nbsp;file<\/strong>&nbsp;in Apache is a tool that allows configurations at the directory and subdirectory level. Using .<em>htaccess<\/em>&nbsp;enables&nbsp;you to configure website permissions without altering server configuration files.<\/p>\n\n\n\n<p>This tutorial will show you&nbsp;<strong>how to set up and enable&nbsp;<em>htaccess<\/em>&nbsp;on Apache.&nbsp;<\/strong>Also, it instructs on how to restrict access to specific localizations on the server, manage IP addresses, and redirect traffic.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/how-to-enable-htaccess-apache.png\" alt=\"How to Enable and Set Up .htaccess File on Apache Guide\" class=\"wp-image-91721\"\/><\/figure>\n\n\n\n<p><strong>Note:<\/strong>&nbsp;If you do not have Apache on your system, you can find a step-by-step instruction guide&nbsp;<a href=\"https:\/\/phoenixnap.com\/kb\/how-to-install-apache-web-server-on-ubuntu-18-04\" target=\"_blank\" rel=\"noreferrer noopener\">on installing Apache on Ubuntu<\/a>.<\/p>\n\n\n\n<p>Prerequisites<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A working Apache web server<\/li>\n\n\n\n<li>Access to a terminal window\/command line<\/li>\n\n\n\n<li>Access to a user account with sudo privileges<\/li>\n\n\n\n<li>A text editor, such as&nbsp;<strong>N<\/strong><strong>ano<\/strong>, included by default<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-1\">Step 1: Enable Apache .htaccess<\/h2>\n\n\n\n<p>By default, the .<em>htaccess<\/em>&nbsp;file is not enabled.<\/p>\n\n\n\n<p>1. Open the default host configuration file by entering the following command in the terminal:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/apache2\/sites-available\/default<\/code><\/pre>\n\n\n\n<p>2. Locate the section labeled&nbsp;<strong>&lt;Directory \/var\/www&gt;<\/strong>.<br>In that section, change the&nbsp;<strong><code>AllowOverride None<\/code><\/strong>&nbsp;entry to all:<\/p>\n\n\n\n<p><strong>AllowOverride All<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/htaccess-apache.png\" alt=\"htaccess AllowOverride All command\" class=\"wp-image-76489\"\/><\/figure>\n\n\n\n<p><strong>Save the file<\/strong>&nbsp;and exit.<\/p>\n\n\n\n<p>3. Next,&nbsp;<strong>restart<\/strong>&nbsp;the Apache service:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl apache2 restart<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-2\">Step 2: Create .htaccess File<\/h2>\n\n\n\n<p>Like most Linux software packages, Apache functions on configuration files. The&nbsp;<em>.htaccess<\/em>&nbsp;file is one of these. It works by specifying a setting along with a value.<\/p>\n\n\n\n<p>To create and open the&nbsp;<em>.htaccess<\/em>&nbsp;file for editing, enter:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/var\/www\/my_website.com\/.htaccess<\/code><\/pre>\n\n\n\n<p>Replace&nbsp;<strong>my_website<\/strong>&nbsp;with the name of your actual website. If this file doesn\u2019t exist, your text editor will create it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-3\">Step 3: Restrict Directory Listings<\/h2>\n\n\n\n<p>There may be locations on your server that you want to restrict access to. You can do this by creating a list of usernames and passwords that are authorized to have access.<\/p>\n\n\n\n<p>1. Start by creating a new file,&nbsp;<strong>.htpasswd<\/strong>&nbsp;in a different directory:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/user\/safe_location\/.htpasswd<\/code><\/pre>\n\n\n\n<p>Enter a username and password for each user that you want to create. Make sure to<strong>&nbsp;use strong passwords<\/strong>, and enter only one username\/password pair per line.<\/p>\n\n\n\n<p>Save the file and exit.<\/p>\n\n\n\n<p>2. Next edit .htaccess to&nbsp;<strong>enable authentication<\/strong>:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>AuthUserFile \/user\/safe_location\/.htpasswd\n\nAuthGroupFile \/dev\/null\n\nAuthName \"Please Enter Password\"\n\nAuthType Basic\n\nRequire valid-user<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/htaccess-apache-restric-directory-listing.png\" alt=\"restrict directory listing in apache wit htaccess\" class=\"wp-image-76490\"\/><\/figure>\n\n\n\n<p>Replace&nbsp;<strong>\/user\/safe_location\/htpasswd&nbsp;<\/strong>with the location of your choice. Don&#8217;t store it in the same directory as your web content, for security reasons.