How to Create the Default WordPress .htaccess File

The .htaccess is a distributed configuration file and is how Apache handles configuration changes on a per-directory basis.

WordPress uses the .htaccess file to manipulate how Apache serves files from its root directory and subdirectories thereof. Most notably, WordPress modifies this file to be able to handle pretty permalinks.

This page may be used to restore a corrupted .htaccess file or a misbehaving plugin.

This is the Default WordPress .htaccess configuration


    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

This is the WordPress .htaccess configuration for a website that has a sub-directory


    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /foldername/
    RewriteRule ^index.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /foldername/index.php [L]
    </IfModule>
    # END WordPress

As a personal preference, we prefer to have sub-domains for our client’s websites, in all honestly, it makes it so much easier in terms of setting up and not breaking the structure. Should you want to host your websites on sub-directories though, ensure the path is correct and that you update the .htaccess file to accommodate the correct path.

We hope this has helped, thanks for reading!

Nathan da Silva - Profile

Posted by: Nathan da Silva

Nathan is the Founder of Silva Web Designs. He is passionate about web development, website design and basically anything digital related. His main expertise is with WordPress, Magento, Shopify as well of many other frameworks. Whether you need responsive design, SEO, speed optimisation or anything else in the world of digital then get in touch. If you would like to work with Nathan, simply drop him an email at [email protected]

It’s good to share

Install SSL Certificate on Apache via SSH

SSL stands for Secure Sockets Layer. It is used to secure the connection between internet browsers and Web server or websites by transferring the encrypted data rather than plain text. You can secure the HTTP connections by installing an SSL certificate. Installing an SSL certificate will allow for https:// connections instead of the standard http://. There are two types of certificates.

  • SSL certificate issued by the Certificate Authority (CA)
  • Self-Signed SSL certificate.

The main difference between these two types is that for a Self-Signed certificate, no third party is verifying the identity information of the Website and hence it is not trusted by any of the web browsers. So, accessing the website with self-signed SSL will prompt Untrusted Connection and you’ll have to Confirm Security exception manually. This is something users wouldn’t like to do. This is where SSL certificates verified by a CA comes into play. The CA verifies the website identity information and also provides CA Bundle (for browser compatibility). So these connections are accepted by almost all the browsers.

For installing SSL certificate (both types), we need to generate Private Key and CSR (Certificate signing request).

1) Generate Private Key On The Server

OpenSSL is the open source SSL package that comes along with most of the linux distros. Make sure openssl package is installed.

We are generating private key with openssl command as shown below.


openssl genrsa -des3 -out www.domain.com.key 2048

This will prompt a password, when you enter the passphrase and hit ‘Enter, the key file will be generated in the present working directory and the file name will be ‘www.domain.com.key’, where domain is name of the domain that you enter when the key is generated.

2) Generate Certificate Signing Request (CSR)

After generating your private key, you need to generate a CSR (Certificate Signing Request). You can easily create that with openssl command.


openssl req -new -key www.domain.com.key -out www.domain.com.csr

Few questions regarding the website identity will be asked and this will be checked by the certificate authority.

CSR will be generated in the present working directory with the file name ‘www.domain.com.csr’. Here is the screenshot of the CSR file.

3) Create SSL Certificate

After generating Private key and CSR, you need to create the SSL certificate. Now is where the difference come into play.

For a CA verified cerificate you need to provide CSR and Private key to the Certificate vendor. They will provide a CA verified certificate file (.crt file) and you can install it. But for a Self-Signed certificate, you need to generate the certificate manually.

Generating Self-Signed certificate
Certificate file will be generated with private key and CSR encoded in it. All the information for in the Private key and CSR will be encoded in the .crt file. Command is given below.


openssl x509 -req -days 365 -in www.domain.com.csr -signkey www.domain.com.key -out www.domain.com.crt

Certificate file will be generated in the present working directory as ‘www.domain.com.crt’, please note that domain.com is my domain name in this example and it should be replaced with the actual domain name. Here is the generated .crt file

To install this certificate for a website, you need to create a new VirtualHost for the domain name because SSL is using a different port and not the common port 80. SSL port is 443. So Apache will be listening to both 80 and 443 for the non-encrypted and encrypted data respectively. Or, you can create a separate conf file, in /etc/httpd/conf.d directory and then ask Apache to refer the said directory with ‘Include’ directive as shown below.


Include conf.d/*.conf

Now, add the below given code either in the VirtualHost or in the separate configuration (eg: ssl.conf) file created in the /etc/httpd/conf.d direcory.


SSLEngine on
SSLCertificateFile /path_of_crt_file/www.domain.com.crt
SSLCertificateKeyFile /path_of_key_file/www.domain.com.key

This will tell apache to refer the .crt (certificate) file and .key (Private key) file for SSL encrypted connection.

