.htaccess Generator
Generate Apache .htaccess configuration files with common rules for redirects, caching, security, and performance. Select the rules you need and copy the ready-to-use config.
Redirects
Performance
Security
Other
.htaccess
# Generated by ToolBox Hub — https://toolboxhubs.com
Options -MultiViews
# Redirect HTTP to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Enable Gzip Compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE image/svg+xml
</IfModule>
# Browser Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType text/html "access plus 1 day"
</IfModule>
# Disable Directory Listing
Options -Indexes
# Block access to .htaccess
<Files .htaccess>
Order allow,deny
Deny from all
</Files>How to use .htaccess
Place the .htaccess file in the root of your Apache web server directory (usually public_html or www). Make sure mod_rewrite and mod_headers are enabled. Test changes on a staging server before deploying to production.
How to Use
Generate Apache .htaccess configuration files with common rules for redirects, caching, security, and performance. Select the rules you need and copy the ready-to-use config.
- 1Select your redirect rules: enable HTTP to HTTPS if your site has an SSL certificate (it should). Choose www to non-www or vice versa based on your canonical domain. Avoid enabling both www and non-www redirects simultaneously — pick one direction.
- 2Enable performance options: Gzip compression typically reduces HTML/CSS/JS size by 60-80%. Browser caching sets long expiry headers for images and assets so returning visitors don't re-download them. Both are safe to enable for almost any Apache site.
- 3Configure security rules: Disable directory listing to prevent visitors from browsing your file system. Block .htaccess access to hide your server configuration. Add security headers (X-Frame-Options, XSS Protection) for an extra layer of protection against common attacks.
- 4Enter your domain name in the config field if you're using non-www redirects or the hotlink protection rule — it needs to know which domain to allow. Click Copy and place the file in your web root (public_html, www, or wherever index.php/index.html lives).
Key Features
- 14 configurable rules across 4 categories — redirects, performance, security, and other directives
- Real-time generation — the .htaccess output updates instantly as you toggle rules
- Conflict detection — enabling both www→non-www and non-www→www simultaneously is prevented
- Custom domain and 404 page inputs — personalizes hotlink protection and error page rules