Skip to main content

.htaccess Directives

.htaccess Directives

An .htaccess directive is basically a command that is specific to a module or built-in to the core that performs a specific task or sets a specific setting for how Apache serves your website.


Directives placed in htaccess files apply to the directory they are in, and all sub-directories.

Main Directives in htaccess

Most important directives are:

  • Limit
  • Files
  • Order
  • Deny/Allow

These allow you to restrict access, or grant access, to specific folders, or files. It is also possible, through these directives, to give access to specific ip addresses or hosts.


The official list of Apache directives is available in Apache Docs and in Apache Directive Quick Reference

For example, if you wanted to restrict access to jpeg files to the foo user, you would simply use the Files directive along with the Require directive:

AuthName "Title of Login Window"
AuthUserFile /path/absolute/a/.htpasswd
AuthType Basic
Require valid-user
<Files ~ ".*.jpg$">
Require user foo

Meaning of above code:

  • AuthName directive contains the tile that will be displayed in login window.
  • AuthUserFile directive contains the absolute path to the file containing the users.
  • AuthType directive indicates the type of authentication that Apache should perform.
  • Require valid-user directive tells Apache that the folder and subfolders and the files contained in them will be accessed by all users specified in the users file.
  • Files directive forces Apache to require the user named foo to perform the display of files with the jpg extension.

To create .htpasswd files, you can use apache's htpasswd utility.