4) Restart Apache

Final step is to restart Apachge service for the changes to take effect.


/etc/init.d/httpd restart

You can verify the SSL setup by just loading your website with HTTPS, eg: https://domain.com

If your website is loading with https, be sure you have SSL installed for your website.

Of course, if that all looks too much then you can just get us to install your SSL certificate for you. Or you can purchase a low cost SSL certificate and we will do everything for you end to end. Simply contact us at

-->

It’s good to share

How to Fix The Error: WordPress Needs Access to Your Web Server

Have you ever seen the below warning when trying to update your WordPress Version or a WordPress Plugin?

This error will occur when file permissions and ownerships are not set correctly on your site’s server. This will then show the annoying popup that will force you to enter your FTP credentials each time you’d like to make a change to your site and its plugins.

Method 1

A super quick solution to the problem is adding the following to your functions.php file:


define( 'FS_METHOD', 'direct' );

This function allows the current user to edit or install files in your folder. Although this is a quick solution to the problem, we still advise on using Method 2 if you have SSH access to your server.

Method 2

The way to fix the error is to make sure our projects files and directories permissions are all set correctly.

In order to do this, we need to start by changing the ownership of your project (along with all the contents inside) so that it’s owned by the correct user on your web server. As an example, NGINX typically runs under the user www-data, while Apache typically runs under the user apache.

To change your project’s ownership, we need to connect to the server using SSH and then run one of the following commands:

NGINX Servers:


sudo chown www-data:www-data my-project -R

Apache Servers:


sudo chown apache:apache my-project -R

This alone may fix your issue, but if that is not the case, you’ll also need to ensure that your project has file permissions of 755, meaning that NGINX or Apache has the ability to write files to your server. You can ensure this is correct by using the following command:

NGINX and Apache Servers:


sudo chmod 755 my-project -R

Once your project’s ownership and permissions are set correctly the error should disappear which will allow you to install and update plugins as normal again.

What if I am running my site on a Shared Hosting Provider, e.g. GoDaddy, Bluehost, SiteGround?

If this is the case, then it’s unlikely that you’ll have the permissions to change the ownership of your directories. That being said, the issue most likely related to your project’s permissions, rather than the ownership.

Have a look through your hosting provider’s interface (e.g. cPanel/Plesk) to change the file permissions. If you manage to find the option then you can change your project and it’s content’s permissions to 755 and it should resolve the issue. If you are using an FTP client like FileZilla, then you can change them in here. Just make sure to set the value to 755 and recurse into the subdirectories; but only to directories only. Directories should always have 755 permission, whereas files should only have 644.

If that still doesn’t fix the issue, then we would recommend getting in touch with your hosting provider’s support team, they’re almost always able to help in such situations and typically get the job done rather quickly.

We hope that helps you overcome the error, if you need any help with this, feel free to get in touch or drop us a comment below!

Nathan da Silva - Profile

Posted by: Nathan da Silva

Nathan is the Founder of Silva Web Designs. He is passionate about web development, website design and basically anything digital related. His main expertise is with WordPress, Magento, Shopify as well of many other frameworks. Whether you need responsive design, SEO, speed optimisation or anything else in the world of digital then get in touch. If you would like to work with Nathan, simply drop him an email at [email protected]

It’s good to share

301 Redirects via .htaccess

The cleanest way to redirect a URL in a quick, easy, and search-engine friendly way is to do them through your .htaccess file which is usually found in your websites root folder (ie. httpdocs).

Note: htaccess stuff is for Apache servers only.

Redirect a single page


Redirect 301 /oldwebpage/ http://www.yourwebsite.com/newpage.html
Redirect 301 /oldwebpage2.html http://www.yourwebsite.com/folder/

Redirect an entire site


Redirect 301 / http://newwebsite.com/

Meta Refresh

An alternative way is to do a Meta Refresh, this is a line of code you would add between the elements. The following redirects to the specified URL in 3 seconds. Set to 0 for an immediate redirect.


<meta http-equiv="refresh" content="3;url=http://newwebsite.com/" />

301 Redirect Code Generator

If you need help generating the code for your redirects you can visit this website.

It will allow you to generate the code you need and supports web pages redirection for HTML, PHP, ASP, ASPX files and .htaccess redirect.

Nathan da Silva - Profile

Posted by: Nathan da Silva

Nathan is the Founder of Silva Web Designs. He is passionate about web development, website design and basically anything digital related. His main expertise is with WordPress, Magento, Shopify as well of many other frameworks. Whether you need responsive design, SEO, speed optimisation or anything else in the world of digital then get in touch. If you would like to work with Nathan, simply drop him an email at [email protected]

It’s good to share