Default .htaccess file for your wordpress


Htaccess is a hidden configuration file for the Apache web server. WordPress uses the .htaccess file to store configuration information and handle server requests.

For example, .htaccess can enable or disable many server features, including redirection of URL’s, server signature, caching of files, password protection, and customized error pages.

Our tutorial will show you how to find, edit, and create a default .htaccess file in WordPress.


What is the .htaccess File?

.htaccess is a standard configuration file used in web servers. If you’re familiar with Apache, you may have experience editing .htaccess to grant or revoke access to website resources.

WordPress is a bit different. In WordPress, the default .htaccess file is mainly used to handle permalinks to pages on your WordPress website. However, as a configuration file, you can also add additional configuration options to adjust the behavior of your website such as:

  • URL redirects and rewriting
  • Block hotlinking of images
  • Handling server errors
  • Password protection
  • Blacklisting and whitelisting of IP’s
  • Block users by referring URL

Where is the .htaccess file located in WordPress?

The .htaccess file is stored in the root directory of the WordPress installation. The period (dot) at the beginning of the filename indicates the file is hidden.

If you’re using a cPanel file manager, click the Settings button in the upper-right corner, then select Show hidden files, then click Save. You should be able to open the public_html folder for your WordPress installation and find .htaccess listed just after the folders.

How to create a Default WordPress .htaccess file

In some instances, WordPress may not create the default .htaccess file, or it may accidentally be deleted. Navigate to the public_html folder to view the list of files. Make sure you’ve configured your system to show hidden files, as above.

1. Create a new file using the + File button in the upper-left corner. Name the file .htaccess.

2. Open the file for editing by selecting Edit.

3. Enter the following text:

# BEGIN WordPress

RewriteEngine On

RewriteBase /

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

# END WordPress

4. Save the file and exit.

How to edit the WordPress .htaccess file

Editing .htaccess in Cpanel

1. To make a copy of the file in cPanel file manager, click .htaccess to highlight it. Then use the Download button on the top menu to save a copy to your local machine.

2. Once you’ve made a copy, you can edit .htaccess. In cPanel File Manager, right-click the file, then click Edit. You may now make adjustments to the file.

Editing .htaccess file with FTP client

You may also use an FTP client to log in and download a copy of .htaccess directly.

Numerous free FTP clients are available, such as FileZilla. In the example below, we are using FileZilla:

  1. Log into your servers FTP hosting account
  2. Navigate to the root of your WordPress installation to show hidden files:  Menu > Options > Select Server > Force showing hidden files
  3. Locate the root folder of your domain then download the .htaccess file.
  4. Now, you are ready to edit the .htaccess file.
  5. WordPress .htaccess Configuration Options

    Redirect Web Traffic

    If you’ve changed a permalink on your website, you can use a 301 redirect to forward to the new page. This allows users with bookmarks or hyperlinks to be routed to the correct new page.

    Edit your .htaccess file and add the following line:

    Redirect 301 /old_permalink.html

    This can be done for each page you need to redirect.

    Protect Sensitive WordPress Files

    To prevent web access to the wp-config, error_logs, php.ini, and htaccess/htpasswds files, add the following:

    <FilesMatch "^.*(error_log|wp-config\.php|php.ini|\.[hH][tT][aApP].*)$">
    Order deny,allow
    Deny from all

    Force an SSL Connection

    To force an encrypted SSL connection. Enter the following:

    SSLOptions +StrictRequire
    SSLRequire %{HTTP_HOST} eq ""
    ErrorDocument 403


    WordPress is a powerful CMS with many advanced options. Now you know how to find, edit, and create a default WordPress file. Make sure you always backup before editing the .htaccess file.


  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Fix Wordpress " Sorry, this file type is not permitted for security reasons " Such as fonts

Hello,   Watch the video   When you need to upload custom fonts wordpress prevents you to...

Find / clean infected WordPress Files using SSH

OK, your WordPress site is hacked and you need to locate the infected files. It’s a tedious...