How to Edit Drupal htaccess to View Non-Drupal Folders

One of the first things you might notice when you install Drupal is that trying to visit a file or folder that is not controlled by the Drupal CMS returns a 404 File Not Found error. This happens even if those files and folders do exist. So for example if you went to mysite.com/not-drupal/ it would display the error – even if that folder exists.

Why does the Drupal htaccess file do this?

When Drupal is installed, it creates a .htaccess file on your server which allows it to take control of all the files and folders within the CMS. What Drupal does is:

1. It adds the following code which sets index.php as the only file that the Apache server will look for in a folder (instead of index.html, index.shtml etc):

   # Set the default handler.
   DirectoryIndex index.php

   What this means is that the web server will only look for index.php inside the folder mysite.com/not-drupal/.  Any other file types will be ignored and will return a 404 Error.

2. Drupal also sets the 404 error document to be processed through it as well. This means that any time the server cannot find the file, it will send it to Drupal. Drupal then checks its database to see whether it is a post or page and if not it will return a 404 Error.

   # Make Drupal handle any 404 errors.
   ErrorDocument 404 /index.php

3. The Drupal .htaccess does the same thing for 401 Unauthorized Error as well. If you've set up a password protected directory using htaccess this would redirect the error to index.php again for Drupal to control – rather than the default which is for the web browser to issue the password prompt. If the 401 error handler does not point to a valid file, it will return a 404 which is controlled by Drupal.

Editing your Drupal htaccess file to prevent it from controlling certain folders

Fixing this in the htaccess is fairly easy and should take only a couple of minutes to complete. Using FTP, you'll need to download the .htaccess file from your main directory. This is usually public_html or www. Once you've got the file (and have backed it up) here's what you need to do:

1. Fixing the 404 error when trying to request a non-Drupal folder (like mysite.com/non-drupal/). Find the line in your htaccess which says:

   # Set the default handler.
   DirectoryIndex index.php

   And change it to:

   # Set the default handler.
   DirectoryIndex index.php index.html index.shtml

   You might also need to add other file names here depending on your needs. What this does is tell your web server to look for any of those file when loading a folder, which is the more standard behavior.

2. Fixing the 401 Unauthorized Error for password protected directories. To do this you'll need to add a line to your Drupal htaccess which will tell the server where your Unauthorized error page can be found:

   # Set the 401 Error page.
   ErrorDocument 401 /401.html

   This will tell the Apache server to redirect all Unauthorized errors to this page rather than as a 404 through Drupal. You'll also need to create a 401.html document and upload that to your server. This will display when people do not have the correct password or try to access password restricted resources.

Clear your browser cache to see the changes

The last step is to clear your browser cache so that you can see the changes that have been made. To do this you can force a refresh of your browser which makes Chrome, Safari, Internet Explorer etc re-check the server to make sure it has the latest version of the page. To do this, you can use a keyboard shortcut:

• Windows: Ctrl + F5
• Mac: Apple + R or Cmd + R
• Linux: F5

If this doesn't work then you can clear your cache by using the settings in your browser.