What it does:
The .htaccess file has incredible power to improve your website. They provide configuration changes on a per-directory basis. When an htaccess file is placed in a particular document directory, the directives contained in the file apply to that director and all the subdirectories within..
It can be used to specify alternate index files, create custom error pages, stop a directory index from being shown, assist in password protection, basic (though not very secure) user authentication, and can even block IP addresses from being able to use the site.
How to use it:
You can create an .htaccess file locally on your computer or on the server using a regular text editing program like TextEdit or Notepad. When you save the file, simply name it “.htaccess”.
The htaccess file will need to live in the root directory of your website. This is usually the public_html/ or www/ folder.
Things all htaccess files should contain:
A common mistake web designers make is forgetting to forbid directory browsing. This can pose a security issue for your site. Maybe you’ve stumbled upon a scene like this before:
To fix this problem, simply copy and paste the following line into your existing .htaccess file and upload it to your server:
# disable directory browsing
Options ExecCGI Includes IncludesNOEXEC SymLinksIfOwnerMatch –Indexes
If you’d like to allow this directory browsing to occur, you can insert this snippet instead:
# enable directory browsing
Options All +Indexes
Another good thing to add to your htaccess file (if you’re experiencing errors with self-hosted HTML5 video) is the following snippet:
AddType video/ogg .ogm
AddType video/ogg .ogv
AddType video/ogg .ogg
AddType video/webm .webm
AddType audio/webm .weba
AddType video/mp4 .mp4
AddType video/x-m4v .m4v
The host you or your client is using usually provides a tutorial for the htaccess file, if they provide it to you at all. You should generally avoid making changes to the htaccess file because most changes should be done on the servers’ .config file. A good practice is to get in touch with your host’s technical support so they can help you with your specific needs.