Skip to content

Htaccess Generator

Build an Apache .htaccess file with toggles for HTTPS, www redirects, error pages, IP blocks, gzip, cache headers, and custom rules.

The short version

Toggle what you want, copy the result, paste it into a file named .htaccess at your site root. Done.

This builder covers the rules people actually reach for: HTTPS enforcement, the eternal www-versus-non-www argument, custom 404/403/500 pages, IP blocking, gzip, browser caching, and one-off redirects. Each option maps to a real Apache directive wrapped in an IfModule guard, so a missing module won’t take your whole site down with a 500.

Under the hood

Three things every Apache config gets wrong at least once.

HTTPS redirects. The rule here checks %{HTTPS} off and bounces the request to the same host and URI over https://, with a 301 so search engines update their index. No hardcoded domain. Move the file between staging and production and it keeps working.

The www toggle. Pick a direction. “www → non-www” strips the prefix using a backreference (%1), so www.shop.io/cart lands on shop.io/cart cleanly. “non-www → www” does the reverse. Leave it off and Apache won’t touch the host at all. Run only one direction. Set both and browsers will hit a redirect loop until they give up.

Blocking IPs. Output uses Apache 2.4 syntax: a RequireAll block that grants everyone, then adds Require not ip lines. Paste single addresses like 203.0.113.5 or CIDR ranges like 198.51.100.0/24, one per line or comma-separated. If you’re still on Apache 2.2, the old Order/Deny syntax is different and this won’t apply cleanly.

The gzip block adds DEFLATE filters for HTML, CSS, JS, JSON, SVG, and XML. Cache headers use mod_expires with a per-type access plus N days window, and HTML deliberately gets 0 seconds so your pages never go stale while assets stay cached.

When you’d use this

You bought a domain on shared hosting, cPanel only, no shell. The .htaccess file is the one knob you’ve got. You need HTTPS on, the www variant redirecting to your canonical host, and a branded 404 instead of Apache’s gray default. That’s four toggles here.

Or you’re migrating URLs. Twelve old blog paths need to point at their new homes before Google notices the 404s pile up. Add a redirect row per path, 301 is baked in, copy the block.

Static asset caching is the other big one. By default Apache sends no Expires header, so browsers re-request your logo on every page load. Flip the cache toggle, set 30 days, and repeat visitors stop hammering the server for files that haven’t changed since 2024.

A word on order

Directives in .htaccess mostly run top to bottom, and mod_rewrite rules are sensitive to it. This generator puts the HTTPS redirect before the www redirect on purpose: you want the protocol fixed first, then the host. Reorder the output by hand and you can create a double redirect, which is slow and occasionally loops. If you’re hand-editing afterward, keep the rewrite block intact.

FAQ

Where does the file go? The document root of your site, named exactly .htaccess with the leading dot. One per directory, and rules cascade down into subfolders.

Will this work on Nginx? Nope. Nginx doesn’t read .htaccess at all. These directives are Apache-only. You’d translate them into server block config instead.

My redirect isn’t firing. Why? Usually AllowOverride. Shared hosts enable it, but a self-managed Apache often defaults to None, which makes Apache ignore .htaccess entirely. Check your vhost config or the main apache2.conf.

Is anything sent to a server? No. The whole thing runs in your browser. Nothing you type leaves the page, so you can drop real IPs and internal paths in without worry.

Can I edit the output after copying? Yep, it’s plain text. Tune the cache durations, add your own Header lines, whatever. The generator just gives you a clean, correctly-ordered starting point.

htaccess apache redirect https webserver

Related Tools

More in Developer Tools