The WordPress .htaccess file is an important file for many reasons. Your WordPress website needs it for security reasons, to add redirection rules, to block bots/spammers and much more.

WordPress htaccess File

The WordPress .htaccess file is a distributed configuration file, and is how Apache handles configuration changes on a per-directory basis.

WordPress uses this file to manipulate how Apache serves files from its root directory, and sub directories thereof. Most notably, WP modifies this file to be able to handle pretty permalinks.

The .htaccess file can be found via FTP and can be edited with Notepad or similar software. However, the easiest way to find and edit it is through your host’s cPanel (if your hosting provides this).

The .htaccess file is like the security guard of your website. It is a hidden file which gives you the power to determine the access to all files. It is located in the root directory, and you have to enable the “Show Hidden Files” option to view it.

Basic WordPress .htaccess File

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

.htaccess File for WordPress 3.5 and Above

Sub Folder

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

Sub Domain

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# add a trailing slash to /wp-admin
RewriteRule ^wp-admin$ wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
RewriteRule ^(.*\.php)$ $1 [L]
RewriteRule . index.php [L]

What is WordPress .htaccess File

When you install WordPress, a .htaccess file is created as well, and a default code is added to it. In case if it’s not created, then you have to manually create one and add the basic WordPress code to it, as mentioned above. Remember. htaccess are invisible plain text file so make sure you also check invisible files. The beauty of .htaccess file is that it affects the folder that they reside in and also the folders inside it. This means that each sub-folder inherits the .htaccess properties from its parent. Every WordPress site needs one so that it can store server directives.

How to Create WordPress .htaccess File

Create a new notepad file (htaccess.txt) and rename it to .htaccess Next, paste the default code and upload it to your server where other WordPress files already exist.

Why WordPress Needs a .htaccess File

Permalinks: While using WordPress, you may have come across the term “pretty permalinks”. By default, all the URL for your pages or posts looks like yourdomain.com/?p=123, which is not a search engine friendly structure. A simple way is to change your URL structure in the WordPress settings, and this requires a .htaccess be created automatically or manually.

301 Redirect: 301 redirect are the most efficient way and recommend search engine friendly method for domain or web page redirection. It’s not that hard to implement, and it preserves your search engine rankings for that particular page. To use this feature you will need to add 301 redirect command into your .htaccess file.

Securing wp-config.php: The wp-config.php contains crucial information about your website and WordPress database, to secure it; you need to modify the .htaccess file in the root directory by adding the following:

<files wp-config.php>
order allow,deny
deny from all
</files>

.htaccess files are very common with WordPress users since they can be used to improve both the performance and also the security of a WordPress blog in many ways.