On this article, we will be explaining how you can use .htaccess file to redirect your URL and how you can protect the back end of your CMS Sites like, WordPress and Joomla.
So whether you are new or experienced to web hosting, if there is a need to change the configuration of your website running on an Apache web server - with or without root access to server configuration files - and you want to use an .htaccess file to make those requests, then the guide below may help you.
But what exactly is .Htaccess file?
"An .htaccess file is a directory-level configuration file supported by several web servers, used for the configuration of website-access issues, such as URL redirection, URL shortening, access control, and more. The 'dot' before the file name makes it a hidden file in Unix-based environments." - Wikipedia
In shared hosting, as said previously, you may need to use an .htaccess file once in a while as the need arises, to make configuration changes to your server. Below are just some examples you can use to fix your site redirect issues, improving at the same time, your online presence.
Say you need help with 301 redirect from subdomain to root domain:
To redirect users to another page and prevent them from accessing a specific directory (e.g., "folder"), you can add the following code to your .htaccess file:
RewriteEngine On RewriteCond %{REQUEST_URI} ^/folder/$ RewriteRule ^(.*)$ https://yourdomain.com [R=301,L]
This code does the following:
RewriteEngine On
: Enables the rewrite engine for the server.RewriteCond %{REQUEST_URI} ^/folder/$
: Checks if the URL path is exactly/folder/
.RewriteRule ^(.*)$ https://yourdomain.com [R=301,L]
: Redirects tohttps://yourdomain.com
with a permanent (301) status code.
To redirect requests for "subdomain.example.com/uri to example.com/uri" you can use:
RewriteEngine on RewriteCond %{HTTP_HOST} ^subdomain.example.com$ RewriteRule ^(.*)$ http://example.com/$1 [R=301,L]
To redirect requests for "subdomain.example.com/uri to example.com/"
RewriteEngine on RewriteCond %{HTTP_HOST} ^subdomain.example.com$ RewriteRule ^(.*)$ http://example.com/ [R=301,L]
To redirect requests for "olddomain.com/uri to newdomain.com/"
RewriteEngine On RewriteCond %{HTTP_HOST} ^olddomain.com [NC,OR] RewriteCond %{HTTP_HOST} ^www.olddomain.com [NC] RewriteRule ^(.*)$ http://newdomain.com/ [L,R=301,NC]
To redirect requests for "olddomain.com/uri to newdomain.com/uri"
RewriteEngine On RewriteCond %{HTTP_HOST} ^olddomain.com [NC,OR] RewriteCond %{HTTP_HOST} ^www.olddomain.com [NC] RewriteRule ^(.*)$ http://newdomain.com/$1 [L,R=301,NC]
To redirect from old domain with sub-directory to new domain w/o sub-directory including full path and query string
Options +FollowSymLinks RewriteEngine On RewriteCond %{REQUEST_URI} ^/subdirname/(.*)$ RewriteRule ^(.*) http://www.newdomain.com/%1 [R=302,NC]
How to force SSL with .htaccess
RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [L,R=301]
As a web administrator of a CMS site like WordPress or Joomla, one of the simplest things you can do to protect your website is to lock down the "administrator" directory – to reject all access to it except from you.
How to protect your WordPress Admin page with .htaccess
Here we are explaining how you can do just that by sipmply using .htaccess.
If you are using internet with static IP Address or you have no problems modifying your .htaccess file very often if your IP Address is dynamic, then the code below may help you.
All you will need to do is to add the code on the top of the .htaccess file that came with your WordPress folder. Some people may suggest you to create a blank .htaccess file with the code and place it inside your wp-admin folder. Do not do it that way, for it may not work as expected.
<Files wp-login.php> order deny,allow Deny from all allow from xx.xx.xx.xx.xxx </Files>
How to protect your Joomla Admin page with .htaccess
Unlike WordPress where the suggestion is to add the code inside an existing .htaccess file located on the main folder, for Joomla, you will need to create a fresh .htaccess file that will be uploaded inside your administrator folder.
The process in creating the .htaccess file is very simple.
Create a blank text file with your Notepad and save it as .htaccess – that is. Open the file and add the following code. Please note, you must save the file with "dot" before htaccess.
<Files .htaccess> order allow,deny deny from all </Files> <Limit GET> Order Deny,Allow Deny from all Allow from xx.xx.xx.xx.xxx </Limit>
Note:
Don't forget to replace the "XXX" with your IP Address.