.htaccess Generator — Free Online Tool

Generate .htaccess files visually — no Apache expertise needed. Toggle sections, add redirect rules, configure security headers, and download a ready-to-use file in seconds.
Presets:
<!-- Redirects -->
<div class="ha-section" id="ha-sec-redirects">
  <div class="ha-section-header" onclick="haToggleSection('redirects')">
    <input type="checkbox" id="ha-chk-redirects" onclick="event.stopPropagation();haRender()" checked>
    <span class="ha-section-title">Redirects</span>
    <span class="ha-section-badge">301 / 302</span>
    <span class="ha-section-chevron" id="ha-chev-redirects">▼</span>
  </div>
  <div class="ha-section-body" id="ha-body-redirects">
    <div class="ha-field-row" style="margin-bottom:10px;">
      <span class="ha-field-label">Default type</span>
      <select class="ha-select" id="ha-redirect-type" onchange="haRender()" style="max-width:180px;">
        <option value="301">301 Permanent</option>
        <option value="302">302 Temporary</option>
      </select>
    </div>
    <div class="ha-redirect-list" id="ha-redirect-list"></div>
    <button class="ha-add-btn" onclick="haAddRedirect()">+ Add Redirect Rule</button>
    <div class="ha-hint">Source path (e.g. /old-page) → Destination URL</div>
  </div>
</div>

<!-- Security Headers -->
<div class="ha-section" id="ha-sec-security">
  <div class="ha-section-header" onclick="haToggleSection('security')">
    <input type="checkbox" id="ha-chk-security" onclick="event.stopPropagation();haRender()" checked>
    <span class="ha-section-title">Security Headers</span>
    <span class="ha-section-chevron" id="ha-chev-security">▼</span>
  </div>
  <div class="ha-section-body" id="ha-body-security">
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-xframe" onchange="haRender()" checked>
      <span>X-Frame-Options: SAMEORIGIN</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-xcontent" onchange="haRender()" checked>
      <span>X-Content-Type-Options: nosniff</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-xss" onchange="haRender()" checked>
      <span>X-XSS-Protection: 1; mode=block</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-referrer" onchange="haRender()">
      <span>Referrer-Policy: strict-origin-when-cross-origin</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-hsts" onchange="haRender()">
      <span>Strict-Transport-Security (HSTS)</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-csp" onchange="haRender()">
      <span>Content-Security-Policy: default-src 'self'</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-sec-serverhide" onchange="haRender()" checked>
      <span>ServerTokens / hide server signature</span>
    </div>
  </div>
</div>

<!-- Caching -->
<div class="ha-section" id="ha-sec-caching">
  <div class="ha-section-header" onclick="haToggleSection('caching')">
    <input type="checkbox" id="ha-chk-caching" onclick="event.stopPropagation();haRender()">
    <span class="ha-section-title">Browser Caching</span>
    <span class="ha-section-chevron" id="ha-chev-caching">▼</span>
  </div>
  <div class="ha-section-body ha-hidden" id="ha-body-caching">
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cache-images" onchange="haRender()" checked>
      <span>Images (jpg, png, gif, webp, svg) — 1 month</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cache-css" onchange="haRender()" checked>
      <span>CSS &amp; JavaScript — 1 week</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cache-fonts" onchange="haRender()" checked>
      <span>Fonts (woff, woff2, ttf) — 1 year</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cache-html" onchange="haRender()">
      <span>HTML — 1 hour</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cache-etag" onchange="haRender()">
      <span>Disable ETags (for CDN environments)</span>
    </div>
  </div>
</div>

<!-- CORS -->
<div class="ha-section" id="ha-sec-cors">
  <div class="ha-section-header" onclick="haToggleSection('cors')">
    <input type="checkbox" id="ha-chk-cors" onclick="event.stopPropagation();haRender()">
    <span class="ha-section-title">CORS</span>
    <span class="ha-section-chevron" id="ha-chev-cors">▼</span>
  </div>
  <div class="ha-section-body ha-hidden" id="ha-body-cors">
    <div class="ha-field-row">
      <span class="ha-field-label">Allow Origin</span>
      <input type="text" class="ha-input" id="ha-cors-origin" value="*" onchange="haRender()" placeholder="* or https://example.com">
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cors-methods" onchange="haRender()" checked>
      <span>Allow Methods: GET, POST, OPTIONS</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cors-headers" onchange="haRender()" checked>
      <span>Allow Headers: Content-Type, Authorization</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-cors-fonts-only" onchange="haRender()">
      <span>CORS for fonts only (recommended)</span>
    </div>
  </div>
</div>

