How to Set Up PHP Includes for HTML Pages

So your pure HTML website is becoming too large, or perhaps it was already large but you are moving to a new host from another platform such as Site Build It!ย and you need a solution for managing your website with ease. If your website has good rankings you might not want to risk it now and transfer it to another CMS (content management system) like WordPress, you simply want to keep it the way it is. The only thing you need is a solution for your includes, which will allow you to manage your website’s header, sidebar, footer and experiment with ads with ease.

Elephant is an unofficial symbol of PHP – just in case you were wondering about the picture ๐Ÿ˜‰

I was thinking along the same lines when I moved my website from SBI! to Hostgator. I didn’t want to convert to WordPress straight away. I wanted to let the dust settle and see how I rank. Doing this type of changes slowly is a good idea.

At the same time Hostgator was saying that to use servers side includes I would need to rename all my pages to .shtml which sounded terrible… It was also saying that while you can force your HTML pages execute PHP it’s not recommended as it will increase resource usage (the pages would need to be processed by server before being sent to visitor’s browsers).

In addition my PHP includes had to be secure – they shouldn’t be indexed by search engines and should be impossible to ย access via browser. If you let your includes accessible via browser hackers can take an advantage of this. You might also have problems with Adsense if you are putting Adsense in these includes, because technically you will have an empty page with Adsense block on it available to anyone who knows its URL address.

If you are coming from SBI! you might get confused by my PHP suggestion. However you should know that there is no way to keep your includes exactly same way they were in SBI! Here is why: SBI! required your include to be coded like this: ***your-include.shtml*** This is not a standard code and that’s not how .shtml includes work outside of SBI! It is possible to keep your includes in .shtml but you still have to edit your pages to replace ***your-include.shtml*** with standard code. Since you are going to edit your pages anyway you could also rename your includes into .php

All this seemed very complex and after a bit of research and some trial I came up with my own method. In this article I will describe how I solved this puzzle.

  • First of all if you are using Hostgator you need to edit your .htaccess file to force our .html pages to process PHP code. To do this paste this in your .htacess file:
    AddHandler application/x-httpd-php5 .html .htm

  • Create a separate folder, call it something descriptive such as “includes” in your root folder. In Hostgator this folder is called public_html.

  • Create an index.php page in your includes folder. This is necessary for security of your website. You don’t want hackers to navigate to this folder and see your website’s folder structure. You can write something witty in this folder, for example: “Curiosity killed the cat”, draw something funny, or simply express your feelings towards hackers (I doubt normal visitors will ever get there, so the risk of offending a real visitor is very low). Alternatively you can simply say something like: “Oops, seems you got lost. Go to our homepage (or sitemap) by clicking this link“. This is only a security measure and should be done for every folder that doesn’t have index.php of its own, not only “includes” folder.

  • In your “includes” folder” create a new document, call it something that makes sense to you, for example: “header.php”, “footer.php”, “sidebar.php”, “ad-top.php” etc. Paste this code in the beginning of every include:
    if ('your-include-name.php' == basename($_SERVER['SCRIPT_FILENAME']))
    die ('<h2>Direct File Access Prohibited</h2>');

    Obviously change “your-include-name.php” to the name of your include. Then paste whatever you want to be included after this code and hit “Save”. After we have done this your include content won’t be accessible via browser. If you type in path to your include you will get “Direct Access Prohibited” instead.


  • Go to your .html page where you want to add your include. Paste this code where you want include to appear:
    <?php include 'includes/your-include.php'; ?>

    Where “includes” is the name of your folder and “your-include.php” is the name of your include file. Hit “save”.


  • Go to your robots.txt file and prohibit access of search engines by adding this line of code:
    User-agent: *
    Disallow: /includes/

    Where “includes” is the name of your includes folder. This will prevent your include from being indexed.


  • To reduce resource usage we are going to compress our files and cache them by pasting this code in our .htaccess file:
    # compress text, HTML, JavaScript, CSS, and XML
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    # remove browser bugs
    BrowserMatch ^Mozilla/4 gzip-only-text/html
    BrowserMatch ^Mozilla/4\.0[678] no-gzip
    BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
    Header append Vary User-Agent
    < IfModule mod_expires.c >
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 year"
    ExpiresByType image/jpeg "access plus 1 year"
    ExpiresByType image/gif "access plus 1 year"
    ExpiresByType image/png "access plus 1 year"
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/pdf "access plus 1 month"
    ExpiresByType text/x-javascript "access plus 1 month"
    ExpiresByType application/x-shockwave-flash "access plus 1 month"
    ExpiresByType image/x-icon "access plus 1 year"
    ExpiresDefault "access plus 2 days"
    < /IfModule >

    < IfModule mod_expires.c > and < /IfModule >
    OR YOU WILL GET SERVER ERROR!!!! Alternatively get the download version here. Right click –> Save As…

    This will significantly reduce your files’ size and page load time making your website faster and more efficient. The effect will be especially noticeable to your repeat visitors because we are caching our files. The files will be cashed for two days, but you can edit this file to whatever you like. The line to edit is

    ExpiresDefault "access plus 2 days"

You are done! At this point it’s a good idea to test everything. Make sure that pages are displaying correctly. By all means type direct path to includes in your browser and make sure that you see “Direct Access Prohibited” message instead of your include’s content. If you have any issues post in my help forum. Hope you found this helpful ;-).

