Master .htaccess WordPress Controls

Master .htaccess WordPress Controls

Most web developers will know about the magic of the .htaccess WordPress file and perhaps some of what it can do. In today’s post I’m going to start of with some of the basics but then show you a whole world of things that you can do with this little text file. All of the tips are specifically targeted for WordPress users, so grab your coffee and get ready to learn some cool tricks.

Some Background For The Uninitiated

The .htaccess file is supported by many Unix / Linux based web servers, the most popular of which is the Apache server. If you’re not sure which server software your hosting company uses you can ask their support team and they will happily tell you.

You can also do a bit of sleuth work if you like, there are probably a few ways to do this but one quick thing that I do is put a simple PHP file on the server with this line in it:

<?PHP phpinfo(); ?>

Name the file something like test.php then access this file with your web browser (eg YourDomain.com/test.php) among (a lot of ) other things if you browse the output that this generates you will get some clues about which web server your running on. Below is a quick screen shot of one of my setups, the “Apache 2.0 Handler” line gives away that it’s the Apache web server.

php-info

Quiet simply the .htaccess is a plain text file that is placed via ftp on your web server to add various controls. If you’re new to this pay special attention to the name of the file, there is a period ‘.’ at the start of the file name.

If you’re using ftp to access your web server you can make changes to this file directly on the server or you could make changes to it locally and then upload it.

One final tip of beginners if this is all a bit new to you, in your FTP program you may have ask it to show hidden files, so you can actually see the .htaccess file. The period at the start of the filename tells the server that this should be a hidden file.

Whoops, Something Went Wrong!

Before we get into the various commands we are going to discuss today, a quick word about when things go wrong. If you mistype one of the commands or use one that is not supported by your particular hosting company you will get this response when you try to access your site.

“HTTP Error 500 Internal server error”.

Don’t get too fussed by this, just back out the last change you did and upload the .htaccess file again and you’ll fix it. Obviously it’s best to do all of this before you website is live to the world.

So with that all out of the way let’s look at what we can do with .htaccess

The WordPress Default Setup

If you’re working on an existing WordPress site you will see that there is already a .htaccess WordPress file in place in most cases and it will have something like this in it, be sure to leave this in place when adding or trying all of these new commands.


# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

The Controls – A.K.A. The Good Stuff :)

Ok, so let’s look at a number of these, for each of them I’ll show you the code that needs to be added to your .htaccess file and a short explanation of what it does.

Allow larger files to be uploaded


php_value post_max_size 20M
php_value upload_max_filesize 20M

If you’d like to increase the upper limit for files to be uploaded this will do the trick, the value at the end (20) is the size in (M) Mb. So in this case it will allow files (eg PDF, images etc.. ) up to 20MB to be uploaded via your WordPress media library or perhaps via an upload on a form on the front end of your site.

Allow more memory for php files to consume

This one is invaluable for WordPress sites as you grow and use more plugins. It’s a common error that newer users experience. Their site is working file, they then install a larger plugin that has bigger demands on the server and the whole site will fail to load – “the dreaded WordPress white screen”.

Often this fix is as simple as increasing the memory that PHP has available, drop this line in your .htaccess file.


php_value memory_limit 128M

You have to be a little careful with this one, go too far and often you’ll hit the limit that your hosting company finds acceptable and you’ll get an HTTP 500 error.

Show your PHP execution errors

Some hosting setups will mute the output of PHP errors, which makes it hard if your programming some changes to your site’s theme or other PHP files. This will allows you to toggle the output of PHP errors


php_value display_errors on

You probably want to set it to “off” when you’re done though…

Enable browser caching

You can use .htaccess to instruct your visitor’s web browser that they should store / cache your media for a longer period of time. If you’re familiar with things like Google page speed, this is one of things you’ll commonly see recommended there to improve performance.


## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
# Good for one month
ExpiresByType image/jpeg A2592000
ExpiresByType image/gif A2592000
ExpiresByType image/png A2592000
ExpiresByType image/x-icon A2592000
ExpiresByType text/plain A2592000
ExpiresByType image/svg+xml A2592000

# Good for one week
ExpiresByType application/x-javascript M604800
ExpiresByType text/css M604800
ExpiresByType text/html M604800
ExpiresDefault A2592000
</IfModule>
## EXPIRES CACHING ##

Redirect URLs

This one is really handy, particularly if your building a new WordPress site that replacing an older site. To ensure that visitors who might have the old URL bookmarked or for pages that have been indexed in Google you can create a redirect to the new URL in your new site.

Alternatively it may be that you’ve removed or moved a section of your site and you want to re-point users if they hit one of the old URLs.

The format of this one is easy once you know how it’s constructed.


Redirect 301 /oldurl  http://MySite.com/newurl

After the number, I’ll explain that in a moment, it’s just the old (relative) URL then the full new URL, including the http:// etc..

Redirects like this can be set to a couple of different states.

301 – means that this is a permanent URL, good practice for your SEO. Your basically saying this redirect in going to be like this forever now.

302 – means that this is only temporary, the old URL will become active again soon.

As long as you stick to the correct syntax you can have many of these redirects in your .htaccess file – great when you’re redirecting a whole lot of old URLs from a previous version of the web site.

Protect your WordPress configuration file

You probably know about wp-config.php, it’s the main configuration file for WordPress, it has important data like the database username & password. Not the kind of thing you want anyone to be able to access directly.


<files wp-config.php>
order allow,deny
deny from all
</files>

This will stop anyone directly accessing the config file, even if there is a problem with the web server where it stops parsing PHP files correctly.

So, there you have a few things to try. Once you’ve tested things out, like me you’ll probably write yourself a templated .htaccess WordPress file so every time you install WordPress you can drop a bunch of these controls in place with a simple copy and paste.

Good luck! Post a comment here if you have a question or perhaps another .htaccess trick you’d like to share.

Peter Shilling
Peter is co-founder of The DMA, an Australian based WordPress development company and HelpForWP.com a WordPress plugin author.
Peter Shilling
Peter Shilling
This article has 3 comments

Leave a Reply