.htaccess impact on site speed

I’m a big fan of the 6G firewall, from Jeff Starr of Perishable Press. It lives in my .htaccess file, and does a great job of protecting my site against a wide variety of malicious requests, bad bots, spam referrers, and other attacks. It adds 76 lines to my .htaccess file, some of them filled with long regular expressions. WordPress and Litespeed Cache also add chunks to my .htaccess file. And, .htaccess being exceptionally flexible and useful, I add other stuff as well.

htaccess impact on site speed

Read more .htaccess impact on site speed

Allowing only CloudFlare traffic

No piratesIn other posts I give my point of view on the security advantages of using CloudFlare. But what’s to stop a bad guy, gal, or bot from accessing my site directly by IP address? I can try to keep my IP address secret, but a determined hacker will find it without too much trouble. He or she or his/her robot minions could then avoid CloudFlare security by attacking my site directly – unless I take explicit measures by allowing only CloudFlare traffic.

Read more Allowing only CloudFlare traffic

6G Firewall

There are a number of comprehensive security solutions available for WP, notably including the very popular Wordfence Security plugin. I have a Wordfence quibble, which I whine about in another post, but to the best of my knowledge, Wordfence is an excellent choice for most WP users. My preference though is for light, fast, specific solutions as opposed to a single, relatively heavy, Swiss-army-knife style tool.
6G Firewall runs in htaccess
One such light, fast, specific solution is the 6G Firewall from Perishable Press.

Read more 6G Firewall

403 Text String

If my site gets attacked, it could serve up a lot of 403-Forbidden error pages, which would use a lot of resources, slowing my site or even bringing it down. For 404-Not Found errors, I want to serve a friendly helpful page that fits in with the look and feel of my site. Legitimate visitors should rarely if ever encounter a 403-Forbidden error though, so I prefer to politely limit resource use to the extent practical.  My solution is a custom 403 text string, using the following line at the beginning of my .htaccess file:

ErrorDocument 403 "403: Sorry, not permitted."

Read more 403 Text String