Home Security htaccess tricks

htaccess tricks

Posted on by

htaccess tricks improve WP securityAlong with the excellent 6G firewall (update: 7G firewall) from Jeff Starr at Perishable Press, certain htaccess tricks improve WP security. Examples …

  • Block directory browsing:
    Options -Indexes
  • Restrict access to wp-config.php:
    <files wp-config.php>
    order allow,deny
    deny from all
    </files>
  • Restrict access to .htaccess:
    <Files .htaccess>
    order allow,deny
    deny from all
    </Files>
  • Restrict access to install.php:
    <Files install.php>
    order allow,deny
    deny from all
    < /Files>
  • Add Security Headers: XSS attacks; page-framing and click-jacking; content-sniffing
    <IfModule mod_headers.c>
    Header set X-XSS-Protection "1; mode=block"
    Header always append X-Frame-Options SAMEORIGIN
    Header set X-Content-Type-Options nosniff
    </IfModule>

Perishable press offers many more stupid htaccess tricks.

WPPOV supports freedom from Net Neutrality and the GDPR. The Internet of the people, by the people, for the people, shall not perish from the Earth.