The Ultimate .htaccess Configuration for your WordPress Ecommerce Shopp

by Lorenzo Orlando Caum on September 10, 2011

The .htaccess file is a configuration file that assists Apache in operating your website.

In this tutorial, we’ll discuss some useful .htaccess commands that will offer a better experience for you and your website visitors.

The .htaccess file is quite powerful and the incorrect entry could take your website offline in an instant. Before you attempt to make any changes, please follow the best practice and create a backup!

1. ServerSignature Off

ServerSignature Off

This command tells Apache to turn of the ‘Server Signature’. The server signature provides information on the version of Apache that you are running.

It usually appears on an error page:

Image courtesy of Slicehost.com

2. SetEnv TZ America/New_York

SetEnv TZ America/New_York

This option sets the server time zone to one that you specify. It makes sense to set it to your time zone.

3. SetEnv SERVER_ADMIN youremailaddress

SetEnv SERVER_ADMIN youremailaddress

This setting sets the administrator email to the email that you specify. Change ‘youremailaddress.com’ to the email that you wish to use for the server administrator email.

4. IndexIgnore *

IndexIgnore *

This option will prevent directory listings.

5. AddHandler php5-script .php

AddHandler php5-script .php

Some web hosts still have PHP4 as an option. The current version of WordPress require that PHP5 be used. This also applies to many plugins for WordPress including Shopp Plugin.

6. Using RewriteEngine

Did you know that for many websites, entering ‘www.’ as part of the domain name is no longer required. In fact, it’s a dying trend. To redirect www requests to your site, simply use the code below and change ‘yourdomainname’ with your real domain name:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} !^yourdomainname$ [NC]
RewriteRule ^(.*)$ http://yourdomainname/$1 [L,R=301]

 7. Using Redirect

Redirect 302 /s http://yourdomainname/wp-admin/index.php?page=stats
Redirect 302 /1 http://yourdomainname/wp-admin/

The above options are optional and are for convenience.

For example, with the first Redirect command, if I typed http://optimizemyshopp.com/s in my browser, it would immediately redirect me to my website statistics page (after logging in). For the second example, if I typed in http://optimizemyshopp.com/1 in my browser, it would take to the WordPress admin page after login.

If there are any sections of your website that you often access, you could consider these shortcuts to getting there faster. It only saves a few seconds but if your checking any of these pages throughout the week, then the time savings starts to add up — daily, weekly, monthly, yearly.

8. Using the files x option

<files .htaccess>
order allow,deny
deny from all
</files>

<files wp-config.php>
order allow,deny
deny from all
</files>

This option helps your site security by preventing outside access to any file that you specify. The first entry prevents access to the .htaccess file and the second secures the wp-config.php file.

Additional thoughts on .htaccess

This file is also utilized by WordPress. The most popular example would be if you setup permalinks or pretty links. WordPress would enter some code into your file that would change:

http://yourdomain/?p=N

to

http://yourdomain/shop/

Then there are also caching plugins such as WP Super Cache or W3 Total Cache which would need to enter lines of code in order to operate correctly.

Template for the Ultimate .htaccess

You can copy the following htacess file into your current htaccess file. Your htaccess file may already have some entries. Be sure to examine to prevent duplicates. As mentioned by the examples prior, WordPress and some plugins use the file as well so be careful on making changes.

# BEGIN Global settings
ServerSignature Off
SetEnv TZ America/New_York
# END Global settings

# BEGIN Local settings
SetEnv SERVER_ADMIN youremailaddress
IndexIgnore *
AddHandler php5-script .php

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_HOST} !^yourdomainname$ [NC]
RewriteRule ^(.*)$ http://yourdomainname/$1 [L,R=301]

Redirect 302 /s http://yourdomainname/wp-admin/index.php?page=stats
Redirect 302 /1 http://yourdomainname/wp-admin/

<files .htaccess>
order allow,deny
deny from all
</files>

<files wp-config.php>
order allow,deny
deny from all
</files>

# END Local settings
Related Posts Plugin for WordPress, Blogger...

This post was written by...

– who has written 11 posts on Optimize My Shopp.

@lorenzocaum is an entrepreneur and a marketer.

Lorenzo contributes to the Shopp project as a customer support rep.

He is the founder of Enzo12 LLC, a web engineering firm in Tampa, FL. He also has a business, marketing, and technology blog.

  • vivek Vaidyanathan Iyyer

    Are there any tips for how to run shopp on http +ssl ?
    Thanks
    Vivek

    • Lorenzo Orlando Caum

      Vivek,

      Shopp automatically detects when HTTPS is needed and activates it. This is typical of any on-site payment gateways where sensitive financials are handled.

    • http://enzo12.com Lorenzo Orlando Caum

      Vivek,

      Shopp detects when HTTPS is needed. For example, this occurs when you are accepting credit cards.

Next post: