An .htaccess file controls how Apache interacts with your site. When an .htaccess file is placed in your domain’s directory (usually root directory), the file is detected and executed by Apache.
An .htaccess file is commonly used for the following:
Before URLs can be rewritten, a module called mod_rewrite.c needs to be enabled. Usually, it is disabled in the configuration by default.
mod_rewrite can be enabled by executing the command
$ sudo a2enmod mod_rewrite
$ sudo service apache2 restart
or by commenting out the lines
#LoadModule rewrite_module modules/mod_rewrite.so
#AddModule mod_rewrite.c
in httpd.conf file.
.htaccess redirection is a common vector for malicious hackers to exploit and infect websites. We have seen what .htaccess files are, how they are used by malicious hackers, and how to protect your website.