Sunday, April 19, 2026
RSS Feed Sitemap
WordPress

.htaccess Generator

Generate WordPress-optimized .htaccess rules for redirects, security, and performance.

Configuration

Select the sections to include in your .htaccess file:

Generated .htaccess 
# Select options on the left to generate .htaccess rules

WordPress .htaccess Generator — What Each Section Does

The .htaccess file is an Apache server configuration file that WordPress uses for URL rewriting, security hardening, and performance optimisation. Errors in this file can take down an entire WordPress site, so it is critical to generate correct syntax. This tool outputs properly structured .htaccess rules with <IfModule> guards so sections degrade gracefully when a module is not available.

Security Sections Explained

  • Force HTTPS — Redirects all HTTP traffic to HTTPS using mod_rewrite. Essential for any site with an SSL certificate. Ensures SEO signals are consolidated on the secure URL.
  • Disable Directory Browsing — Prevents Apache from listing directory contents when no index file exists. Without this, visitors can see your plugin and theme file structure.
  • Block XML-RPC — WordPress XML-RPC (xmlrpc.php) is a common target for brute-force and DDoS amplification attacks. Block it unless you specifically use it for Jetpack or remote publishing.
  • Protect wp-config.php — This file contains your database credentials. Denying all HTTP access to it adds a layer of protection against accidental exposure.
  • Security Headers — Adds HTTP response headers that protect against clickjacking (X-Frame-Options), MIME sniffing (X-Content-Type-Options), XSS (X-XSS-Protection), and referrer leaks.
  • Hotlink Protection — Prevents other sites from embedding your images directly, which consumes your bandwidth without your consent.

Performance Sections Explained

  • Browser Caching — Sets Expires headers so browsers cache static assets (images, CSS, JS, fonts) locally. Significantly reduces repeat-visit load times and improves Core Web Vitals scores.
  • GZIP Compression — Instructs Apache to compress HTML, CSS, and JavaScript responses using mod_deflate. Typically reduces transfer sizes by 60–80% for text-based assets.

Deployment Notes

Always back up your existing .htaccess before making changes. Place the WordPress permalink rewrite block (generated by WordPress itself) at the bottom of the file, after any custom rules. Test your site immediately after deploying — a syntax error will result in a 500 Internal Server Error across your entire site.

More WordPress Tools

WP_Query Builder

Generate WP_Query arguments arrays for complex WordPress post queries.

Hook & Filter Finder

Search WordPress action hooks and filter hooks across WordPress core.

functions.php Generator

Generate common functions.php snippets for theme customization and WordPress configuration.

Cron Event Generator

Generate WordPress WP-Cron schedule and event registration code.