.htaccess is a configuration file for Apache Web Server. If the server finds any .htaccess file then it automatically loads the file and the .htaccess file is executed by the Web Server. The .htaccess files can be used to change the configuration of the Web Server to add some additional functionality or remove some irrelevant features of the Apache Web Server.
Common .htaccess code snippets for WordPress
In this post I am sharing some very common .htaccess code snippets for WordPress which will be helpful for your future server configuration for WordPress. I think these .htaccess code snippets for WordPress will help you while working with WordPress. And these codes will need to be modified as of your own because some values will not match your configuration.
Common .htaccess code snippets for WordPress
01. Protect WordPress Blog From Script Injections
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
02. Redirect WordPress Blog Feeds To FeedBurner
# temp redirect wordpress content feeds to feedburner
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !FeedBurner [NC]
RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
RewriteRule ^feed/?([_0-9a-z-]+)?/?$ http://feeds.feedburner.com/webanddesigners [R=302,NC,L]
</IfModule>
03. Banning a WordPress spammer with .htaccess
<Limit GET POST> order allow,deny deny from 200.49.176.139 allow from all </Limit>
04. Allow only your IP address on the wp-admin directory
AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "Example Access Control" AuthType Basic <Limit GET> order allow, deny deny from all allow from xx.xx.xx.xx </Limit>
05. Redirect All WordPress Feeds To Feedburner
<IfModule mod_alias.c> RedirectMatch 301 /feed/(atom|rdf|rss|rss2)/?$ http://feedburner.com/yourfeed/ RedirectMatch 301 /comments/feed/(atom|rdf|rss|rss2)/?$ http://feedburner.com/yourfeed/ </IfModule>
06. How to block comment posting to no referrer requests
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
07. Stop spamming on your WordPress blog
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomainname.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
08. Deny access to your wp-config.php file
# protect wpconfig.php <files wp-config.php> order allow,deny deny from all </files>
09. Securing the .htaccess
<Files ~ "^.*\.([Hh][Tt][Aa])"> order allow,deny deny from all satisfy all </Files>
Hope this post helped you somehow. You can also have a look at my another post – Common .htaccess code snippets which contains many helpful .htaccess code snippets for your server configuration.
The post Common .htaccess code snippets for WordPress appeared first on JS Tricks.