<!-- Gzip -->
<div class="ha-section" id="ha-sec-gzip">
  <div class="ha-section-header" onclick="haToggleSection('gzip')">
    <input type="checkbox" id="ha-chk-gzip" onclick="event.stopPropagation();haRender()">
    <span class="ha-section-title">Gzip Compression</span>
    <span class="ha-section-chevron" id="ha-chev-gzip">▼</span>
  </div>
  <div class="ha-section-body ha-hidden" id="ha-body-gzip">
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-gzip-html" onchange="haRender()" checked>
      <span>HTML, XML, Plain text</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-gzip-css" onchange="haRender()" checked>
      <span>CSS &amp; JavaScript</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-gzip-fonts" onchange="haRender()" checked>
      <span>Fonts (SVG, TTF)</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-gzip-json" onchange="haRender()" checked>
      <span>JSON &amp; APIs</span>
    </div>
  </div>
</div>

<!-- Error Pages -->
<div class="ha-section" id="ha-sec-errors">
  <div class="ha-section-header" onclick="haToggleSection('errors')">
    <input type="checkbox" id="ha-chk-errors" onclick="event.stopPropagation();haRender()">
    <span class="ha-section-title">Custom Error Pages</span>
    <span class="ha-section-chevron" id="ha-chev-errors">▼</span>
  </div>
  <div class="ha-section-body ha-hidden" id="ha-body-errors">
    <div class="ha-field-row">
      <span class="ha-field-label">404 Not Found</span>
      <input type="text" class="ha-input" id="ha-err-404" value="/404.html" onchange="haRender()" placeholder="/404.html">
    </div>
    <div class="ha-field-row">
      <span class="ha-field-label">403 Forbidden</span>
      <input type="text" class="ha-input" id="ha-err-403" value="/403.html" onchange="haRender()" placeholder="/403.html">
    </div>
    <div class="ha-field-row">
      <span class="ha-field-label">500 Server Error</span>
      <input type="text" class="ha-input" id="ha-err-500" value="/500.html" onchange="haRender()" placeholder="/500.html">
    </div>
    <div class="ha-field-row">
      <span class="ha-field-label">401 Unauthorized</span>
      <input type="text" class="ha-input" id="ha-err-401" value="" onchange="haRender()" placeholder="/401.html (optional)">
    </div>
  </div>
</div>

<!-- Directory Options -->
<div class="ha-section" id="ha-sec-directory">
  <div class="ha-section-header" onclick="haToggleSection('directory')">
    <input type="checkbox" id="ha-chk-directory" onclick="event.stopPropagation();haRender()">
    <span class="ha-section-title">Directory Options</span>
    <span class="ha-section-chevron" id="ha-chev-directory">▼</span>
  </div>
  <div class="ha-section-body ha-hidden" id="ha-body-directory">
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-dir-noindex" onchange="haRender()" checked>
      <span>Disable directory listing (Options -Indexes)</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-dir-followlinks" onchange="haRender()">
      <span>Follow symbolic links (Options +FollowSymLinks)</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-dir-blockdotfiles" onchange="haRender()" checked>
      <span>Block access to dotfiles (.env, .git, etc.)</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-dir-blockphp" onchange="haRender()">
      <span>Block PHP execution in uploads directory</span>
    </div>
    <div class="ha-checkbox-row">
      <input type="checkbox" id="ha-dir-badbots" onchange="haRender()">
      <span>Block common bad bots</span>
    </div>
    <div class="ha-field-row" style="margin-top:8px;">
      <span class="ha-field-label">Default charset</span>
      <select class="ha-select" id="ha-dir-charset" onchange="haRender()" style="max-width:180px;">
        <option value="UTF-8" selected>UTF-8</option>
        <option value="ISO-8859-1">ISO-8859-1</option>
        <option value="">(none)</option>
      </select>
    </div>
  </div>
</div>
Build robots.txt → Robots.txt Generator
Generate meta tags → Meta Tag Generator
Format SQL → SQL Formatter
Related Tools#

Related Tools