<\/p>\n\n\n\n<p><code>AuthUserFile<\/code>&nbsp;&#8211; This sets the location for your .htpasswd file.<\/p>\n\n\n\n<p><code>AuthGroupFile<\/code>&nbsp;&#8211; We&#8217;re not using a group, so this is a placeholder.<\/p>\n\n\n\n<p><code>AuthName<\/code>&nbsp;&#8211; This is the prompt to the user \u2013 you may rephrase if you&#8217;d like.<\/p>\n\n\n\n<p><code>AuthType<\/code>&nbsp;&#8211; Type of authentication used \u2013 don&#8217;t change this.<\/p>\n\n\n\n<p><strong><code>Require valid-user<\/code><\/strong>&nbsp;\u2013 Allows any one of several authorized people to log on. You could change this to&nbsp;<em>Require user new_user<\/em>&nbsp;to restrict access only to someone with the username&nbsp;<em>new_user<\/em>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-4\">Manage IP Addresses<\/h2>\n\n\n\n<p>There are many ways you can manage IP addresses:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Allow only specific IPs.<\/li>\n\n\n\n<li>Block specific IP addresses.<\/li>\n\n\n\n<li>Block visitors by the referrer.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"ftoc-heading-5\">Allow IP Addresses<\/h3>\n\n\n\n<p>To allow IP addresses, you can switch the behavior to allow a few designated IP addresses, and block the rest.<\/p>\n\n\n\n<p>Enter the commands:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>order deny, allow \n\nallow from 192.168.0.54\n\nallow from 192.168.0 <\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/htaccess-apache-allow.png\" alt=\"allow ip addresses example\" class=\"wp-image-76492\"\/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"ftoc-heading-6\">Block IP Addresses<\/h3>\n\n\n\n<p>To block IP addresses in&nbsp;<em>htaccess<\/em>, enter:&nbsp;<strong><code>order allow, deny<\/code><\/strong><\/p>\n\n\n\n<p>To block a single IP address, enter this code next:&nbsp;<strong><code>deny from 192.168.0.54<\/code><\/strong><\/p>\n\n\n\n<p>If you leave off the final digit, it will block all IP addresses in the 0 &#8211; 255 range:<\/p>\n\n\n\n<p>For Example:&nbsp;<strong><code>deny from 192.168.0<\/code><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/htaccess-apache-block.png\" alt=\"blocking all ip addresses with htaccess\" class=\"wp-image-76493\"\/><\/figure>\n\n\n\n<p><strong>Note:<\/strong>&nbsp;You can save your .htaccess file after each operation listed below. If you\u2019re done making changes, just&nbsp;<strong>reload<\/strong>&nbsp;your Apache service before testing. Also, when editing the file, it&#8217;s helpful to make comments. Use the # sign to mark a line as a comment, which will let you make notes that the system won\u2019t read as commands.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"ftoc-heading-7\">Block Visitors by Referrer<\/h3>\n\n\n\n<p>You may want to prevent people from being redirected from a specific site to your server. This might be helpful if you want to isolate traffic patterns. You might also use it if you were getting excess server traffic from a questionable source.<\/p>\n\n\n\n<p>Open the&nbsp;<em>.htaccess<\/em>&nbsp;file and add the following block:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>RewriteEngine on\n\n# Options +FollowSymlinks\n\nRewriteCond %{HTTP_REFERER} blockeddomain\\.com &#91;NC]\n\nRewriteRule .* - &#91;F]<\/code><\/pre>\n\n\n\n<p>The&nbsp;<strong><code>NC<\/code><\/strong>&nbsp;option instructs to ignore the upper or lower case so that the rule can&#8217;t be bypassed by entering&nbsp;<em>BlockedDomain.com<\/em>.<\/p>\n\n\n\n<p>If you want to add more domains, note the following:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>RewriteEngine on\n\n# Options +FollowSymlinks\n\nRewriteCond %{HTTP_REFERER} blockeddomain\\.com &#91;NC,OR]\n\nRewriteCond %{HTTP_REFERER} blockeddomain2\\.com\n\nRewriteRule .