.htaccess Generator
Generate htaccess rules for 301 redirects, rewrite URL, HTTPS, caching, and WordPress. Copy or download the file instantly.
The .htaccess Generator builds a ready-to-upload Apache configuration file covering 301/302 redirects, force HTTPS, www/non-www canonicalisation, custom error pages, browser cache headers, IP blocking, and GZIP compression. Toggle the sections you need, fill in your URLs or IPs, and the live preview shows the exact rules Apache will execute. Download the file, drop it in your document root, and the rules take effect on the next request with no server restart.
About .htaccess Generator
Available Rule Sections
| Section | What It Does | Typical Use Case |
|---|---|---|
| 301 Redirect | Permanently redirects one URL to another | Moving a page to a new location, preserving SEO value |
| 302 Redirect | Temporarily redirects one URL to another | Maintenance pages, A/B testing |
| Force HTTPS | Redirects all HTTP requests to HTTPS | After installing an SSL certificate |
| WWW prefix | Forces www or non-www version of the domain | Consistent URLs for SEO (pick one and stick with it) |
| Custom error pages | Shows custom HTML pages for 404, 403, and 500 errors | Branded error pages instead of default Apache messages |
| Cache control | Sets browser cache expiry headers by file type | Improving page load speed by caching static assets |
| IP blocking | Denies access from specific IP addresses | Blocking spam bots, restricting staging site access |
| GZIP compression | Compresses text-based responses (HTML, CSS, JS) | Reducing bandwidth and improving load times |
How to Use the Generator
| Step | Action |
|---|---|
| 1. Toggle sections | Enable only the features you need |
| 2. Fill in values | Enter URLs, IP addresses, file types, or error page paths |
| 3. Preview | The .htaccess output updates in real time as you make changes |
| 4. Copy or download | Copy to clipboard or download as a .htaccess file |
| 5. Upload to server | Place the file in your website's document root via FTP, SFTP, or hosting panel |
Common .htaccess Configurations
| Scenario | Sections to Enable |
|---|---|
| New WordPress site | Force HTTPS + WWW prefix + Cache control + GZIP |
| Domain migration | 301 Redirects (old URLs to new URLs) |
| Staging environment lockdown | IP blocking (allow only your office/home IP) |
| Performance optimisation | Cache control + GZIP compression |
| Custom branding | Custom error pages (404, 403, 500) |
| Temporary maintenance | 302 Redirect to maintenance page |
Cache Control Settings
Browser caching tells visitors' browsers to store static files locally, so repeat visits load faster. The generator lets you set expiry times for different file types:
| File Type | Recommended Expiry | Why |
|---|---|---|
| Images (jpg, png, gif, svg, webp) | 1 year | Images rarely change; long cache saves the most bandwidth |
| CSS stylesheets | 1 month | Changes with design updates, but not frequently |
| JavaScript files | 1 month | Bundled JS changes with deployments |
| Fonts (woff, woff2) | 1 year | Font files almost never change |
| HTML pages | No cache or short (1 hour) | Content changes frequently; stale HTML causes confusion |
.htaccess vs Server Config
| Aspect | .htaccess | httpd.conf / VirtualHost |
|---|---|---|
| Requires server restart | No - changes take effect immediately | Yes - requires Apache reload |
| Performance | Checked on every request (slight overhead) | Loaded once at startup (faster) |
| Access required | FTP/file manager only | Root or sudo access |
| Shared hosting | Works (this is the main use case) | Usually not accessible |
| Scope | Per-directory and subdirectories | Server-wide or per virtual host |
If you have root access to your server, placing rules in the virtual host config is slightly more performant. But for shared hosting or when you only have FTP access, .htaccess is the standard approach and works perfectly for most sites.
