10 Practical .htaccess Tricks for WordPress

The .htaccess file is also known as server alignment file. This file allows you to set the rules for the server to survey your website. It is important to note that WordPress utilizes .htaccess file in the generation of SEO friendly URL. The root folder of the WordPress is situated in the root folder. In order to edit it, you need to make sure that you are connected to your website by using an FTP client. You can also connect to it by using the C-Panel so that you can edit it. In this context, it is interesting to note that before you began to edit the .htaccess file, you need to take permission from the hosting company. It is so because it has frequently been observed that it can damage their server system. However, a majority of popular C-Panel hosting companies would allow editing the .htaccess file.

On the other hand, a best web hosting company always allows you to edit the .htaccess file; you can enhance your WordPress enabled site’s security as well as speed. Here is the list of top .htaccess tricks for WordPress.

1. Deactivate the execution of PHP in some folders

It is a widely accepted fact that hackers would upload PHP files to the upload and WP folder. It is so because when they upload the data in these folders, the PHP files can be run successfully in order to degrade the security of your site. However, you can avoid the execution of PHP by the creation of a blank .ht access file. After you create the file, you can upload it to the WP folder.

2. Deactivate the feature of Directory Browsing

If you are on the lookout to protect your site from hackers, you can do that by the addition of a single line in the .htaccess file. This would disable the feature of directory browsing in WordPress. In this manner, you would also eliminate the vulnerabilities related to file manipulation by the hackers. For example, you can use the code in the form of testing.php.

3. Protect the Admin Folder in WordPress with a password

If you access your WordPress site from a large number of locations, then assigning specific IP addresses may not work correctly. Hence, your first step to creating a password is by creating a .htpasswds file. The next step for you is to upload this file outside of the web directory. This file is in the form of public_html/. After that, you need to create a new .htaccess file so that you can add the appropriate codes. However, it is important to note that you should not forget to substitute the authorized user file path with the passwords file. Also, make sure that you add your username.

4. Opt to set up the 301 redirects feature with the help of .htaccess file

If you want to inform your audiences that the content has moved to a new location, you need to rely on the versatility of 301 redirects. It is indeed one of the SEO friendly ways through which you can inform your target audiences about the relocation of the content. Many individuals also opt to quickly set up redirects so that it can fetch them with the appropriate results.

5. The context of opting for GZip Compression

If your site is quite slow and your users are complaining about that, you can shrink a majority of files in order to speed up the place. You can also use various codes so that your website speed can be enhanced in a fruitful manner.

6. Deactivate image linking with the usage of .htaccess

Image linking can be one of the primary reasons behind the reduced speed of your website. It is so because a lot of other websites can steal your bandwidth limit by hyperlinking and hotlinking images from your site. If you own a small website, then it is not that much of a big issue. However, if you have a trending website which is quite large, then it would become a serious issue. Hence, it is clear that you need to prevent the hyperlinking of your website’s pictures. Furthermore, make sure that you replace webcrowns.com with your domain name.

7. Increase the file upload limit on your WordPress site

If you are on the lookout for the increase the capacity of file upload size, there exist various methods. However, one of the most popular ways is to add codes to the .htaccess file so that you can efficiently enhance the file upload width on the WordPress site.

8. By using .htaccess, prohibit the access to XML-RPC

To install a WordPress blog or a website, you need to have a thorough knowledge of the XML-RPC file. In this context, it is important to note that XML-RPC is a remote procedure that uses the XML to encrypt the calls. In other words, it is a system that would allow you to post on the WordPress blog. It is also required if your users use the WordPress mobile application. This file would allow the third-party apps to efficiently connect to your WordPress site. In this context, it is important to note that a majority of WordPress security experts are of the view that if you are not using the third-party apps, you need to disable this feature. You can do that by adding code to the .htaccess file. However, with the increasing use of smartphones, the vulnerability issues related to the XML-RPC file has come to the fore. Hence, by adding codes, you can efficiently enhance its security.

9. Deactivate the feature of author scans in WordPress

If you want to enhance the security of your site, you need to opt for blocking author scans. Subsequently, you can attempt to crack the passwords for usernames. By adding codes to the .htaccess file, you can prevent the author scans. However, if you are utilizing the Brute Force Login Protection and Google Authenticator, then you are secured by the brute force attacks. The brute force attacks imply the use of malicious attempts by hackers to break into your WordPress site.

10. Give permissions to selected IP addresses

The .htaccess file can be used to protect the WordPress site. You need to decide the viable IP addresses only. However, you should not forget to replace the xxx values with that of your IP address. If you use one or more of these IP addresses, ensure you add them to the list.

Wrapping up:

There exists various other tricks and hacks with the .htaccess file. However, the above-mentioned .htaccess hacks are beneficial for your WordPress site. Hopefully, these tricks and hacks would come to your aid and would also help you to build more engaging content for your users. Moreover, these hacks are in trend and optimize the WordPress site.


This is a guest contribution from Pawan Sahu. He is the founder of MarkupTrend, blogger and marketing geek passionate about writing articles related to WordPress, SEO, Marketing, Web Design, and CMS etc.

You May Also Like

About the Author: Ravijit Chavda

Hey, there. I'm Ravijit Chavda, the founder of bloggingbook. I love to create blogs as well as share my experiences through blogging. I am a passionate blogger with having years of experience in blogging and internet marketing.

1 Comment

  1. Thanks, Ravijit for sharing this post. I have started work on SEO sometime ago. As a learner this is a great post to read and learn. You explained all .htaccess tricks very clearly. Thanks for it.

Leave a Reply

Your email address will not be published. Required fields are marked *