Generate Apache .htaccess rules for HTTPS redirects, www/non-www, security headers, browser caching, directory protection and more.
An .htaccess (hypertext access) file is a directory-level configuration file used by the Apache HTTP Server - the web server powering an estimated 31% of all websites globally as of 2024. Placed in any directory, .htaccess rules are read by Apache on every request without requiring a server restart, making them the fastest way to configure redirects, access control, URL rewriting, and security headers without touching httpd.conf directly.
India had over 1.2 million registered web developers as of 2023, and a significant proportion host websites on shared cPanel-based hosting (providers like Hostinger India, BigRock, and MilesWeb) where root-level Apache configuration is unavailable. For these developers, .htaccess is the primary tool for enforcing HTTPS redirects, blocking bad bots, setting browser cache lifetimes, protecting directories with passwords, and implementing SEO-friendly clean URLs for PHP and WordPress sites. Indian e-commerce shops on shared hosting use .htaccess hotlink protection to prevent image bandwidth theft.
Select the rules you need - HTTPS enforcement, www/non-www canonicalisation, custom error pages, cache control headers, CORS settings, security headers, and more - and this tool assembles a correctly formatted .htaccess file ready to upload via FTP or cPanel File Manager. Always test generated rules on a staging environment before applying to a live site.
RewriteEngine On, RewriteCond %{HTTPS} off, RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]. This performs a 301 permanent redirect from all HTTP URLs to HTTPS. If your site is behind a load balancer or CDN (like Cloudflare), use RewriteCond %{HTTP:X-Forwarded-Proto} !https instead. This rule is generated automatically by this tool's HTTPS toggle.AuthType Basic, AuthName "Protected Area", AuthUserFile /absolute/path/to/.htpasswd, Require valid-user; (2) .htpasswd with the encrypted password generated using the Apache htpasswd utility or an online htpasswd generator. The path in AuthUserFile must be an absolute server path - use phpinfo() to find the document root. This generator creates the .htaccess content; generate .htpasswd separately.