.htaccess Configuration Guide
How to use .htaccess files on GoZen Host to set up redirects, enable caching, block IPs, and configure Apache/LiteSpeed behavior.
The .htaccess file is a configuration file used by Apache and LiteSpeed web servers. It controls how your server handles requests, redirects, caching, security, and more. On GoZen Host, all shared hosting runs LiteSpeed, which is fully compatible with .htaccess rules.
Where Is .htaccess?
The file is located in your website’s root directory (usually public_html/). It’s a hidden file (the name starts with a dot).
To see it in cPanel File Manager:
- Open File Manager
- Click Settings (top right)
- Check Show Hidden Files (dotfiles)
- Click Save
Common .htaccess Rules
Force HTTPS
Redirect all HTTP traffic to HTTPS:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Force www (or non-www)
Force www:
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
Force non-www:
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
301 Redirects (Permanent)
Redirect a single page:
Redirect 301 /old-page https://yourdomain.com/new-page
Redirect an entire directory:
RedirectMatch 301 ^/blog/(.*)$ https://yourdomain.com/articles/$1
Custom Error Pages
ErrorDocument 404 /custom-404.html
ErrorDocument 500 /custom-500.html
ErrorDocument 403 /custom-403.html
Block IP Addresses
# Block a single IP
Deny from 123.45.67.89
# Block a range
Deny from 123.45.67.0/24
# Block multiple IPs
Deny from 123.45.67.89
Deny from 98.76.54.32
Password-Protect a Directory
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /home/username/.htpasswds/public_html/passwd
Require valid-user
Create the password file via cPanel > Directory Privacy (easier) or with the htpasswd command.
Enable Browser Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType text/html "access plus 0 seconds"
</IfModule>
Note: If you’re using LiteSpeed Cache for WordPress, it handles browser caching automatically. You don’t need these rules.
Enable Gzip/Brotli Compression
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/css
AddOutputFilterByType DEFLATE application/javascript application/json
AddOutputFilterByType DEFLATE application/xml text/xml
AddOutputFilterByType DEFLATE image/svg+xml
</IfModule>
LiteSpeed also supports Brotli compression natively, which is more efficient than Gzip.
Block Bad Bots
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} (SemrushBot|AhrefsBot|MJ12bot|DotBot) [NC]
RewriteRule .* - [F,L]
Prevent Hotlinking
Stop other sites from embedding your images:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\.)?yourdomain\.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|webp|svg)$ - [NC,F,L]
WordPress .htaccess
WordPress generates its own .htaccess rules for pretty permalinks. The default looks like:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Never edit between
# BEGIN WordPressand# END WordPress. WordPress regenerates this block when you save permalink settings. Add your custom rules above or below these markers.
Important Rules
- Always back up your
.htaccessfile before editing. A syntax error can take your entire site down. - Test after every change. Add one rule at a time and verify your site still works.
- Check file permissions.
.htaccessshould be644(readable by the server, writable by the owner). - Syntax matters. A missing space or bracket breaks the file.
If You Break Something
If a bad .htaccess rule takes your site down:
- File Manager: navigate to
public_html/, right-click.htaccess, rename it to.htaccess_broken - Your site should come back (without the custom rules)
- Find and fix the bad rule, then rename the file back
Or restore from a backup via cPanel > Backups.
Related Articles
Last updated 19 Apr 2026, 23:46 +0300.