Your WordPress site’s .htaccess file is a basic configuration file used by the Apache web server. Because Kinsta uses the more performance-friendly Nginx web server instead of Apache, you won’t actually have a .htaccess file if you host your site at Kinsta.

However, understanding the .htaccess file is important if you host sites elsewhere, and it’s also a topic that you’ll often see in WordPress tutorials.

In this article, you’ll learn more about what the WordPress .htaccess file is and what it lets you do. Then, you’ll also learn how you can perform similar actions at Kinsta, even though Kinsta does not use .htaccess files:

What Is .htaccess? Explained in More Detail

To recap, .htaccess is a configuration file used by the Apache web server, which is the web server that most budget shared hosts use. As a basic configuration file, it lets you create special rules that tell your web server how to function.

By default, your WordPress site uses the .htaccess file to control your site’s permalinks structure. Many WordPress plugins also make use of the .htaccess file. For example, if you have a caching plugin, it might add its own special rules to your .htaccess file to more efficiently serve up cached content.

Beyond that, you can also add your own code snippets to your site’s .htaccess file, which lets you perform actions like:

How to Locate the .htaccess File in WordPress

If you’re using the Apache web server, you can locate and edit your site’s .htaccess file by connecting to your site’s server via FTP or cPanel File Manager.

Once you’ve connected to your server and are able to browse your site’s files, you can find your WordPress site’s .htaccess file in the root folder of your site, which is the same folder that contains the wp-config.php file and the wp-admin and wp-content folders:

What is the WordPress .htaccess File?
Where the WordPress .htaccess file is located

By default, your site will only have one .htaccess file – the one located in the root folder.

However, it is possible to use multiple .htaccess files in separate directories, though WordPress does not do this in its default state.

The .htaccess file applies to the directory that it’s located in, as well as all sub-directories, so you could add a .htaccess file to a sub-directory to add rules that only apply to that directory (and any of its sub-directories). However, it’s usually simpler to just use one .htaccess file and keep all your rules there.

An Example of the WordPress .htaccess File

By default, your WordPress site’s .htaccess file only contains a single rule that controls how your site’s permalinks function. Here’s an example of what it should look like:

An example of the default WordPress .htaccess file
An example of the default WordPress .htaccess file

How to Add Your Own Rules to .htaccess

Make sure to back up your site’s .htaccess file before making any edits, as even a tiny mistake can make your WordPress site inaccessible.

To add your own .htaccess rules, you’ll add the relevant code snippets either above or below the existing WordPress .htaccess rules.

We’ll share a few examples of what you can do, but the free .htaccess Generator site provides a really handy tool to generate the code snippets needed to perform a variety of different actions.

To Redirect All Traffic to HTTPS Version of Your Site

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

To Block an IP Address

//Block users by IP
order allow,deny
deny from
allow from

To Add a Password to Access Part of Your Site

//Password Protect file
<Files /wp-admin>
AuthName "Prompt"
AuthType Basic
AuthUserFile /wp-admin
Require valid-user

You’d also need to add a separate .htpasswd file.

Here’s an example of what your .htaccess file might look like once you’ve added some of your own rules…

An example of a WordPress .htaccess file with custom rules
An example of a WordPress .htaccess file with custom rules

Kinsta Does Not Use .htaccess: How Can You Make Changes?

As we told you above, Kinsta uses the Nginx web server, rather than Apache. That means any WordPress sites that you host at Kinsta will not have a working .htaccess file.

However, that doesn’t mean you still can’t perform similar actions when it comes to redirects, security rules, etc. Settings and rules from your .htaccess file can be easily “translated” to Nginx’ own rewrite rule syntax.

Kinsta provides you with a number of in-dashboard tools that can replicate much of the important .htaccess functionality. And for other rules, Nginx also offers its own configuration file where you can similarly set up rules, though the syntax is different.

Set Up Redirects

To create redirects for your site hosted at Kinsta, you can use the Redirects tool in your MyKinsta dashboard:

The Kinsta Redirect tool
The Kinsta Redirect tool

Check out our video guide to learn WordPress Redirect Best Practices:

Block Specific IP Addresses

To stop specific IP addresses from accessing your site at Kinsta, you can use the IP Deny tool in your MyKinsta dashboard:

The IP Deny tool in MyKinsta.
The IP Deny tool in MyKinsta.

Password Protect Your Site

To lock down your entire site you can use our password protection (htpasswd) tool in the MyKinsta dashboard. You can find it under the “Tools” section on your site. Simply click “Enable”, choose a username and password, and you’re good to go!

It should be noted that password protection is not compatible with our CDN or Edge Caching. You cannot enable password protection while either of those is enabled.

Enable .htpasswd protection
Enable .htpasswd protection

After it’s enabled your WordPress site will then require authentication to access it. You can change the credentials at any time or disable it when you no longer need it.

.htpasswd authentication prompt
.htpasswd authentication prompt

Other Rules? Contact Kinsta Support

Using the Nginx configuration file, it’s also possible to add other configuration rules – like password protecting a folder at the server level or disabling image hotlinking.

By default, you cannot edit the Nginx configuration file yourself at Kinsta. However, if you reach out to our support staff, they’ll be happy to help you and add the relevant rule for you. Note: They cannot convert .htaccess to Nginx rules for you.


The WordPress .htaccess file is a basic configuration file used by the Apache web server. While you can use it for all sorts of things, the most common features that WordPress users will want to use are:

  • Redirects
  • IP address blacklists/whitelists
  • Password protecting folders
  • Etc.

Because Kinsta uses the newer Nginx web server instead of Apache, WordPress sites that you host at Kinsta do not have a .htaccess file. Instead, you can use tools in the MyKinsta dashboard to add rules for redirects and IP bans, and the Kinsta support team can help you add additional rules to the Nginx configuration file, which is the equivalent of Apache’s .htaccess file.