WordPress managed hosting provider WP Engine announced that it is ending support for .htaccess directives. The company has begun the End-of-Life (EOL) process for phasing out .htaccess from their servers and has set a date in October 2022 for the full removal of support.
The use of .htaccess for managing websites is so deeply ingrained that the idea of no longer supporting it may sound like a deal breaker. Some may rightly think that if customers can’t have a custom .htaccess, the web hosting service might not be suitable for how modern sites are created.
However, a closer look at WP Engine’s decision shows that it makes sense and could, in the future, become a common feature of high-performance web hosting.
Why WP Engine is Deprecating .htaccess Support
The reasons WP Engine provided for leaving .htaccess behind include achieving performance gains from removing .htaccess at the site level and leveraging performance improvements from newer technologies.
The announcement stated:
"WP Engine will be deprecating the .htaccess file in order to increase website performance and match industry trends.
If your site is using custom .htaccess directives outside of the default WordPress rules, we have put together a list of recommended alternatives.”
WP Engine estimates that this change will not affect most of the websites it currently hosts because most sites only use the default version of .htaccess that WordPress generates.
“By our analysis, most WP Engine websites will not require any extra changes to the .htaccess as they are using a default WordPress version of this file.
Default WordPress rewrites will be handled by WP Engine automatically at the server level.”
.htaccess and Site Performance
.htaccess is a way to control certain aspects of a website, like redirecting a request from one URL to another, redirecting requests from insecure HTTP URLs to secure HTTPS, and blocking the IP addresses of malicious hackers and scrapers, among many other uses.
This file is used on servers that run the Apache open-source server software (and also on Nginx servers running as a reverse proxy for Apache).
Though using .htaccess files is a longstanding and established practice for managing websites, it is not an efficient way of managing activities like blocking IP addresses or redirecting URLs. Large .htaccess files can negatively impact SEO and conversion-related metrics such as the Time to First Byte (TTFB), which measures how long it takes for a server to begin downloading web page resources.
According to a test by StrategiQ, .htaccess files can affect both server performance and scalability. A large .htaccess file had a measurable and significant impact on CPU usage. Testing also revealed that a .htaccess file with as little as 1,000 lines could significantly impact server memory usage. Though this strain was not enough to bring down the website because the server still had enough resources to handle it.
“It’s worth noting though that during our tests, we didn’t see any huge impact on overall page load time on anything but the 50,000 line file. This is probably because, even though significant resources were being used in handling the requests, we still weren’t hitting peak capacity.”
However, one could imagine that a server with multiple websites, each with large .htaccess files, could cause an impact on the server.
Apache Software Foundation’s Take
According to the official Apache Software Foundation (the developers of the Apache server software that runs .htaccess), the only time .htaccess files should be used is when access to the server configuration file is restricted, such as on budget shared servers.
The Apache Software Foundation documentation advises:
“There is, for example, a common misconception that user authentication should always be done in .htaccess files, and, in more recent years, another misconception that mod_rewrite directives must go in .htaccess files.
This is simply not the case.
You can put user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do things. Likewise, mod_rewrite directives work better, in many respects, in the main server configuration.”
What WP Engine is proposing is actually a best practice according to the Apache documentation and will benefit their user base by creating an environment that makes their websites perform faster, which can help sales, advertising clicks, and even offer a small SEO benefit.
Will WP Engine Users Be Inconvenienced?
WP Engine offers ways to manage without .htaccess files through what they call Web Rules. Web Rules allows users to manage IP-based allow/deny rules and set header responses.
Redirects can be applied in three ways within the WP Engine managed hosting platform:
- Bulk imported into WP Engine’s Nginx configuration
- Bulk imported into a WordPress plugin called Redirection
- Bulk imported into the Yoast SEO Plugin redirect manager
The Redirection WordPress plugin can be useful for managing redirects and headers. It also has a log file that shows visits resulting in 404 responses, which can alert users to inbound links that are misspelled and can be fixed by creating a redirect from the misspelled URL to the correct one.
WP Engine End-of-Life (EOL) Process for .htaccess
While it may seem radical to end support for .htaccess, considering how the Apache Software Foundation itself recommends not using .htaccess at the website level, WP Engine’s approach makes a lot of sense. There are clear benefits for their users and for website visitors as well.
Will other web hosts follow their lead? Only time will tell.
