12 Useful Codes in .htaccess File For A WordPress Website

useful codes/snippets of .htaccess file for a WordPress website

.htaccess is a powerful configuration file that can be used to make various modifications to a WordPress website’s server settings. It’s a hidden file that resides in the root directory of a website and can be edited using a text editor.

useful codes/snippets of .htaccess file for a WordPress website

Here are 13 common codes in .htaccess file that can be useful for a WordPress website:

Please note: If you are not proficient in HTML/PHP coding, do not attempt any of these recommendations as they could break your website. Instead, contact a professional WordPress developer to do this for you. 

Redirect non-www to www:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^yourdomain.com [NC]
RewriteRule ^(.*)$ http://www.yourdomain.com/$1 [L,R=301]

This code will redirect all non-www requests to the www version of your website, which can help with SEO.

Redirect www to non-www:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.yourdomain.com [NC]
RewriteRule ^(.*)$ http://yourdomain.com/$1 [L,R=301]

This code will do the opposite of the above and redirect all www requests to the non-www version of your website.

Redirect old URL to new URL:

Redirect 301 /old-url/ http://www.yourdomain.com/new-url/

This code will redirect an old URL to a new URL using a 301 permanent redirect, which can help maintain SEO rankings.

Password protect a directory:

AuthType Basic
AuthName “Restricted Area”
AuthUserFile /path/to/.htpasswd
Require valid-user

This code will password protect a directory on your website, allowing only authorized users to access it.

Block access to a specific IP address:

Order allow,deny
deny from 123.45.67.89
allow from all

This code will block access to your website from a specific IP address, which can be useful for blocking malicious traffic.

Block access to a specific file or directory:

Order allow,deny
deny from all

This code will block access to a specific file on your website, which can be useful for protecting sensitive information.

Enable gzip compression:

AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript

This code will enable gzip compression on your website, which can reduce the file size of your website’s pages and improve load times.

Prevent directory listing:

Options -Indexes

This code will prevent directory listing on your website, which can help protect sensitive information.

Change the default index page:

DirectoryIndex home.php

This code will change the default index page of your website to home.php.

Limit file upload size:

php_value upload_max_filesize 64M
php_value post_max_size 64M

This code will limit the file upload size to 64MB, which can help prevent server overload.

Enable caching:

ExpiresActive On
ExpiresByType image/jpg “access plus 1 year”
ExpiresByType image/jpeg “access plus 1 year”
ExpiresByType image/gif “access plus 1

Limit Login Attempts

Limiting login attempts can prevent brute-force attacks on your website. You can limit login attempts by adding the following code to your .htaccess file:

<files “wp-login.php”=””>
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “WordPress Admin Access Control”
AuthType Basic
order deny,allow
deny from all

Block Access to wp-config.php

The wp-config.php file contains sensitive information such as your website’s database credentials. You can block access to the wp-config.php file by adding the following code to your .htaccess file:

Order Allow,Deny
Deny from all

Contact a WordPress Developer Now!