Here is list of some important WordPress tips about .htaccess. I am sure these WordPress tips are really helpful for you and your websites.
The .htaccess file is a most important configuration file that allows you to control files and folders in the current directory, and all sub-directories. The filename is a shortened name for hypertext access and is supported by most servers. Millions of WordPress users use the .htaccess file to protect their websites from spammers, hackers, and other known threats. In this article, I would like to share with you several tips and snippets for .htaccess that will make your website secure.
Make a backup of your current working file of .htaccess. Store it in a safe place on your computer, and if possible, in another location such as a USB flash drive or any other storage media. Do not take any chances with .htaccess.
You May Also Like:
- 25 Best Responsive Free Joomla Templates
- 10 Best HTML5 CSS3 Free Website Templates
- 20 Best Free Blogger Templates
- Cheap Web Hosting Services By Hostgator
- 20 Best Free JQuery Plugins With CSS Image Hover Effect
1. Protect .htaccess Tips
.htaccess is the most important file all over the whole website that is why it is very important to protect this file from unauthorized users. This small code will help you to stop hackers from accessing your .htaccess file. You can easily do this. Just open and edit file via FTP.
<files ~ “^.*\.([Hh][Tt][Aa])”>
deny from all
2. Protect WP-Config.php tips
In WordPress another important file is wp-config.php. This configuration file contains the login information for your WordPress database as well as other important settings This small code will help you to stop hackers from accessing your WP-config.php file.
deny from all
3. Block Include-Only Files
There are certain files that never have to be accessed by the user. You can block access to these files by adding the following code to your .htaccess file:
# Block the include-only files.
RewriteRule ^wp-admin/includes/ – [F,L]
RewriteRule !^wp-includes/ – [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]
RewriteRule ^wp-includes/theme-compat/ – [F,L]
4. Restrict Access to the Admin Area
Another enterence door for hackers is the WordPress admin area. If they get access to admin area, they can do unethical activities with your website which is harmful for your websites. To protect your website from hackers just restrict access to admin area.
To make this area more secure, create a new .htaccess file and add the code below to it:
# Limit logins
admin by IP
<Limit GET POST PUT>
deny from all
allow from 18.104.22.168
IP Address should be your own.
If more then one admin of your website then you cn Additional IP addresses add for other administrators and staff member. You can do this by adding additional allow lines or listing their IP addresses in the main allow line and separating them using commas. For example:
allow from 22.214.171.124, 126.96.36.199, 188.8.131.52
5. Ban Someone From Your Website
If someone who disturb you and leave bad and busive comments on your website or someone who has attempted to access your admin area and you also know the IP address of that person or party, you can completely ban them from your website using the code below.
<Limit GET POST>
deny from 123.456.78.9
deny from 987.654.32.1
allow from all