Htaccess

Htaccess is a module which autogenerates a Drupal root htaccess file based on your settings.

Drupal tries to provide a one size fits all htaccess for Apache webservers, but this goal is increasingly difficult. This module allows the webmaster to set specific options.

Also, this module is dedicated to webmasters who don't want
to manually modify htaccess every time during a version
upgrade to use Drupal.

New version in here

Features

• Set redirection to www or non www.
• Use Followsymlinks or SymlinksIfOwnersMatch.
• HTTPS support (redirect all request to HTTPS or support both protocols).
• Protect core text files (like CHANGELOG.txt) from being viewed.
• Ability to insert Boost htaccess settings.
• Add custom rules before Drupal rules.
• Each htaccess is attached to a profile. This way, you can manage several htaccess files and deploy the right one to your website.
• Check if htaccess is altered and report in site status
• Drush integration.

All these features are available in the 7.x-2.x version. The 7.x-1.x version is for testing purpose only and should not be installed on a production website. There is no upgrade path.

New Version (3.x branch)

This module provides a simple and secure administrative interface to manage your site's root .htaccess file directly from Drupal. It allows you to add custom Apache directives to the default Drupal .htaccess while keeping the core content intact. Ideal for advanced users who need extra server-side rules (e.g., redirects, security headers, or performance tweaks) without manually editing files via FTP or SSH.

A companion sub-module (Robots.txt Utils) lets you automatically delete the physical robots.txt file when using the popular Robotstxt module, ensuring search engines always read the dynamically generated version.

The 3.x branch is a completely rewritten and modernized version of the original Htaccess module available at https://www.drupal.org/project/htaccess. This new version has been fully updated for Drupal ^10 and ^11 compatibility, follows current Drupal coding standards, simplifies the interface, and focuses on safe, reliable management of the root .htaccess file with automatic update options.

Features

• Basic functionality: Loads Drupal's official default .htaccess content and lets you append your own custom configurations via a safe admin form.
• Unique features:
  • One-click update of the root .htaccess file directly from the Drupal interface.
  • Optional automatic replacement of .htaccess on every cron run.
  • Read-only preview of the default Drupal .htaccess content.
  • Sub-module (Robots.txt Utils) that automatically deletes the physical robots.txt file (on save and cron) when the Robotstxt module is enabled — perfect for ensuring search engines always use the dynamic version.
• When and why to use it:
  • You need to add custom rewrite rules, security headers, caching directives, or other Apache configurations that go beyond what Drupal core provides.
  • You manage multiple sites and want consistent extra rules without manual file editing.
  • You use the Robotstxt module and want to guarantee no stale physical robots.txt file interferes with the dynamic one.
  • You prefer managing server files through Drupal's UI for easier deployment and auditing.

Common use cases:

• Enhancing security with additional Header or FilesMatch rules.
• Fine-tuning caching or compression settings.
• Ensuring clean robots.txt handling in SEO-focused sites.

Post-Installation

After enabling the module:

1. Go to Configuration → System → Htaccess (/admin/config/system/htaccess).
2. You will see:
   • A read-only textarea showing the current default Drupal .htaccess content (loaded from core).
   • A field for the path to the default .htaccess (usually core/assets/scaffold/files/htaccess — change only if needed).
   • An editable textarea for your Extra configurations (these will be appended to the default content).
   • A checkbox Automatically replace .htaccess (if enabled, the file will be updated on every cron run).
3. Enter your custom rules in the "Extra configurations" field.
4. Save the form — the module will immediately attempt to write the combined content to your site's root .htaccess file.
   • Success/error messages will confirm if the write succeeded (requires the Drupal root directory to be writable by the web server).

If you also enable the Robots.txt Utils sub-module:

1. Visit Configuration → Search and metadata → Robots.txt (provided by the Robotstxt module).
2. A new checkbox Delete physical robots.txt will appear.
3. Check it and save to delete the file immediately; it will also be deleted automatically on cron runs.

Important note: The web server user must have write permissions on the Drupal root directory for automatic updates/deletions to work. Otherwise, adjust permissions or apply changes manually.

Additional Requirements

• Drupal ^10 or ^11
• For the Robots.txt Utils sub-module to function fully: the contributed module Robotstxt (provides dynamic robots.txt generation)

No external libraries or APIs are required.

Recommended modules/libraries

• Robotstxt – Strongly recommended if you want dynamic robots.txt management alongside the physical file deletion feature.
• Redirect or Pathauto – Often used together with custom .htaccess redirects.
• Security Kit (SecKit) – For additional security headers that can also be added manually via this module.

Similar projects

• The original Htaccess module at drupal.org/project/htaccess: This 3.x version is a modern rewrite/fork, fully compatible with Drupal 10/11, with improved code and simplified features.
• No other active module currently offers direct admin editing + auto-replacement of the root .htaccess file with safety checks.
• For robots.txt management: The standalone Robotstxt module handles dynamic generation, but only this project's sub-module adds automatic physical file deletion.

Supporting this Module

- Check out our sponsor, Dom Host Seo, who made this module possible with their support!

Community Documentation

No external videos or demo sites yet — contributions welcome!

Always test custom .htaccess rules on a development site first, as incorrect Apache directives can break your site.