Apache .htaccess Generator

An .htaccess file is a per-directory Apache configuration override. It uses the same directive syntax as the main httpd.conf but applies only to its directory and descendants. Common uses: URL rewriting (mod_rewrite), redirects, basic auth, custom error pages, and content-type overrides.

This generator builds .htaccess snippets for common scenarios. The output expects mod_rewrite, mod_headers, and mod_expires to be enabled — they usually are on shared hosting.

Apache's per-directory override mechanism dates to NCSA HTTPd in the early 1990s. The filename `.htaccess` is configurable via the AccessFileName directive but is conventionally fixed. When AllowOverride is enabled, Apache checks for .htaccess in every parent directory on every request — a real performance cost on busy servers. The directives processed depend on AllowOverride flags: AuthConfig (auth directives), FileInfo (mime, headers, redirects), Indexes (directory listing), Limit (Allow/Deny), Options (server features), and All (everything). Most shared hosts default to AllowOverride All for tenant flexibility.

A worked example: forcing HTTPS and stripping the `www.` prefix: ``` RewriteEngine On RewriteCond %{HTTPS} off [OR] RewriteCond %{HTTP_HOST} ^www\. [NC] RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC] RewriteRule ^ https://%1%{REQUEST_URI} [R=301,L] ``` This fires when the request is HTTP or hosts with `www.`, captures the bare host, and redirects to HTTPS without `www`. The [L] flag stops further rules from firing on the same request; [R=301] makes it a permanent redirect (for SEO).

Limitations: .htaccess is Apache-specific. Nginx, Caddy, and IIS each have their own configuration model — none accept .htaccess directly. Some managed hosts restrict which directives they allow, blocking things like Options +FollowSymLinks for security. Misconfigured .htaccess yields 500 Internal Server Error with no specific message — debug by progressively commenting out rules. Performance: Apache reads .htaccess on every request when AllowOverride is enabled, walking up the directory tree. On high-traffic sites, moving rules to the main config and disabling overrides yields a measurable 5–15% improvement. For new projects, prefer Nginx or move rules into the main Apache config from the start.