For some reason, the .htaccess file is often overlooked by web designers. If you have no idea what the .htaccess file is, I’ll just give you the Wikipedia definition: “A .htaccess (hypertext access) file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration.”

But let’s get to it, here are some of the cool things you can do in your .htacces file.

1. Hotlinking protection with .htaccess

Websites that steal your written content can be quite annoying because they can hurt your Google rankings by creating duplicate content. However there is even worst: websites that steal your content AND don’t even make the effort of downloading images and reuploading it on their server. Loading images from your server is called hotlinking, and it’s a bad practice because it steals some of your precious bandwidth.

To preven people from hotlinking your images, just include the following lines in your htaccess file (obviously replace yoursite.com with your site’s URL.

RewriteBase /
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?yoursite.com/.*$ [NC]
RewriteRule .(gif|jpg|swf|flv|png)$ /feed/ [R=302,L]

2. Prevent directory browsing

While directory browsing can be useful, it can also cause some security problems. To make your site a bit more secure, prevent directory browsing by including this file in your htaccess.

Options All -Indexes

Image credits: Sens interdit by Frédéric Bisson on Flickr.

3. SEO friendly 301 permanent redirects

I’ve used this one very often, pretty much on every site where I changed the URL structure with a redesign or server move. To redirect old pages to their new address in a user-friendly way, use this structure in your htaccess.

Redirect 301 http://www.yoursite.com/article.html http://www.yoursite.com/archives/article

4. Display a custom 404 error page

When a visitor tries to access some page of your site that doesn’t exist anymore, your server will display a page with the message “404 file not found”. Some CMS allow you to set a custom page for those 404 errors, but the easiest way is still to include the following line in your htaccess file.

ErrorDocument 404 /404.html

Image credits: 404 room by Raphaël Gotter on Flickr.

5. Setting the default page of a directory

If for some reason you need the default page of a directory to be different, it’s very easy to do with htaccess. For example, if you want the file default.html to be the default page, just add this line.

DirectoryIndex about.html

6. Block unwanted visitor based on referring domain

Usually webmasters will not block traffic, but if you notice in your stats that some sites are just sending you spammers or trolls, you shouldn’t wait to block them, that would just help you preserve your nerves. Just add the following code to do so.

<IfModule mod_rewrite.c>
RewriteEngine on  RewriteCond %{HTTP_REFERER} spamteam.com [NC,OR]
RewriteCond %{HTTP_REFERER} trollteam.com [NC,OR]
RewriteRule .* – [F]
</ifModule>

7. Specify upload file limit for PHP in htaccess

This one helped me several times when using Drupal on shared hosting, I had to reset upload file limits to allow my clients to upload bigger files and these lines saved me. The first one is maximum file size for uploading, second one is maximum size of the post data , third one is maximum time in seconds a script is allowed to run before it is terminated by the parser and last one is maximum time in seconds a script is allowed to parse input data such as like file uploads, POST and GET data.

php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value max_execution_time 200
php_value max_input_time 200

8. Compress files

Do your users a favor and optimize the loading time of pages by compressing the files you serve on your website, here is an example of how to achieve this.

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

9. Cache files

More website speed optimization by caching files.

<FilesMatch “.(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$”>
Header set Cache-Control “max-age=2592000″
</FilesMatch>

10. Force trailing slash

I cannot prove it, but I’ve read countless time that adding a trailing slash at the end of the URL was good for SEO and page load. If you also believe so just add this code in your htaccess.

<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} /+[^\.]+$
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [R=301,L]
</IfModule>