From Lunarpages Web Hosting Wiki
How to Create a .htaccess File
Are you in the need for a .htaccess file, but your web hosting account is lacking one? You can create your own and upload it to the right spot after following a few simple steps.
Step 1 - Open up a plain text editor (such as Notepad) and add in the lines you need and save the file.
Step 2 - Using your FTP client you will need to upload the file to the location you need it. This is usually inside of your public_html folder.
Step 3 - Rename the file to .htaccess, and save. It should be noted that .htaccess is the file extension. It is not filename.htaccess or yourpage.htaccess, it is just named .htaccess. To protect the .htaccess file, you can add these lines to your .htaccess file:
<Files .htaccess> order allow,deny deny from all </Files>
This way, it can not be displayed when somebody types in the file path into their browser.
Step 4 - Also, in the .htaccess file, you will need to add the following line:
Replace username with your actual hosting account user name. This will tell your account where your .htaccess file exists.
Create the .htaccess file in LPCP - To create a .htaccess file in LPCP, log into the LPCP, and then go to your File Manager. Click on the text link labeled, "public_html" to navigate yourself inside the public_html folder. Now, in the empty text box to your upper-right type in .htaccess, make sure the drop down box is set to "File" and then hit the button labeled, "Create". Your .htaccess file will be created in your public_html folder on your LPCP powered account. To edit in the File Manager, find the .htaccess and click on the green V icon on the right side of the window.
Create the .htaccess file in cPanel - To create a .htaccess file in cPanel, log into cPanel, go to your File Manager, then click on the folder icon next to "public_html" to get inside your public_html folder. Next, click "Create New File". In the empty text box, write .htaccess, make sure it is set as a Text Document and hit the button labeled, "Create". Your .htaccess file will be created in your public_html folder on your cPanel powered account. To edit in File Manager, click on the .htaccess and then in the top right click on the Edit File link.
.htaccess deny rules The more rules you have, the longer the initial handshake will be, to the point where, if you decide to block half the countries on the globe, you might end up noticing loading times of 15 seconds or more for a static page. That's normal and, whilst is far from being the only variable when it comes to the loading speed of a given page, it's an extremely important one. Keep the rules as narrow as possible and avoid adding large subnets (anything between /24 or even /16 - going any lower should be a no-go for anything but extreme circumstances) unless really (really!) necessary. When there's one/two/three IPs that you need to block from a subnet, block those first instead of going for the subnet.
Unless you can work effortlessly with CIDRs, consider using a tool such as https://grox.net/utils/whatmask/ to specify a narrow subnet, instead of going for /16s all the time (I've seen numerous tickets where staff add or recommend the first two subnets - i.e. an IP such as 212.12. - to a ticket, essentially blocking an entire /16)
Do not add hostnames to a deny rule. You can, instead, add (all the) IP(s) of a particular hostname at that time to reduce the loading times.