Important Notes
| Note | Details |
|---|---|
| File name | The file must be named exactly .htaccess (with the leading dot, no extension) |
| Hidden file | The leading dot makes it hidden on macOS and Linux - use ls -a to see it |
| Apache only | .htaccess is for Apache web servers, not Nginx, Caddy, or IIS |
| AllowOverride | The server's main config must have AllowOverride All for .htaccess rules to work |
| Syntax errors | A single syntax error in .htaccess will cause a 500 Internal Server Error for the entire site |
If your .htaccess uses complex rewrite rules, test the regex patterns with the Regex Tester. For scheduling server tasks alongside your config, try the Cron Expression Builder. The generator runs entirely in your browser with no server-side processing.
Why Apache Still Matters in 2026
Apache remains one of the three dominant web servers on the internet, so .htaccess knowledge is still a core skill for anyone running a site. According to W3Techs data from April 2026, Apache is the third most-used web server at 23.7% of all websites, behind Nginx at 32.7% and Cloudflare at 27.7%. Netcraft's May 2025 survey placed Apache at 15.3% of active sites and 17.83% of the top million busiest sites. Shared hosting providers almost universally ship Apache with mod_rewrite enabled, which is why .htaccess continues to be the standard way to configure redirects, caching, and access control on budget hosting plans where root access is not available.
How the Rewrite Engine Processes Rules
Apache processes rules in per-module order, not the line order of the file. mod_rewrite directives (RewriteRule, RewriteCond) are evaluated separately from mod_alias directives (Redirect, RedirectMatch), and mixing them in the same file often produces surprising results. The official Apache HTTP Server documentation recommends picking one module and sticking with it: use mod_alias for simple one-to-one URL changes, and mod_rewrite when you need regular expressions, conditional checks on headers or IPs, or internal rewrites. This generator uses mod_rewrite for HTTPS and www handling (where conditionals are required) and mod_alias Redirect directives for individual URL redirects, which keeps the output predictable.
Worked example: forcing HTTPS on a site with both www and non-www traffic. Enable "Force HTTPS" and "Force WWW" in the generator. The output places the HTTPS rewrite first, followed by the www rewrite, both with [L,R=301] flags. A request to http://example.com/page hits the HTTPS rule, redirects to https://example.com/page, then on the next hit matches the www rule and redirects again to https://www.example.com/page. Two redirects in a chain is acceptable for canonicalisation, but if you want a single hop you can combine the conditions into one rule at the server level.
Status Code Reference for Redirects
| Code | Meaning | When to Use | SEO Impact |
|---|---|---|---|
| 301 | Moved Permanently | URL structure change, domain migration, canonical HTTPS/www | Passes full link equity to the new URL; browsers cache aggressively |
| 302 | Found (Temporary) | A/B tests, maintenance pages, geo redirects | Google eventually treats long-lived 302s as 301, but do not rely on it |
| 307 | Temporary Redirect | Same as 302 but preserves the HTTP method (POST stays POST) | Rarely needed for static sites; important for APIs |
| 308 | Permanent Redirect | Modern equivalent of 301 that preserves the HTTP method | Same SEO effect as 301; supported by all modern browsers |
| 410 | Gone | Content permanently removed with no replacement | Faster de-indexing than a 404; use for deleted pages you never want crawled again |
Apache's official redirect guide recommends testing new redirects with 302 first, verifying the destination is correct, then switching to 301 once confirmed. A misconfigured 301 is hard to undo because browsers and intermediate caches remember it for weeks.
