First of all you might wonder why there is period before the filename. In linux every file that begins with period are taken as hidden files and since .htaccess file is secret file it is hidden from everyone, as it seems to be. There’s nothing special on this. Here I am going to write some ways of preventing direct access of files/folder by people in internet. I assume you have some experiences in cPanel. A little knowledge of cPanel would do. Now let’s get to the point.

There are times when you need to block some directories from direct access like


There are different ways of achieving this, Solutions such as

  • Using Cpanel → Password protect directories
  • Using Cpanel → Create redirection
  • Upload blank index.htm (not so effective) to the directory you want to not have directory listing.

The solutions above ultimately create the .htaccess file which are put to the root directory of each directory which have some rule on them.

So, in .htaccess file we define some rule that tells the server to route the request for the particular url to some other urls relative to some base url. It’s same like changing the flow of water by using some pipes. Isn’t that simple ?

Sample .htaccess file contents

[code language=”apacheconfig”]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

For References on Apache mod_rewrite.c, See the links below :

I am going to use the same mod_rewrite.c contents, that I have on my .htaccess file. You can use the same content if you want. This was the content generated by the wordpress plugin permalink. For this your server needs to have mod_rewrite.c enabled. Usually all servers have this enabled. If not you need to ask your web hosting provider.

Ok, you have .htaccess file. Now simply upload this file to the root of your website.

For example,

My domain name is /public_html/
then I will upload .htaccess → /public_html/{.htaccess}

So, the final url looks like

Now, the last step remains to check if everything was setup as expected.

Create a simple post (test post ) on wordpress that should generate a nice permalink, just try to visit that url, if it works, you have everything working, if not you missed something.

Remember if you were to replicate the same wordpress contents to another site, then you’ll have to repeat all these steps on that server. If you forget to put .htaccess file to the root, which in most cases people forget to do, then all the url links are broken and you’ll get 404 Page Not Found error. So it’s always best to keep the .htaccess file and keep backup of it.

Correct me If I wrote something wrong or misguided people after all I am also a human being. Comments and feedbacks are always welcome.

Hope this explanation would be helpful to my friends.