* - &#91;F]<\/code><\/pre>\n\n\n\n<p>The&nbsp;<strong><code>OR<\/code><\/strong>&nbsp;flag tells the system that you\u2019re not done adding blocked referrers yet. Omit this option on the last entry.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-8\">Redirect Traffic<\/h2>\n\n\n\n<p>You can use the<em>&nbsp;.htaccess<\/em>&nbsp;file to redirect traffic.<\/p>\n\n\n\n<p>Open the file and enter the following:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Redirect301\/Other_Website.com\/index.html\/My_Website.com\/index.html<\/code><\/pre>\n\n\n\n<p>This command takes any traffic that\u2019s searching for&nbsp;<strong>Other_Website.com<\/strong>&nbsp;and redirects it to&nbsp;<strong>My_Website.com<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"ftoc-heading-9\">Set a 404 Page<\/h2>\n\n\n\n<p>You can use the .<em>htaccess<\/em>&nbsp;file to point basic functions to a new location. One example is the&nbsp;<strong>404 page<\/strong>.<\/p>\n\n\n\n<p>1. Open the&nbsp;<em>.htaccess<\/em>&nbsp;file and enter:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ErrorDocument&nbsp;404 \/404.html<\/code><\/pre>\n\n\n\n<p>This line tells the system to look at the website\u2019s content directory for a<em>&nbsp;\/404.html<\/em>&nbsp;file as the error page.<\/p>\n\n\n\n<p>2. Create the 404 page using this command:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano cd \/var\/www\/My_Website.com\/public.html\/404.html<\/code><\/pre>\n\n\n\n<p>This should open the&nbsp;<em>404.htm<\/em>l file in your text editor.<\/p>\n\n\n\n<p>3. Next, add the following code:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;!doctype html&gt;\n\n&lt;html&gt;\n\n&nbsp;&lt;body&gt;\n\n&nbsp;&nbsp; 404 Error: Page not found\n\n&nbsp;&lt;\/body&amp;gt;\n\n&lt;\/html&gt;<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/phoenixnap.com\/kb\/wp-content\/uploads\/2021\/04\/htaccess-apache-page-not-found.png\" alt=\"404 page not found coding setup\" class=\"wp-image-76494\"\/><\/figure>\n\n\n\n<p>This page can now be customized to display any&nbsp;kind of error message you want. You can also customize any other error pages you\u2019d like. Just specify the&nbsp;<strong>ErrorDocument&nbsp;<\/strong>number,&nbsp;for example,&nbsp;<strong>Error 500<\/strong>&nbsp;than point&nbsp;<em>.htaccess<\/em>&nbsp;to the new&nbsp;<em>error.html<\/em>&nbsp;file that you create.<\/p>\n\n\n\n<p>Conclusion<\/p>\n\n\n\n<p>Enabling&nbsp;<strong>.<em>htaccess<\/em><\/strong>&nbsp;can be an incredibly valuable tool for managing your Apache web server.<\/p>\n\n\n\n<p class=\"has-black-background-color has-background\">This guide provides basic commands and settings, with some of the most likely scenarios you might encounter.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>What is an htaccess File? The&nbsp;.htaccess&nbsp;file&nbsp;in Apache is a tool that allows configurations at the directory and subdirectory level. Using .htaccess&nbsp;enables&nbsp;you to configure website permissions without altering server configuration files. This tutorial will show you&nbsp;how to set up and enable&nbsp;htaccess&nbsp;on &hellip; <a href=\"https:\/\/blog.iabsolute.com\/?p=655\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,2],"tags":[],"class_list":["post-655","post","type-post","status-publish","format-standard","hentry","category-apache","category-my-linux"],"_links":{"self":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/655","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=655"}],"version-history":[{"count":1,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/655\/revisions"}],"predecessor-version":[{"id":656,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=\/wp\/v2\/posts\/655\/revisions\/656"}],"wp:attachment":[{"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=655"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=655"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.iabsolute.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=655"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}