.htaccess Generator
Developer ToolsGenerate an Apache .htaccess file for your website. Force HTTPS, configure www redirects, add 301 redirect rules, and set custom error pages — download ready.
What is a .htaccess?
An .htaccess file is a per-directory configuration file used by Apache web servers — the technology powering the majority of shared hosting plans, WordPress hosts, and cPanel-based environments. Placed in your website's root directory, it applies server-level rules that affect every request to your site: enforcing HTTPS, redirecting between www and non-www versions, setting up permanent redirects for changed URLs, adding custom error pages, and protecting your images from hotlinking.
The .htaccess Generator creates this file from a form interface, producing syntactically correct Apache configuration that can be uploaded directly to your server. Writing .htaccess rules by hand is error-prone: a missing backslash in a regex, an incorrect flag in a rewrite rule, or a path that does not start with / will either silently do nothing or — in the worst case — return a 500 Internal Server Error for your entire website.
The most common and most important use is HTTPS enforcement. Having an SSL certificate installed makes HTTPS available, but it does not redirect HTTP traffic automatically. Users who visit http://yoursite.com or click an old HTTP link land on the insecure version unless a redirect rule is in place. The generator adds a RewriteCond %{HTTPS} off check and a 301 redirect that sends all HTTP traffic to the HTTPS equivalent with zero configuration required on your part.
URL canonicalisation — choosing one definitive form for your domain — is the second major use. Search engines treat example.com and www.example.com as separate URLs. Without a redirect, content appears at two URLs simultaneously, splitting link equity and potentially creating duplicate content flags. The generator lets you enforce either form with a single selection.
Use this alongside robots.txt Generator and Sitemap.xml Generator to complete the full technical foundation of a new website deployment.
How to use this .htaccess calculator
- Toggle Force HTTPS on if your server has an SSL certificate installed — this adds a RewriteRule that 301-redirects all
http://requests tohttps://. - Choose your WWW Preference — select Force www to always serve
www.example.com, Force non-www to always serveexample.com, or No preference to leave both accessible (not recommended for SEO). - Enter your 301 Redirects in the text area — one per line in the format
old-path https://example.com/new-path/. Old paths are relative (start with/); new URLs must be absolute (start withhttps://). - Toggle Custom Error Pages on to add
ErrorDocumentdirectives that serve your custom 404 and 500 HTML pages — ensure those files exist at/404.htmland/500.htmlbefore enabling this. - Toggle Hotlink Protection on if you want to block other sites from embedding your images. Enter your Site Domain in the format
example.com(nohttps://, no trailing slash) — the rule allows image requests from your own domain while blocking others. - Copy the .htaccess Content from the output box. If you already have an
.htaccessfile, append the relevant sections above your existing rules. If starting fresh, save the output as.htaccessand upload to your website root directory.
Formula & Methodology
The generator assembles Apache directives in a specific order to prevent rule conflicts. Rules are grouped into sections, each preceded by a comment:apache RewriteEngine On # Force HTTPS RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # Force non-www RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC] RewriteRule ^(.*)$ https://%1%{REQUEST_URI} [L,R=301] # 301 Redirects Redirect 301 /old-page/ https://example.com/new-page/ # Custom Error Pages ErrorDocument 404 /404.html ErrorDocument 500 /500.html # Hotlink Protection RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^https?://(www\.)?example\.com [NC] RewriteRule \.(jpg|jpeg|png|gif|webp|svg)$ - [F,NC]Key flags explained: -[L]— Last rule; stop processing further RewriteRules after this one -[R=301]— Return HTTP 301 (Permanent Redirect) to the client -[NC]— No Case — match regardless of upper/lower case -[F]— Forbidden — return 403 to the client -%{HTTP_HOST}— the domain name from the request header -%1— backreference to the first capture group in the precedingRewriteCondThe hotlink protectionRewriteCond %{HTTP_REFERER} !^$line allows direct browser access (no referer header) while blocking cross-site image embeds. Your domain's dots are escaped (\.) in the regex to prevent them from matching any character.
Frequently Asked Questions