How to Set Up PHP Includes for HTML Pages

So your pure HTML website is becoming too large, or perhaps it was already large but you are moving to a new host from another platform such as Site Build It! and you need a solution for managing your website with ease. If your website has good rankings you might not want to risk it now and transfer it to another CMS (content management system) like WordPress, you simply want to keep it the way it is. The only thing you need is a solution for your includes, which will allow you to manage your website’s header, sidebar, footer and experiment with ads with ease.

Elephant is an unofficial symbol of PHP – just in case you were wondering about the picture 😉

I was thinking along the same lines when I moved my website from SBI! to Hostgator. I didn’t want to convert to WordPress straight away. I wanted to let the dust settle and see how I rank. Doing this type of changes slowly is a good idea.

At the same time Hostgator was saying that to use servers side includes I would need to rename all my pages to .shtml which sounded terrible… It was also saying that while you can force your HTML pages execute PHP it’s not recommended as it will increase resource usage (the pages would need to be processed by server before being sent to visitor’s browsers).

In addition my PHP includes had to be secure – they shouldn’t be indexed by search engines and should be impossible to  access via browser. If you let your includes accessible via browser hackers can take an advantage of this. You might also have problems with Adsense if you are putting Adsense in these includes, because technically you will have an empty page with Adsense block on it available to anyone who knows its URL address.

If you are coming from SBI! you might get confused by my PHP suggestion. However you should know that there is no way to keep your includes exactly same way they were in SBI! Here is why: SBI! required your include to be coded like this: ***your-include.shtml*** This is not a standard code and that’s not how .shtml includes work outside of SBI! It is possible to keep your includes in .shtml but you still have to edit your pages to replace ***your-include.shtml*** with standard code. Since you are going to edit your pages anyway you could also rename your includes into .php

All this seemed very complex and after a bit of research and some trial I came up with my own method. In this article I will describe how I solved this puzzle.

  • First of all if you are using Hostgator you need to edit your .htaccess file to force our .html pages to process PHP code. To do this paste this in your .htacess file:
    AddHandler application/x-httpd-php5 .html .htm

  • Create a separate folder, call it something descriptive such as “includes” in your root folder. In Hostgator this folder is called public_html.

  • Create an index.php page in your includes folder. This is necessary for security of your website. You don’t want hackers to navigate to this folder and see your website’s folder structure. You can write something witty in this folder, for example: “Curiosity killed the cat”, draw something funny, or simply express your feelings towards hackers (I doubt normal visitors will ever get there, so the risk of offending a real visitor is very low). Alternatively you can simply say something like: “Oops, seems you got lost. Go to our homepage (or sitemap) by clicking this link“. This is only a security measure and should be done for every folder that doesn’t have index.php of its own, not only “includes” folder.

  • In your “includes” folder” create a new document, call it something that makes sense to you, for example: “header.php”, “footer.php”, “sidebar.php”, “ad-top.php” etc. Paste this code in the beginning of every include:
    if ('your-include-name.php' == basename($_SERVER['SCRIPT_FILENAME']))
    die ('<h2>Direct File Access Prohibited</h2>');

    Obviously change “your-include-name.php” to the name of your include. Then paste whatever you want to be included after this code and hit “Save”. After we have done this your include content won’t be accessible via browser. If you type in path to your include you will get “Direct Access Prohibited” instead.


  • Go to your .html page where you want to add your include. Paste this code where you want include to appear:
    <?php include 'includes/your-include.php'; ?>

    Where “includes” is the name of your folder and “your-include.php” is the name of your include file. Hit “save”.


  • Go to your robots.txt file and prohibit access of search engines by adding this line of code:
    User-agent: *
    Disallow: /includes/

    Where “includes” is the name of your includes folder. This will prevent your include from being indexed.


  • To reduce resource usage we are going to compress our files and cache them by pasting this code in our .htaccess file:
    # compress text, HTML, JavaScript, CSS, and XML
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    # remove browser bugs
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    Header append Vary User-Agent
    < IfModule mod_expires.c >
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/x-javascript "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 2 days"
    < /IfModule >

    < IfModule mod_expires.c > and < /IfModule >
    OR YOU WILL GET SERVER ERROR!!!! Alternatively get the download version here. Right click –> Save As…

    This will significantly reduce your files’ size and page load time making your website faster and more efficient. The effect will be especially noticeable to your repeat visitors because we are caching our files. The files will be cashed for two days, but you can edit this file to whatever you like. The line to edit is

    ExpiresDefault "access plus 2 days"

You are done! At this point it’s a good idea to test everything. Make sure that pages are displaying correctly. By all means type direct path to includes in your browser and make sure that you see “Direct Access Prohibited” message instead of your include’s content. If you have any issues post in my help forum. Hope you found this helpful ;-).