WordPress Security with the .htaccess file

Posted on 14th July, 2013 110 Comments

So I showed you how you can help speed up WordPress using a single line of php in your header.php theme file and by adding a few simple lines to your htaccess file. Now lets concentrate on security.

As WordPress is now so widely used (60+ Million users) it has become a bit of a hacking ground for those interested in tinkering in the dark arts. Also because it’s an open source platform the structure is widely available and is well know. So this article is going to help you make your site a whole heap more secure to brute attacks by adding another few lines to your htaccess file.

Firstly you’ll want to protect your wp-config.php as it holds all the server info.
We’ll do this by denying access to everyone. Add this to the bottom of your .htaccess file.

### SECURITY ###

	# protect wp-config.php
    <Files wp-config.php>
    order allow,deny
    deny from all
    </Files>

Simply, this snip blocks all access to the file outside of using an ftp client.

Next you’ll want to close the door on people browsing your directories.

    # block directory browsing
    Options All -Indexes

Next but no least, we’ll protect the htaccess file from any attacks.

# protect htaccess
    <Files ~ "^.*.([Hh][Tt][Aa])">
    order allow,deny
    deny from all
    satisfy all
    </Files>

For this file that’s it. Save it and upload it to your /public_html folder on your server.

We are almost done, we just need to do one last thing…

Create another htaccess file. Open notepad and save the document as .htaccess. This one is going to be added to the wp-admin folder, to block anyone trying to login to your site from an outside ip; But will also allow access to the ever important ajax used for eCommmerce sites.

The first order deny,allow is going to block access to your admin area to everyone who doesn’t have a ip that is allowed.

So in a blank .htaccess add this.

If you want to find your ip, google “what is my ip

  #Block access to admin 
  order deny,allow
	  allow from 12.12.12.12 #Find your ip
	  allow from 11.11.11.11 #Add more if needed or delete.
	  deny from all #Block everyone else
	  
  #Allow Ajax, we're running a business here!
  <Files admin-ajax.php>
	  Order allow,deny
	  Allow from all
	  Satisfy any
  </Files>

You can find more on Protecting WordPress Here

If spam is your problem, I have a great fix, that believe it or not actually works and is free.

Comments

To preserve code added to a comment you can wrap your code in short tags
by using [square brackets]:

  1. PHP use - [php] <?php code here ?> [/php]
  2. CSS use - [css] #code-here {} [/css]
  3. HTML use - [html] <div> code here </div> [/html]
  4. JS use - [js] $(".codeHere") [/js]

Abinash Mohanty

04th, Feb, 14

Thanks for the tips, these are quite helpful. I only have one query about .htaccess under the wp-admin folder. How can we configure for dynamic ip as “what is my ip” shows different addresses when I use my home wifi or at work having different isp. Can’t we map with MAC address? I guess that is permanent right! Let me know, thanks.

Aaron

26th, Jan, 15

Suppose if you don’t like poking around your .htaccess file, this is a good option.

VictorAmisp

17th, Oct, 20

if you’re reversed by restitutive in every way your patient. cialis pilots. Or accountant. or, litigation, may, string bite, raging temper.

JamesVen

21st, Oct, 20

Operate quarter so your form doesn’t seize too [url=https://ciamedusa.com/#]tadalafil price[/url] Zmxroi uvjcbr

JamesVen

21st, Oct, 20

cialis a date (inhaled into the life) that when used. [url=https://ciamedusa.com/]cialis pills online india[/url] protocol-and-feel online dispensary canada you slink as regards rigid hypoglycemia.

JamesVen

22nd, Oct, 20

unconfined there from with the level serum no surrogate what. [url=https://ciamedusa.com/#]liquid tadalafil[/url] of therapy from one of the simply includes: SouthernГђ ГђВ†s D.

check this link right here now latestbtcnews.com

15th, Nov, 20

I together with my buddies came reading the best suggestions found on your web blog and the sudden I had an awful suspicion I never thanked the website owner for those techniques. My men happened to be for that reason joyful to study them and already have actually been making the most of these things. Thanks for actually being really considerate and also for making a choice on these kinds of quality things millions of individuals are really needing to discover. My personal honest regret for not saying thanks to earlier.

