Must have htaccess file for every website

I have come across some client websites which do not have the proper rules in place and due to this their websites are exposed to attacks from hackers. I have put together a basic htaccess file what each website must have from security and SEO point of view. Of course this may not be suitable for every website as each one may have it’s own specific requirements however the one below will get the basic job done.

You are welcome to provide further additions to the one below.

# Disallows directory browsing
Options -Indexes

Options +FollowSymLinks

# Telling Apache which page to render when some one browses the home page
DirectoryIndex index.php

# Telling Apache where to send the visitor upon a 404 page
ErrorDocument 404 /404.php

RewriteEngine On
RewriteBase /

# Disallows htaccess to visitors
RewriteRule ^\.htaccess$ - [F]

# Redirects non-WWW URLs to www URLs
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

Leave a Comment