Wednesday, April 1, 2020

More tricks for the .htaccess file of your website

In the previous post, we show you tricks to add to your .htaccess file with which you can optimize and secure your web page. Today we bring more tricks! Enjoy them.

Disable the execution of PHP in some Directories

The execution of PHP in the directories / wp-includes / o / wp-content / is a problem that shouldn’t happen, but it happens when the web has been hacked and you are trying to install a backdoor in it to execute malicious codes.

Create a blank .htaccess file and place it in the / wp-includes /, / wp-content / directories. Paste the following code into that file:

With this code you can protect the / uploads / directory from the .htaccess of the root directory:

Disables Image Hotlinking

When many external web pages refer to an image of your website, your server starts to load and may become slow. Add this code and replace the name of your domain to protect your website from these actions:

Protect the .htaccess

Protect your .htaccess file from unauthorized access with this code.

Change the server’s time zone

Adjust the time zone of your server with this code:

Redirects from HTTP to HTTPS

When you install an SSL certificate, redirect your http address to an https with the following command:

Allows access to data through the browser

With this code, the contents of the directory can be viewed in the browser and will be available for other users to download:

Specify the encoding of documents

An .htaccess file can determine exactly which character encoding to use for each type of document. With the following code it is possible to code all the documents under the UTF-8:

In the event that only certain types of documents must be encoded, the following completions will be attached, as necessary:

Use gzip for compression

Some cache plugins fulfill the function of compression, check the code generated by your plugin and check that it matches the one you will see below so that it prevents the browser from having to load so much information and improve the loading speed.

Increase file upload size

In the previous post, we show you how to limit the file upload size, with this code you can increase this limit. Some hostings do not allow it, but you can try it.

Disable XML-RPC

All WordPress installations have a file called xmlrpc.php that allows the connection of third-party applications to your web page and exchange information. The disadvantage of this is that it also opens the possibility of external attacks. If you are not using third-party applications, protect your website by disabling this file.

I hope these tricks work for you!

Jefferson Maldonado
the authorJefferson Maldonado
UX WordPress Designer
Ux & Web Designer. Portafolio: Divi Blogger, WordPress Expert, UX Designer, Business Consultant.

Leave a Reply