Norbertoract

21st, Nov, 20

does erectile dysfunction end
[url=https://besterectiledysfunctionpills.com/#]ed meds[/url]
erectile vasectomy
best ed pills
erectile pills without a doctor prescription

Orval Sites

01st, Dec, 20

Today, while I was at work, my sister stole my apple ipad and tested to see if it can survive a 25 foot drop, just so she can be a youtube sensation. My apple ipad is now broken and she has 83 views. I know this is entirely off topic but I had to share it with someone!

Antonia Castaner

16th, Dec, 20

Hey very nice web site!! Man .. Beautiful .. Amazing .. I will bookmark your blog and take the feeds also…I’m happy to find so many useful info here in the post, we need develop more strategies in this regard, thanks for sharing. . . . . .

Unjury Multivitamin

19th, Dec, 20

F*ckin’ tremendous things here. I’m very glad to see your post. Thanks a lot and i’m looking forward to contact you. Will you kindly drop me a mail?

Full Report tgntimes.com

19th, Dec, 20

Awesome site you have here but I was wanting to know if you knew of any user discussion forums that cover the same topics talked about in this article? I’d really love to be a part of community where I can get suggestions from other knowledgeable people that share the same interest. If you have any suggestions, please let me know. Thanks a lot!

Orphica Realash Wimpernserum Amazon

20th, Dec, 20

Howdy! Do you know if they make any plugins to help with SEO? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good success. If you know of any please share. Thanks!

look at here Aanewshop.com

20th, Dec, 20

When I originally commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get four emails with the same comment. Is there any way you can remove me from that service? Cheers!

look at these guys botapracorrernews.com

23rd, Dec, 20

I do enjoy the way you have presented this specific challenge plus it really does provide me a lot of fodder for thought. Nonetheless, coming from what precisely I have seen, I only wish as the actual commentary pack on that folks keep on point and in no way embark on a tirade of some other news du jour. Still, thank you for this fantastic point and even though I can not really concur with the idea in totality, I respect the perspective.

look at this website Breaching News

24th, Dec, 20

Howdy! Quick question that’s totally off topic. Do you know how to make your site mobile friendly? My weblog looks weird when viewing from my iphone 4. I’m trying to find a template or plugin that might be able to correct this problem. If you have any suggestions, please share. Thanks!

check my source 0751 sg news

24th, Dec, 20

I have been exploring for a little bit for any high quality articles or blog posts on this sort of area . Exploring in Yahoo I at last stumbled upon this website. Reading this information So i’m happy to convey that I have an incredibly good uncanny feeling I discovered exactly what I needed. I most certainly will make sure to do not forget this website and give it a look regularly.

Find Out More Breaching News

25th, Dec, 20

Hey I am so grateful I found your website, I really found you by accident, while I was browsing on Aol for something else, Anyways I am here now and would just like to say cheers for a fantastic post and a all round exciting blog (I also love the theme/design), I don’t have time to read it all at the moment but I have book-marked it and also added your RSS feeds, so when I have time I will be back to read more, Please do keep up the excellent job.

you can try this out bomber news

25th, Dec, 20

Oh my goodness! an amazing article dude. Thank you Nevertheless I’m experiencing issue with ur rss . Don’t know why Unable to subscribe to it. Is there anyone getting identical rss downside? Anybody who is aware of kindly respond. Thnkx

blog link free town daily news

25th, Dec, 20

Very nice post and straight to the point. I don’t know if this is truly the best place to ask but do you people have any thoughts on where to employ some professional writers? Thanks 🙂

company website icetimesmagazine.com

25th, Dec, 20

Hello! Do you know if they make any plugins to help with SEO? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very good success. If you know of any please share. Many thanks!

Get More Information 7livenews.com

25th, Dec, 20

Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your site? My website is in the very same area of interest as yours and my visitors would definitely benefit from some of the information you present here. Please let me know if this okay with you. Many thanks!

next 51kannews.com

25th, Dec, 20

You really make it seem so easy along with your presentation but I find this topic to be actually one thing which I believe I would by no means understand. It sort of feels too complex and extremely broad for me. I’m having a look forward to your next put up, I’ll try to get the grasp of it!

click reference 247realnews.com

25th, Dec, 20

I’m often to blogging and i really respect your content. The article has actually peaks my interest. I am going to bookmark your website and hold checking for brand new information.

erotikchat

07th, Jan, 21

My brother suggested I might like this blog. He used to be totally right. This publish actually made my day. You can not believe just how much time I had spent for this info! Thanks!

hey

13th, Jan, 21

Taxi moto line
128 Rue la Boétie
75008 Paris
+33 6 51 612 712  

Taxi moto paris

Can I simply say what a relief to find somebody that actually
knows what they’re discussing on the web. You actually know how to bring
a problem to light and make it important. A lot more people should read
this and understand this side of the story. I can’t believe you’re not more popular
because you surely possess the gift.

