So if both .htaccess and httpd.conf can serve the same purpose (Apache – Disable Directory Listing), which one should we pick?
On performance point of view, .htaccess is read every time when the directory is loaded. and each directory can have it own .htaccess. so this may cause a performance hit but seems that it is not very significant.
The Fubra Blog – .htaccess vs httpd.conf
On the other hand, the situation may bother your choice. Not every user got the permission on writing the httpd.conf file and they may even do not have the right to restart the Apache Server. In this case, you have to use .htaccess to restrict the access right.
Here is a summary comparing .htaccess and httpd.conf.
- They are read only when the server restarts
- They are set up by the system administrator
- They can override any settings from a higher directory, even if AllowOverride is set to none
- They are read for each and every hit to the directory or its descendants
- They are set up by the web administrator responsible for that directory
- They can only override settings from httpd.conf if AllowOverride is set for it