Hosting Question? Find the Solution - Browse our Guides, Articles, and How-To's

.htaccess: Invalid command ‘\xef\xbb\xbf#’

If you receive the following error, you’ve edited your file with software that has added a BOM magic numbers to the file, which Apache cannot read:

  /home/user/.htaccess: Invalid command '\xef\xbb\xbf#', perhaps misspelled or defined by a module not included in the server configuration

‘\xef\xbb\xbf#’ is a ‘Unicode BOM(Byte Order Mark)’ and consists of invisible characters added by certain text editors like Notepad++, for instance. The BOM often functions as a magic number used to pass along information to the program reading the file, such as the Unicode character encoding or endianess.

A BOM’s presence can interfere with software that does not expect it, which is what is happening when Apache attempts to read an .htaccess file that contains a BOM. This causes the 500 Internal Server Error seen in the browser when you attempt to load a site whose .htaccess inadvertently contains a BOM.

Let’s see how using the dos2unix -r command removes the BOM from a file.

The dos2unix Command

Let’s explore this further.

First, let’s create a file containing a BOM:

  ~$ printf "\xef\xbb\xbf" > manualBOM.txt
  ~$ cat manualBOM.txt 
  ~$ ls -lah manualBOM.txt 
  -rw-rw-r-- 1 user user 3 Sep 27 05:20 manualBOM.txt
  ~$ hexdump manualBOM.txt 
  0000000 bbef 00bf                              

After confirming the presence of the BOM by viewing the contents of the file with hexdump, we can remove the BOM with the dos2unix command accompanied by the -r modifier (–remove-bom):

  ~$ dos2unix -r manualBOM.txt
  dos2unix: converting file manualBOM.txt to Unix format...

Note: that you may need to install this utility using the following command:

  yum install dos2unix -y

Now, let’s inspect the file to confirm the BOM has been removed:

  ~$ cat manualBOM.txt
  ~$ ls -lah manualBOM.txt
  -rw-rw-r-- 1 user user 0 Sep 27 05:21 manualBOM.txt
  ~$ hexdump manualBOM.txt

A Simple, Quick Fix

Perhaps the quickest way to fix the issue would be via SSH. One would need to change into the document root of the site, rename the .htaccess file to .htaccess.bak, then cat the contents of the .htaccess.bak file to a new .htaccess file, and then ensure the correct ownership of the .htaccess file. Assuming the document root for the site is /home/user/public_html , and the username is user, the commands would be as follows:

  cd /home/user/public_html/
  mv .htaccess .htaccess.bak
  cat .htaccess.bak > .htaccess
  chown user.user .htaccess

Preventing the Issue

To prevent this issue, always use a Linux-compatible text editor (vim, nano, etc.,) or configure your text editor to save files without a BOM. This can be done in Notepad++ via the top bar menu: Encoding > Encode in UTF-8 .