The .htaccess is a server configuration file allowing setting up the details of the website without changing the config folder. The file is present in WordPress themes along with all Apache web hosting and can be used for your web page performance, safety, and user-friendliness improve. It can be found in your WP site root directory. All you must do is to link the file to the website with the help of an FTP client so that it can be edited.
By employing .htaccess files, you will get the following features that can be either enabled or disabled on your own: server signature, URL forwarding, file caching, password security and custom mistake pages. The files mentioned above set up and operate so-called server farms where web hosting users utilize the same Apache server. Without .htaccess files, the virtual hosting indicates that every client of the similar segment should use identically the same settings.
Thus, web hosts such as GoDaddy, DreamHost, MediaTemple, etc. enable .htaccess files. When they are enabled, the web page becomes faster than any others.
Creating a.htaccess file is quite easy if you know how. It can be created using any preferable text editor or directly in cPanel. To begin, open an empty text file and save it as shown below:
‘.htaccess’
In case your server does not let you do this, you may save the file named ‘htaccess.txt’ and rename it to the appropriate one when it is applied to your site. Then include the following default code in the file, save the adjustments and submit the file to your WordPress root folder with the help of FTP client:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Make sure that there is no gap between lines when pasting the code into the .htaccess file. The code must look like presented below:
We also recommend that you set up a website permit of 644, so it will be protected from possible assaults. To understand the purpose of this file permission, read the article .
Here we will cover some helpful tricks for WP that can be tried in practice.
You may find more useful .htaccess tricks for your WordPress site with the fullest description here .
We have tried to cover some of the most crucial questions referring to a successful and productive work with .htaccess files in your WP website and hope that our article has helped you understand their principles better. We will be happy if you decide to share your user experience with us in the future.
Developers of WordPress Dashboard made it possible to generate such files automatically. IT is pretty easy to do. In Settings, there is a Permalinks button. Click on and after that simply save the changes you have implemented. And voila you have a WordPress default .htaccess file in a website's’ root. Moreover, there are few editors ready to help you change .htaccess file fast.
But it is wise to know the ways to edit everything manually. Including default .htaccess generation. There are two ways: you can create such a file on a computer or on a server. A text editor is the easiest way to generate such files on a PC. Let’s create a .txt file named htaccess.txt. Then open it and do the coding you required for implementing additional commands. Then copy-paste created file to the root. Just remember to change the file’s extension to .htaccess.
You need even fewer steps when you need to generate a .htaccess file directly on a server. At first, go to the directory (or subdirectory) where your .htaccess file will locate. Open the drop-down menu with RMB and create a new file with .htaccess extension. Then edit it as you wish with a Notepad++ for example.
Here we have to make a little note. Keep in mind that manual editing and generation of .htaccess files can be risky. It can ruin your website and after that, it may take time to restore the previous version. So remember to make a few things when you work with .htaccess file.
Snippets are an important part of .htaccess file editing. These reusable code parts can make your life really easy and enrich your website functional if you know how to use them.
You can find many of them online. For example, on a GitHub or CSS-tricks. So let’s check some of them out and find out what they can do with your website.
So, at first, we must find a .htaccess file. Go to the root directory and open it. If the installation was successful then you wills this code:
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# WordPress
Now you can add new code or snippers into this default .htaccess file.
The default settings of the server allow you to browse the website’s directory. But it may lead to some security risks. It looks like this:
And if you want to eliminate this threat than use this code:
# Désactivate the display of contents of rédirectories Options All -Indexes
The result will look like:
The same risks may push you to hide information about your server. It can be done with next snipper:
# Mask the information of server ServerSignature Off
When your server is abroad it may have some troubles with time settings. And you can change them with:
# set the server timezone SetEnv TZ America/Washington
And the last snipper is restricting access to your .htaccess file.
It looks like this:
# Restrict access to htaccess <files ~ "^.*\.([Hh][Tt][Aa])"> order allow,deny deny from all satisfy all </files>
For some hackers, it is also possible to burn down your bandwidth by hotlinking on the image on your website. It creates risks for your website optimization, and we all know that web search algorithms prefer fast websites. It may harm your SEO function.
This snipper can help you avoid such issues:
#Stop hotlinkers in their tracks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?feeds2.feedburner.com/yoursite [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]
It is also important how to ban the IP address
It is very useful if there are issues with spam commenters or some suspicious activity on your website.
#Ban Spammers and bots by blacklisting IP addresses <Limit GET POST> order allow,deny deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x allow from all </Limit>
It is a place where most of your customization stores. Here you write posts, do menu configurations, customize your theme and so on.
And it is obvious that you want to limit access to your website administration. In order to do so, you can list IPs that may get access to the admin area.
<Limit GET POST PUT> order deny,allow deny from all allow from xx.xx.xx.xx //( your static IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) </Limit>
With this snippet, you can limit direct access to files with a .PHP extension.
<Files wp-tinymce.php> allow Aallow from all </Files> <FilesMatch "\.(?i:php)$"> <IfModule !mod_authz_core.c> Order allow,deny Deny from all </IfModule> <IfModule mod_authz_core.c> Require all denied </IfModule> :</FilesMatch> <Files wp-tinymce.php> Allow from all </Files> <Files ms-files.php> Allow from all </Files>
This codding product allows us to use only selected files from the wp-content subdirectory. In a few words, it denies entry to stored files. In addition, it will allow you to selectively unblock various types of files.
# Disable access to all file types except the following Order deny,allow Deny from all <Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$"> Allow from all </Files>
Useful .htaccess Snippets Collection. 15 Tricks to Take Better Control of Your Site
Guide to Keep Your WordPress Theme and Plugin Code Secure
Best Customer Service and Chat Plugins for WordPress 2020
Brand New Solution to Attract Home Customers: Real Estate Agency WordPress Theme
Self-taught copywriter specialized in web design, marketing, and traveling. Graduated with a degree in German and English translation. Obsessed with guides, listings, and long-read blog posts. Open for new information and strives to explore more undisclosed subjects. Social Media Accounts: Fb, Twitter, LinkedIn.
Subscribe to our newsletter and access exclusive content and offers available only to MonsterPost subscribers.
Hi! I understand this is sort of off-topic however I needed to ask.
Does building a well-established blog like yours require a lot of work?
I’m completely new to running a blog but I do write in my journal on a daily basis.
I’d like to start a blog so I will be able to share my experience
and views online. Please let me know if you have any kind of suggestions or
tips for new aspiring blog owners. Thankyou!
great idia , thankb for share this informations,
thank a lots