htaccess Redirect to Maintenance Page

.htaccess made easy

Redirecting visitors to a maintenance page or other temporary page is an essential tool to have in your tool belt. Using HTAccess, redirecting visitors to a temporary maintenance page is simple and effective. All you need to redirect your visitors is the following code placed in your site’s root HTAccess:

# MAINTENANCE-PAGE REDIRECT
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC]
 RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif) [NC]
 RewriteRule .* /maintenance.html [R=302,L]
</IfModule>

That is the official copy-&-paste goodness right there. Just grab, gulp and go. Of course, there are a few more details for those who may be unfamiliar with the process. Let’s look at all the gory details..

Redirecting Traffic with HTAccess

To redirect your visitors to a maintenance page, place the previous code into an HTAccess file located in your site’s root directory. This will ensure that all pages and resources contained within your domain will be redirected for visitors. Thus, if you would like to redirect only requests for a specific subdirectory within your domain, the .htaccess file containing these rules would be placed in that directory (instead of root).

Now that the HTAccess is in place, you’ll need to create and upload your maintenance page, named “maintenance.html”, to the root directory of your site. This file can be just about anything, and does not need to be written in HTML. You can use, say, PHP to make it all dynamic, but remember to change the two instances of the file name in the HTAccess code to match the actual name of your file.

Code Explanation

  1. The first line is merely a comment to explain the purpose of the code. It is not processed by the server.
  2. The second line enables Apache’s rewrite engine, mod_rewrite. Depending on your server setup, this line may be unnecessary.
  3. The third line checks to see if the request is coming from your computer. If it is, then the redirect does not happen. For this to work, you need to change the numbers in this line to match your own IP address.
  4. The fourth line prevents an infinite-loop scenario by testing the request against the name of your maintenance page. Obviously, we don’t want to redirect requests for the page to which we are redirecting.
  5. The fifth and final line contains the action. It basically redirects all requests that meet both of the previous rewrite conditions to the specified maintenance page. Apache doesn’t allow us to use 500-level response codes, so we are stuck with the next best thing, a 302 – temporary – response.

Update: Multiple IP Addresses

It was asked in the comments how this might work when you want to allow multiple IP addresses. There are basically two ways. First, you can add more RewriteConds to the previous code, like so:

# MAINTENANCE-PAGE REDIRECT
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC]
 RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif) [NC]
 RewriteRule .* /maintenance.html [R=302,L]
</IfModule>

With this method, edit each IP address to match your own, and add/remove as many IPs as needed. The second method is equally effective, and looks like this:

<Limit GET POST PUT>
 Order Deny,Allow
 Deny from all
 Allow from 123.456.789.000
 Allow from 123.456.789.000
</Limit>
ErrorDocument 403 /maintenance.html
<Files maintenance.html>
 Order Allow,Deny
 Allow from all
</Files>

This method is a bit simpler, but not as good for SEO should the search engines visit while in maintenance mode. The first method sends a 302 - Moved temporarily status code, while the second sends a less accurate 403 - Forbidden status code. Even so, should you go with method #2, edit the IPs to those of your own, adding or removing new lines as needed for site access.

It’s like a Pandora’s Box..

It’s difficult to keep posts short and sweet when working with HTAccess techniques. There is just so much that you can do with it. For example, we can do htaccess password-protection, allow access to multiple visitors, request specific redirects, and much more. But I refrained from complicating things in an effort to keep this post focused and on-topic. Nonetheless, there is always room for improvement, so if you see something that could make this simple HTAccess-redirect technique even better, then please share via the comments. Thanks!

Further reading