Common Mistakes and How to Avoid Them
| Mistake | Symptom | Fix |
|---|---|---|
| Uploading with a .txt extension | Rules silently ignored | File must be named exactly .htaccess with the leading dot and no extension |
| Mixing Redirect and RewriteRule | Only some rules fire, order feels random | Use RewriteRule for everything once you have any RewriteRule in the file |
| AllowOverride None on the server | .htaccess file is there but has no effect | Server config must set AllowOverride All or enable the specific override classes you need (FileInfo for redirects, Indexes for directory listings) |
| Redirect chains | Slow page loads, crawl budget waste | Always redirect old URLs directly to the final destination, not through intermediate hops |
| Aggressive caching on HTML | Users see stale pages for hours or days | Cache HTML for 0 or 1 hour; cache images, CSS, JS, fonts for longer |
Missing L flag | Multiple rules process, unexpected results | Add [L] (Last) to stop rewrite processing once a rule matches |
| Syntax error in a directive | Entire site returns 500 Internal Server Error | Test in a staging directory first, or keep a known-good backup you can restore via FTP in under a minute |
AllowOverride Classes Explained
Apache's AllowOverride directive controls which .htaccess directives the server will honour. Setting AllowOverride All in the main server config is the simplest approach but also the most permissive. The Apache documentation defines five override classes that can be combined for a stricter setup:
| Override Class | Controls | Needed For |
|---|---|---|
| AuthConfig | Authentication directives (AuthType, Require, AuthName) | Password-protecting directories |
| FileInfo | Redirects, rewrites, MIME types, error documents, headers | Most of this generator's output (301 redirects, HTTPS, cache headers, error pages) |
| Indexes | Directory indexing options | Enabling or disabling directory listings |
| Limit | Legacy access control (Allow, Deny, Order) | IP blocking on Apache 2.2 - use Require on 2.4+ |
| Options | Options directive and filter chain | Enabling FollowSymlinks for mod_rewrite |
For the rules this generator produces, AllowOverride FileInfo Options=FollowSymLinks is usually sufficient. Shared hosting providers typically enable AllowOverride All by default, so most users do not need to change anything.
Alternatives on Other Web Servers
.htaccess is Apache-specific. If your site runs on a different server, these are the equivalent approaches:
| Server | Equivalent Approach | Reload Required |
|---|---|---|
| Nginx | Rules go in the main nginx.conf or a site-specific file in sites-available | Yes - nginx -s reload after changes |
| Caddy | Caddyfile with automatic HTTPS via Let's Encrypt built in | Yes - caddy reload |
| IIS | web.config XML file (per-directory, similar to .htaccess) | No - applies immediately |
| Cloudflare Pages / Netlify / Vercel | Platform-specific redirect files (_redirects, vercel.json, netlify.toml) | No - deploys on push |
| Cloudflare Workers | JavaScript edge functions running before origin requests | No - deploys via Wrangler CLI |
If you are migrating from Apache to Nginx, the rules in the generated .htaccess will not copy over directly. Nginx has an equivalent for most directives but uses different syntax (return 301 instead of Redirect 301, rewrite instead of RewriteRule). Tools like slug patterns and regex remain transferable.
Sources
- Apache HTTP Server 2.4 - .htaccess Tutorial
- Apache HTTP Server 2.4 - Core Directives (AllowOverride)
- Apache HTTP Server 2.4 - Override Class Index
- Apache HTTP Server 2.4 - Redirecting and Remapping with mod_rewrite
- W3Techs - Apache Usage Statistics, April 2026
- Netcraft - May 2025 Web Server Survey
- MDN - HTTP 301 Moved Permanently
Frequently Asked Questions
What is an .htaccess file?
An .htaccess file is a configuration file used by the Apache web server to apply rules on a per-directory basis without editing the main server configuration. It can control redirects, URL rewriting, access restrictions, caching headers, and more.
Will these rules work on any web server?
No. The rules generated by this tool are specific to the Apache HTTP Server with mod_rewrite and mod_headers enabled. They will not work on Nginx, IIS, or other web servers, which use different configuration syntax.
Can .htaccess rules slow down my site?
Apache checks for .htaccess files in every directory on each request, so heavy use can add overhead compared to putting the same rules in the main server configuration. For most sites the impact is negligible, but high-traffic sites should consider moving rules into the virtual host config.
How do I use the generated file?
Download or copy the generated rules and save them in a file named ".htaccess" (note the leading dot) in your website's document root. Upload the file to your server via FTP, SFTP, or your hosting control panel. The rules take effect immediately without a server restart.
Related Tools
Link to this tool
Copy this HTML to link to this tool from your website or blog.
<a href="https://toolboxkit.io/tools/htaccess-generator/" title=".htaccess Generator - Free Online Tool">Try .htaccess Generator on ToolboxKit.io</a>