19 Replies to “How to Set Up PHP Includes for HTML Pages”

  1. Elena you’re a coding master! And that logo…why is elephant the symbol for php? Not that I don’t like it…it’s kinda cute ๐Ÿ™‚

    Thanks for posting a comment on my Playboy post at ProBlogger. Hope to see more of your blogging!

    1. Hi Greg and thanks for visiting. I have no idea about the elephant thing, it’s just the way it is. I am happy though I can post pictures of cute animals on my technical blog! You wrote an awesome post at ProBlogger ๐Ÿ™‚

  2. I can understand all the coding here, not a problem but… where do I find the htacess file??? Or do I have to make one? And if so, what name given?

    1. Hi Peter,

      your .htaccess might be hidden. If you are on Hostgator or other host that allows you to use cPanel, do this:

      – go to your cPanel, which is located at and sign in as usual

      – click on File Manager (NOT File Legacy Manager, which looks the same). When the pop up window will appear make sure you check Show Hidden Files, then hit Go. .htaccess is usually hidden unless you opt in to show it.

      – go to your root folder and now you should be able to see your .htaccess. Edit and save as usual.

      Hope this helps ๐Ÿ™‚

      1. Ah… so that is the trick… cool… Thank You.. btw.. your help files are excellent. Saves me a zillion hours research how to. ๐Ÿ˜€

  3. Thanks Elena for writing all these tutorials! I don’t know what I would have done without them!

  4. I am trying to understand the step below (in which .html page should I add that code)?

    Go to your .html page where you want to add your include. Paste this code where you want include to appear:

    Where โ€œincludesโ€ is the name of your folder and โ€œyour-include.phpโ€ is the name of your include file. Hit โ€œsaveโ€.

    1. Any page where you want to display include content. If your include contains something like header, footer or right column chances are you want to include that code in every page. If it’s a certain type of ad that you want to display only on some pages you should put that code only on those pages where you want to display your ad.

  5. Hi Elena.

    I have followed your instructions completely. Everything was fine and I changed name servers at SBI. Two days later, my site did not appear within a proper templace. Just saw text on the browser; no header, footer, sidebars. Then I followed your includes’ instructions and added all the necessary code into my .htaccess file. Still didn’t work! And lately, when I check my domain name on my browser, I get a 404 error! What could be the problem? I uploaded all my files and pages into my host’s account and I left all my pages in .html format. Could this be the problem after I added a code to execute php on a .html page via the htaccess file?

    Please assist. Thanks.

    1. Hi, sorry to hear about your troubles.

      When you only see text in the browser with no styling this means something went wrong with your style.css. This can be solved by making sure your style.css is in your header and is referenced correctly. The reason of your suffering could be that you forgot to set your URLs to absolute URLs when using Httrack you could have it referenced incorrectly and this may need a manual fix now. Or Httrack had a hiccup when you used it and you didn’t notice error warning that stylesheet is missing.

      There is no way for me to know what went wrong in your particular case, but you must have the original copy of your site saved somewhere on your desktop or USB (the one that you got from HTTRACK when your site was still on SBI) and you can try to reupload the whole thing once again and sort out your style sheet issue. Once you have that sorted you can do includes.

      If you make any mistake with includes it will typically give you Server Error and not 404, so I am not sure about the last one.

      1. Ok. Thanks very much Elena. I will be looking into my style-sheet.

        Do I have to rename all my pages to .php now? Or only the includes’ files? In SBI, the style sheet was referenced in support-files folder and images in image-files folder. This worked in SBI, is it not a problem outside SBI? As long as the images and style sheet are referenced using absolute URLs in my pages?

        Many thanks.

        1. No you should never rename your pages or you will lose your traffic and definitely get a lot of 404s!

          You can do the same setup at your new host and in fact it should be the same otherwise it won’t work. There should be support-files forlder in your control panel and there should be style.css inside of it. Normally Httrack does this for you but in your case something went wrong so you need to start by visiting your control panel and checking that folder and file inside. Then making sure it’s included in the head section of your pages.

          Do not worry about includes for now, get site to work properly first.

  6. Thanks for your clear step-by-step explanation.

    I think I understood everything, except…

    You mention adding text such as “Curiosity killed the cat” in the index.php page in the ‘Includes’ folder.
    My question is…
    Do you just put that text into the index.php page as in a txt file or do you need some code? Do you need some opening or closing tags and if so what are the tags to use?

    1. Lol you don’t have to do that. You can keep it blank if you want to. I used to do that for fun just in case someone will access pages they aren’t suppose to open.

  7. Thank you for a quick answer.
    If I have understood you correctly, what is important is to have a file named index.php in the ‘includes’ directory. Whether it is blank or not does not matter. Since you have to have a file like that, you might as well use it to give a message to hackers. Am I right?

    1. Exactly! Index.php will prevent people from seeing your file structure. If you want to leave a message like “Oops you got lost, click here for our homepage” or something funny for those who are opening pages they aren’t supposed to open you can just type it without any special code or you can make it look like the rest of your site. Really doesn’t matter ๐Ÿ™‚

Comments are closed.