security_htaccess_generator
Generate Apache .htaccess file text for security, redirects, caching, compression, and access control using structured options. No file writing; returns the text for copying.
Instructions
Apache .htaccess Generator. Build the text of an Apache 2.4+ .htaccess file from structured options, then return it as a string for you to copy or save - it does NOT deploy, write, or touch any file on any server. Assembles named directive groups on demand: force HTTPS (mod_rewrite), www/non-www canonicalisation, mod_alias path redirects (301/302/303/307/308), custom mod_rewrite rules, IP allow/deny access control (Order/Deny/Allow, IPv4+CIDR / IPv6), custom ErrorDocument pages, GZIP (mod_deflate) and Brotli (mod_brotli) compression, mod_expires + mod_headers browser-cache lifetimes, directory-listing toggle, Referer hotlink protection, and free-form appended rules. Use security_csp_generator for Content-Security-Policy headers, security_robots_txt_generator for robots.txt, or linux_web_server_config_generator for full Apache/Nginx/Caddy vhost configs. Set operation to "presets" to list ready-made configurations instead of generating. Runs locally via a sandboxed compiled module: read-only, non-destructive, c
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| operation | Yes | "generate" builds .htaccess text from the options below; "presets" ignores all options and returns the curated preset list. | generate |
| forceHttps | No | Emit a mod_rewrite block that 301-redirects every HTTP request to HTTPS. | |
| wwwMode | No | Canonical host: force the www subdomain, force the bare apex, or emit no host-canonicalisation rule. | leave-alone |
| redirects | No | mod_alias path-prefix redirects. Empty from/to, self-redirects, and homepage catches raise warnings. | |
| rewrites | No | Custom mod_rewrite rules. Pattern is regex-compiled for a warning check (Apache uses PCRE). | |
| denyIps | No | IPv4/IPv6 addresses or CIDR ranges to block (Deny from). Invalid entries still emit but raise a warning. | |
| allowIps | No | IPv4/IPv6 addresses or CIDR ranges to allow; when set alone, everyone else is denied. | |
| errorPages | No | Map of HTTP status code (400-599, as string key) to ErrorDocument path, e.g. 404 to /404.html. | |
| gzip | No | Emit a mod_deflate GZIP AddOutputFilterByType block for text/JS/CSS/JSON. | |
| brotli | No | Emit a mod_brotli compression block (typically 15-25% smaller than gzip). | |
| cacheHeaders | No | mod_expires + mod_headers cache lifetimes. Omit or use 0 to skip a tier. | |
| directoryListing | No | Autoindex: disabled emits Options -Indexes, enabled emits Options +Indexes, leave-alone emits nothing. | leave-alone |
| hotlinkProtection | No | Referer-based image hotlink protection via mod_rewrite. | |
| customRules | No | Free-form Apache directives appended verbatim at the end of the file. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| success | No | Whether the request succeeded. | |
| operation | No | The operation performed (generate or presets). | |
| result | No | For operation=generate: the generated file and metadata. For operation=presets: a presets array. |