Certified Wordpress Developer The .htaccess file

The .htaccess file

A .htaccess (hypertext access) file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration.

The original purpose of .htaccess - reflected in its name - was to allow per-directory access control, by for example requiring a password to access the content. Nowadays however, the .htaccess files can override many other configuration settings including content type and character set, CGI handlers, etc.

These files are placed inside the web tree, and are able to override a subset of the server's global configuration for that directory, and all sub-directories

The .htaccess file is another very important file to your blog even if you didn’t change it manually. This file is responcible for allowing you create a nice URL structure in your blog via Permalinks and one that is REQUIRED to have proper information in it in order for the Permalinks to work.

Good indication that something happened to your .htaccess file is if you get 404 Error when trying to click on Post Links.
This is also true for bloggers who have previously had MS Frontpage extensions enabled on their domain and then decided to go with WordPress blog. Your host writes into that file in order to enable Front Page and WordPress generally fails to overwrite it, if it already exists.

If symptoms described above fit your problems – open .htaccess file for editing and make sure that following code is in it and add if not replacing everything else:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

.htaccess files (or “distributed configuration files”) provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof.

“Directives” is the terminology that Apache uses for the commands in Apache’s configuration files. They are normally relatively short commands, typically key value pairs, that modify Apache’s behavior. An .htaccess file allows developers to execute a bunch of these directives without requiring access to Apache’s core server configuration file, often named httpsd.conf. This file, httpsd.conf, is typically referred to as the “global configuration file” and I will refer to it with that name or its short filename equivalent.

This feature is ideal for many hosting companies deploying a shared hosting environment. The hosting company will not allow its customers to access the global configuration file, which ultimately affects all of the customers hosted on that server. Instead, by enabling .htaccess, they give each of their customers the power to specify and execute their own Apache directives in their own directories and subdirectories. Of course it’s also useful to the single developer, as you will see.

It’s worth mentioning that anything that can be done with a .htaccess file can be done in the httpsd.conf file. However, NOT everything that can be done in httpsd.conf can be done in a .htaccess file. In fact .htaccess files must be enabled in the httpsd.conf file in order to be executed at all. Once enabled,their power can be limited to certain “contexts” so that they may be allowed to override some settings but not others. This gives the system administrators more control over what they let other developers get away with in their .htaccess files.

Enabling .htaccess:
.htaccess files are normally enabled by default. This is actually controlled by the AllowOverride Directive in the httpsd.conf file. This directive can only be placed inside of a section. Don’t let this confuse you. The typical httpsd.conf file defines a DocumentRoot and the majority of the file will contain Directives inside a section dealing with that directory. This includes the AllowOverride directive.

The default value is actually “All” and thus .htaccess files are enabled by default. An alternative value would be “None” which would mean that they are completely disabled. There are numerous other values that limit configuration of only
certain contexts. Some are:

  • AuthConfig – Authorization directives such as those dealing with Basic Authentication.
  • FileInfo – Directives that deal with setting Headers, Error Documents, Cookies, URL Rewriting, and more.
  • Indexes – Default directory listing customizations.
  • Limit – Control access to pages in a number of different ways.
  • Options – Similar access to Indexes but includes even
  • more values such as ExecCGI, FollowSymLinks, Includes and more.
 For Support