If your website runs on Apache — common with cPanel hosting — the .htaccess file is one of the most powerful configuration files available to you. No server access required, just a plain text file in your site root. Changes take effect immediately without restarting the server.
Force HTTPS
Use RewriteEngine On, check HTTPS is off with RewriteCond %{HTTPS} off, then redirect all traffic: RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]. Essential for any site with an SSL certificate.
Custom Error Pages
Add ErrorDocument 404 /404.html and ErrorDocument 500 /500.html to serve custom error pages instead of default server errors.
Block Sensitive Files
Use a FilesMatch block to deny access to .htaccess, .env, wp-config.php, and .htpasswd. These files should never be publicly accessible via a browser.
Enable Browser Caching
Use the mod_expires module to set cache expiry times: images for one year, CSS and JavaScript for one month. This dramatically improves load times for returning visitors.
Enable Gzip Compression
Use mod_deflate to compress HTML, CSS, and JavaScript responses. This reduces bandwidth and speeds up page delivery, improving both performance and SEO.
Disable Directory Listing
Add Options -Indexes to prevent visitors from seeing a file list in directories that do not have an index file.
Generate .htaccess Rules Free
Use the Anonymiz .htaccess Generator to create custom rules visually and download a ready-to-use file without writing any code.