Create your .htaccess file in root and add following configurations:

1. Redirect to

<IfModule mod_rewrite.c>
  Options +FollowSymlinks
  # for bluehost hosting it should be:
  # Options +SymLinksIfOwnerMatch
  RewriteEngine on
  RewriteCond %{http_host} ^ [NC] #case-insensitive
  RewriteRule ^(.*)$$1 [R=301,L]

Advantage: Google knows the url preference
Disadvantage: You will loose four characters in url

2. Redirect to

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteRule ^(.*)$$1 [R=301,L]

Advantage: You will gain extra four characters in url for SEO

3. Preventing Directory Indexes (for directories and files)

Options -Indexes

4. Giving Preference to file

DirectoryIndex index.php index.html index.htm

5. Trace Errors and redirect

#Moved Permanently
  ErrorDocument 301 /301.php
#Bad Server Request
  ErrorDocument 400 /400.php
#Authorization Required
  ErrorDocument 401 /401.php
#Permission denied
  ErrorDocument 403 /403.php
#Requested page does not exist
  ErrorDocument 404 /404.php
#Internal Server Error
  ErrorDocument 500 /500.php
#Server timed out
  ErrorDocument 503 /503.php

6. Denying access for an IP

deny from

7. Limiting GET, POST, PUT

<limit GET POST PUT>
  order deny,allow
  deny from
  allow from all

8. Password protected website

AuthType Basic
AuthName "Allowed Users"
AuthUserFile /etc/securesite/.htpasswd
AuthGroupFile /etc/securesite/allowed_users.grp
Require user username
Require valid-user

Create .htpasswd file in /etc/ or before root directory with following code:


This will prompt you to type username and password to get access