How to Disable Auto-Generated .htaccess Files in Drupal 11.3
Goran Nikolovski delivers a concise, human-written tutorial addressing a long-standing frustration for non-Apache Drupal developers. With Drupal 11.3, it’s now possible to prevent automatic .htaccess file creation by setting $settings['auto_create_htaccess'] = FALSE in settings.php. This small change cleans up repos and suppresses unnecessary warnings in CI logs—particularly useful for Nginx and IIS users.
Nikolovski clearly explains the change's impact and caveats: if your web server already enforces directory security, you're safe; if not, consult the official filesystem security guide first. He also critiques the delay in implementing this fix, noting it was first requested in 2009, highlighting inefficiencies in Drupal core’s responsiveness to practical needs.
The post is practical, opinionated, and grounded in real-world deployment experience. It’s a high-value read for teams maintaining Drupal on non-Apache stacks, offering a simple yet overdue optimization.
ASK: Drupal Community Needs Your Support
View all →
Disclosure: This content is produced with the assistance of AI.
Disclaimer: The opinions expressed in this story do not necessarily represent that of TheDropTimes. We regularly share third-party blog posts that feature Drupal in good faith. TDT recommends Reader's discretion while consuming such content, as the veracity/authenticity of the story depends on the blogger and their motives.
Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please reach out to us at #thedroptimes channel on Drupal Slack and we will try to address the issue as best we can.
Related People
You may also like
