RevealTheme logo

.htaccess Snippet Generator

Browse a small library of ready-made Apache .htaccess snippets — force HTTPS, redirect www, set cache headers, enable Gzip, and lock down common security holes. Pick a snippet from the dropdown and copy the rules into your own file.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

How to use this tool

  1. 1

    Open the dropdown and choose the rule you need (for example, Force HTTPS or Gzip compression).

  2. 2

    Read the generated snippet shown in the code box below the dropdown.

  3. 3

    Select the text and copy it, then paste it into your site's .htaccess file.

  4. 4

    Switch the dropdown to a different rule to view another snippet — combine several by pasting them one after another.

What is an .htaccess file and what do these snippets do?

.htaccess is Apache's per-directory configuration file. When Apache serves a request, it reads any .htaccess file in the target directory (and its parents) and applies the directives inside, so you can change server behavior without touching the main httpd.conf. This tool is not a dynamic builder: it holds seven fixed, hand-written snippets and simply displays whichever one you select. The HTTPS, www, and non-www rules use mod_rewrite with a 301 redirect. The caching snippet uses mod_expires to set a one-year Expires header on CSS, JavaScript, WebP, and AVIF. The compression snippet uses mod_deflate to gzip HTML, CSS, JavaScript, and JSON. There are also rules to disable directory listing (Options -Indexes) and to deny PHP execution in an uploads folder via a FilesMatch block. Because each snippet wraps mod_* directives in <IfModule> guards (except the rewrite and Options rules), an unsupported module is silently skipped rather than throwing a 500. The snippets are starting points, not a turnkey config — review and adjust paths, domains, and cache lengths before deploying to production.

Common use cases

  • Forcing every visitor onto HTTPS after installing an SSL certificate on a shared Apache or LiteSpeed host.

  • Canonicalizing a domain to either the www or non-www version with a 301 redirect to consolidate SEO signals.

  • Adding a one-year browser cache to static assets so repeat visitors load CSS, JS, and modern image formats from cache.

  • Turning on Gzip compression for text responses to cut transfer size and improve page load time.

  • Hiding the contents of a folder that has no index file by disabling Apache's automatic directory listing.

  • Blocking PHP execution inside a public uploads directory so an attacker can't run a script they managed to upload.

Frequently asked questions

Does .htaccess work on Nginx?
No. Nginx ignores .htaccess entirely and uses its own server-block syntax. These snippets are written for Apache and work on LiteSpeed, which reads .htaccess for compatibility.
Where do I put the .htaccess file?
Usually in your site's web root, next to index.html or index.php. Apache applies the rules to that directory and every subdirectory beneath it. You can also place a separate .htaccess deeper in the tree to override behavior for one folder.
Can I edit the domain or cache duration in the tool?
No. The snippets are fixed templates that read the requesting host at runtime (%{HTTP_HOST}), so the redirect rules adapt to your domain automatically. To change a cache length or file type, edit the pasted text in your .htaccess directly.
Will a snippet break my site with a 500 error?
The caching, compression, and PHP-block snippets are wrapped in <IfModule> or FilesMatch guards, so a missing module is skipped quietly. The rewrite and Options rules are not guarded — if mod_rewrite is disabled, the Force HTTPS/www rules can cause a 500. Test on staging first.
Is my data uploaded anywhere?
No. This tool runs entirely in your browser. The snippets are hard-coded in the page, nothing you select is sent to a server, and there is no input that leaves your device.
Can I combine several snippets in one file?
Yes. Paste them one after another in the same .htaccess. Put RewriteEngine On only once, and keep redirect rules near the top so they run before caching and compression directives.

Related tools