One of these files is not like the others…
If you’ve ever spent any real time working with WordPress there’s a fairly good chance you’ve run across a strange file in the root (or topmost) directory. Whereas the vast majority of the files comprising the WordPress hierarchy consist of a filename and an extension, such as the crucial wp-config.php
, one single file seems a bit out of place. That file is the aptly-named .htaccess
file. So just what is the .htaccess file?
First, a bit of history. The name itself is fairly self-explanatory. The ht in the name stands for “hypertext”, and access… well, that part shouldn’t have to be explained. So the original purpose of the .htaccess file was to provide directory-level control to content on an Apache server. And what about that weird dot? Well, the Apache web server was originally built for POSIX-based systems (UNIX, Linux and similar). On POSIX-based systems, prefixing a filename with a dot marks it as a “hidden” file. As the .htaccess file was created as an advanced configuration file, its presence didn’t need to be known to end users. Accidentally deleting it could potentially cause all sorts of issues!
Taking a step forward in time, today the .htaccess file read by several web servers including Apache (duh), the Sun Java System web server, and even Microsoft’s IIS. However, not all servers are created equally. One of the more popular servers in use today is NGINX, which does not support .htaccess files. Additionally, while initially intended for use on POSIX-based system, it certainly isn’t restricted to them; after all, we just mentioned that the Windows IIS web server supports .htaccess!
Oh yea… and today, the .htaccess file isn’t confined to simple directory access. These days, it supports a subset of the global server configuration (using the Apache ruleset, regardless of the actual server in use). Today, you can do anything from restricting access to files or directories, through image hotlinking preventions, and even advanced redirects.
But what’s going on with the WordPress .htaccess file?
When you initially setup WordPress, a minimal .htaccess file is created for you that looks something like this:
Well now… that looks confusing… But it’s not. The first and last lines (aside from the comments) perform a quick check to ensure that the mod_rewrite module is enabled on the server. If it isn’t, none of the included rules are run. The included rewrite rules take a bit more explaining.
See? Not so difficult!
So what else can you do with these rewrite rules? Quite a bit! So much so that we aren’t going to cover them all here. For the moment, we’re going to leave you with a few useful resources which can give you a head start to understanding .htaccess and regular expressions, and an excellent article on tweaking the WordPress .htaccess file. Enjoy, and happy learning!
Excellent article. No doubt that .htaccess is one of the most important file which generally users overlook due to lack of awareness. Here is another useful article on the same particular topic:
https://www.cloudways.com/blog/protect-wordpress-with-htaccess