Maryalice Bighorse

15th, Jan, 21

This cup keeps my coffee hot for hours. I should have known about this a long time ago. I enjoy my hot tea or coffee daily but regular mugs or cups don’t keep the beverages hot at all. I don’t like the lukewarm teas or coffee so when I first use this I was blown away. This keeps hot beverages piping hot for at least few hours. It’s amazing! Also, not to forget the color is very vibrant and pretty. I adhered my favorite stickers. This is my daily coffee mug now.

Sha Sandlan

25th, Jan, 21

What i do not realize is actually how you’re not really much more well-liked than you may be now. You are so intelligent. You realize thus considerably relating to this subject, made me personally consider it from so many varied angles. Its like women and men aren’t fascinated unless it’s one thing to accomplish with Lady gaga! Your own stuffs excellent. Always maintain it up!

Tennie Hibshman

25th, Jan, 21

Very well written post. It will be helpful to everyone who employess it, including yours truly :). Keep doing what you are doing – can’r wait to read more posts.

Grover Bolnick

27th, Jan, 21

I got this cup as a gift for my wife. She absolutely loves it, she doesn’t go anywhere without it. She uses it for cold brew coffee which can last for hours.

cheap flights

31st, Jan, 21

I’m really enjoying the design and layout of your website.
It’s a very easy on the eyes which makes it much more enjoyable for me
to come here and visit more often. Did you hire out a designer to create your theme?

Exceptional work!

cheap flights

01st, Feb, 21

I was recommended this blog by my cousin. I am not sure whether this post
is written by him as no one else know such detailed about
my problem. You are incredible! Thanks!

cheap flights

01st, Feb, 21

Woah! I’m really enjoying the template/theme of this blog. It’s
simple, yet effective. A lot of times it’s difficult to get that
“perfect balance” between superb usability and appearance.
I must say you’ve done a superb job with this. Also, the blog loads
super quick for me on Firefox. Exceptional Blog!

cheap flights

02nd, Feb, 21

It’s going to be finish of mine day, except before end I
am reading this great paragraph to increase my know-how.

http://tinyurl.com/y2os8vy6

03rd, Feb, 21

It’s a pity you don’t have a donate button! I’d certainly donate to
this fantastic blog! I guess for now i’ll settle for book-marking
and adding your RSS feed to my Google account. I look forward to fresh updates and will
share this website with my Facebook group. Talk soon!

shell download

09th, Feb, 21

We stumbled over here by a different web page and thought I may as well
check things out. I like what I see so now i am following you.
Look forward to looking over your web page yet again.

http://tinyurl.com

12th, Feb, 21

With havin so much content do you ever run into any issues of plagorism or copyright infringement?
My website has a lot of exclusive content I’ve either authored myself or outsourced but it appears
a lot of it is popping it up all over the web without my
permission. Do you know any techniques to help reduce content from being ripped off?
I’d certainly appreciate it.

ZoilaTStrehl

01st, Mar, 21

It’s actually very complicated in this loaded with activity life to listen news on TV,
therefore I just use web for this purpose, and take the latest
information.

Look at my web site – ZoilaTStrehl

More Bonuses PH Times NG

29th, Mar, 21

I’m truly enjoying the design and layout of your website. It’s a very easy on the eyes which makes it much more pleasant for me to come here and visit more often. Did you hire out a developer to create your theme? Excellent work!

Leave a Comment

To preserve code added to a comment you can wrap your code in short tags
by using [square brackets]:

  1. PHP use - [php] <?php code here ?> [/php]
  2. CSS use - [css] #code-here {} [/css]
  3. HTML use - [html] <div> code here </div> [/html]
  4. JS use - [js] $(".codeHere") [/js]