What is an .htaccess file?

An .htaccess file is a configuration file used by Apache web servers. It lets you control server behaviour for a specific directory — including URL redirects, HTTPS enforcement, access control, custom error pages, and performance rules. It applies to the directory it lives in and all subdirectories.

Where do I put the .htaccess file?

Place the .htaccess file in your website's document root — usually the public_html or www folder on shared hosting. For WordPress sites, it belongs in the same directory as wp-config.php. The rules apply to that directory and everything inside it.

How do I force HTTPS with .htaccess?

Enable the "Force HTTPS" toggle in this tool. The generated rule uses mod_rewrite to check if the connection is not already HTTPS and redirects to the same URL with https://. This results in a 301 permanent redirect that search engines follow and cache.

Will the generated file break my WordPress site?

The generated rules are standard Apache directives. If your WordPress site already has an .htaccess file, add the generated rules above the WordPress block (above the # BEGIN WordPress comment). Do not replace the entire file — WordPress needs its own rewrite rules to function.

What is hotlink protection in .htaccess?

Hotlink protection blocks other websites from directly linking to your images, which would use your server bandwidth without permission. The rule checks the HTTP Referer header and returns a 403 Forbidden response to requests from domains other than your own.

Does this tool send my configuration to a server?

No. All .htaccess generation happens entirely in your browser using JavaScript. Nothing is sent to any server. Your configuration never leaves your device.

Free Apache Config Builder

Generate Your
.htaccess File

Build a production-ready Apache .htaccess configuration in seconds. Toggle rules on or off, add custom redirects, and copy the result — no Apache expertise needed.

🔒

HTTPS & Redirects

Force HTTPS, add or remove www, and create 301/302 redirect rules for any path.

⚡

Performance Rules

Enable gzip compression and set browser caching expiry for images, CSS, and JS.

🛡️

Security Hardening

Add X-Frame-Options, block bad bots, enable hotlink protection, and disable directory listing.

HTTPS & Domain

Force HTTPS

Redirect all HTTP traffic to HTTPS (301)

WWW Redirect

Disable Directory Listing

Hide folder contents — prevents visitors from browsing files

Error Pages

Custom Error Pages

Set custom HTML paths for 4xx and 5xx errors

.htaccess Output

.htaccess

# Generated by htaccess-generator.tools.jagodana.com
# .htaccess Configuration File

# Disable directory listing
Options -Indexes

# Force HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# Gzip Compression
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css
  AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
  AddOutputFilterByType DEFLATE application/json application/xml application/xhtml+xml
  AddOutputFilterByType DEFLATE image/svg+xml application/rss+xml
</IfModule>

# Browser Caching
<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/jpeg "access plus 1 year"
  ExpiresByType image/png "access plus 1 year"
  ExpiresByType image/webp "access plus 1 year"
  ExpiresByType image/gif "access plus 1 year"
  ExpiresByType image/svg+xml "access plus 1 year"
  ExpiresByType image/x-icon "access plus 1 year"
  ExpiresByType text/css "access plus 1 month"
  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"
  ExpiresByType application/pdf "access plus 1 month"
  ExpiresByType text/html "access plus 0 seconds"
</IfModule>

# Security Headers
<IfModule mod_headers.c>
  Header always set X-Frame-Options "SAMEORIGIN"
  Header always set X-Content-Type-Options "nosniff"
  Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

All rules are generated in your browser. Nothing is sent to a server.

Frequently Asked Questions

Everything you need to know about .htaccess Generator.

Generate Your.htaccess File