Latest TweetsAbout the “Warning! WordPress Encrypts User Cookies” Error digwp.com/2018/11/warning-word… #WordPress
Perishable Press

htaccess Redirect to Maintenance Page

Redirecting visitors to a maintenance page or other temporary page is an essential tool to have in your tool belt. Using HTAccess, redirecting visitors to a temporary maintenance page is simple and effective. All you need to redirect your visitors is the following code placed in your site’s root HTAccess:

# MAINTENANCE-PAGE REDIRECT
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC]
 RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif) [NC]
 RewriteRule .* /maintenance.html [R=302,L]
</IfModule>

That is the official copy-&-paste goodness right there. Just grab, gulp and go. Of course, there are a few more details for those who may be unfamiliar with the process. Let’s look at all the gory details..

Redirecting Traffic with HTAccess

To redirect your visitors to a maintenance page, place the previous code into an HTAccess file located in your site’s root directory. This will ensure that all pages and resources contained within your domain will be redirected for visitors. Thus, if you would like to redirect only requests for a specific subdirectory within your domain, the .htaccess file containing these rules would be placed in that directory (instead of root).

Now that the HTAccess is in place, you’ll need to create and upload your maintenance page, named “maintenance.html”, to the root directory of your site. This file can be just about anything, and does not need to be written in HTML. You can use, say, PHP to make it all dynamic, but remember to change the two instances of the file name in the HTAccess code to match the actual name of your file.

Code Explanation

  1. The first line is merely a comment to explain the purpose of the code. It is not processed by the server.
  2. The second line enables Apache’s rewrite engine, mod_rewrite. Depending on your server setup, this line may be unnecessary.
  3. The third line checks to see if the request is coming from your computer. If it is, then the redirect does not happen. For this to work, you need to change the numbers in this line to match your own IP address.
  4. The fourth line prevents an infinite-loop scenario by testing the request against the name of your maintenance page. Obviously, we don’t want to redirect requests for the page to which we are redirecting.
  5. The fifth and final line contains the action. It basically redirects all requests that meet both of the previous rewrite conditions to the specified maintenance page. Apache doesn’t allow us to use 500-level response codes, so we are stuck with the next best thing, a 302 – temporary – response.

Update: Multiple IP Addresses

It was asked in the comments how this might work when you want to allow multiple IP addresses. There are basically two ways. First, you can add more RewriteConds to the previous code, like so:

# MAINTENANCE-PAGE REDIRECT
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.000
 RewriteCond %{REQUEST_URI} !/maintenance.html$ [NC]
 RewriteCond %{REQUEST_URI} !\.(jpe?g?|png|gif) [NC]
 RewriteRule .* /maintenance.html [R=302,L]
</IfModule>

With this method, edit each IP address to match your own, and add/remove as many IPs as needed. The second method is equally effective, and looks like this:

<Limit GET POST PUT>
 Order Deny,Allow
 Deny from all
 Allow from 123.456.789.000
 Allow from 123.456.789.000
</Limit>
ErrorDocument 403 /maintenance.html
<Files maintenance.html>
 Order Allow,Deny
 Allow from all
</Files>

This method is a bit simpler, but not as good for SEO should the search engines visit while in maintenance mode. The first method sends a 302 - Moved temporarily status code, while the second sends a less accurate 403 - Forbidden status code. Even so, should you go with method #2, edit the IPs to those of your own, adding or removing new lines as needed for site access.

It’s like a Pandora’s Box..

It’s difficult to keep posts short and sweet when working with HTAccess techniques. There is just so much that you can do with it. For example, we can do htaccess password-protection, allow access to multiple visitors, request specific redirects, and much more. But I refrained from complicating things in an effort to keep this post focused and on-topic. Nonetheless, there is always room for improvement, so if you see something that could make this simple HTAccess-redirect technique even better, then please share via the comments. Thanks!

Further reading

Jeff Starr
About the Author Jeff Starr = Web Developer. Book Author. Secretly Important.
Archives
60 responses
  1. Sammy Jones May 1, 2013 @ 8:49 am

    I noticed when I put in my IP with just the last digit missing, it still let me in the site. So for instance, when I add the IP 128.96.124.1, it allows in 128.96.124.1 and 128.96.124.15. This appears to be a security loophole.

  2. Sammy Jones May 1, 2013 @ 9:05 am

    Found an answer to this. Put a $ after the IP address. Otherwise, if you just put 128.96.124.1 in the rewrite condition, you are allowing in 128.96.124.1, 128.96.124.11, 128.96.124.111, 128.96.124.12, 128.96.124.121, etc.

  3. Hi Jeff, thanks so much for this. I tried this and it seems to works fine – public sees maintenance page, while I can see the real page. But one problem – from my allowed IP address I can only see my index.html page but can’t see any other pages or directories. In other words, I can see http://www.domain.com but for http://www.domain.com/page I see a 404 error. The public meanwhile gets maintenance page no matter where they are on my site.

    Any idea what’s happening? If I can’t see those pages I can’t update my site properly. I couldn’t find info on this problem any where. (my site has a WordPress installation if that makes any difference…even if I log in as admin I can’t see those pages)

    Any help is appreciated!

  4. Josh Nelson May 6, 2013 @ 2:35 pm

    Hi Jeff. Just wondering if you recommend I put the following code in the maintenance page to let search engines know the site is temporarily unavailable. I found the code on seomoz (http://www.seomoz.org/blog/how-to-handle-downtime-during-site-maintenance):

    <?php header("HTTP/1.1 503 Service Temporarily Unavailable"); header("Status: 503 Service Temporarily Unavailable"); header("Retry-After: 3600"); ?>

    • Jeff Starr

      Hi Josh, yes that looks like standard issue way to do it via PHP.. it looks like they’re sending headers for both HTTP 1.0 and HTTP 1.1 (i.e., in the first two lines).

  5. Hey Jeff!

    Quick question:

    How would I permanently redirect every single file and/or folder from the “/blog/” directory of my blog location: “www.sitename.com/blog/” to the homepage: “www.sitename.com”, both with and without the “www”.

    Thanks for your time!

    ~ Chris

    • Sorry, I know you probably don’t need this amendment, but just to be clear, I mean to say *old* blog location: www.sitename.com/blog/

      The new blog location is the root homepage: www.sitename.com

  6. That seems to have done the trick Jeff. Thanks!

    Will wait for Google to crawl the site again though.

[ Comments are closed for this post ]