- Joined
- May 20, 2016
- Messages
- 149
- Points
- 28
Currently WordPress is the most widely used today with many websites built on this platform. Because it is easy to use and install, also for this reason that the security for WordPress sites are made becomes more difficult. However, through this post, I will share with you 3 easy tips to help you secure your Wordpress blog.
3 tips to secure your Wordpress with .htaccess
Here are 3 important files/folders in WordPress that you should protect
wp-config.php is file in root folder, it stores information about your website, also databases. This is very important file that you can not allow other people know. So, you need to protect wp-config.php for viewing.
No directory browsing
WordPress is so popular hence everyone can know its folder and files structure hence we can make the folder view as public as following
Protect your wp-content
wp-content folder contains the images, themes and plug-ins folder and it is very important so that we can prevent external access as follows:
Protect your .htaccess file
The code below will prevent all who view any files on your website starts with "hta"
I hope with these tips you will be able to secure for yourself or your blog site and looking forward to hearing other tips on how to secure our Wordpress site.
Good luck!
3 tips to secure your Wordpress with .htaccess
Here are 3 important files/folders in WordPress that you should protect
Secure your wp-config.php file1. wp-config.php
2. wp-contents folder
3. .htaccess file
wp-config.php is file in root folder, it stores information about your website, also databases. This is very important file that you can not allow other people know. So, you need to protect wp-config.php for viewing.
Code:
<Files wp-config.php>
order allow,deny
deny from all
</Files>
WordPress is so popular hence everyone can know its folder and files structure hence we can make the folder view as public as following
Code:
Options All -Indexes
wp-content folder contains the images, themes and plug-ins folder and it is very important so that we can prevent external access as follows:
Code:
Order deny,allow
Deny from all
<Files ~ ".(xml|css|jpe?g|png|gif|js)$">
Allow from all
</Files>
The code below will prevent all who view any files on your website starts with "hta"
Code:
<Files ~ "^.*.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>
Good luck!