Registrations and logins should be back to normal. Please report any issues in the Ask Staff section.

Security .htaccess file

by zackster - 16-06-2020, 08:53 PM
Lurker
Posts:
5
Joined:
Jun 2020
Likes:
0
Credits:
6
Reputation:
0
#1
OP
Posted: 16-06-2020, 08:53 PM
Here is the .htaccess file I sometimes use to secure a website and optimize it:

# Force HTTPS
RewriteEngine ON
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

# Switch off server signature
ServerSignature Off

# Switch off directory listing
Options -Indexes

# Compress text, html...
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE application/html
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

# Block Wordpress sensitive directories and files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

# Protect .htaccess
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

# Set cache control
<FilesMatch "\.(ico|png|jpeg|svg|ttf)$">
Header Set Cache-Control "max-age=604800, public"
</FilesMatch>
Lurker
Posts:
1
Joined:
Jun 2019
Likes:
0
Credits:
1
Reputation:
0
1 Year of Service
#2
Posted: 04-07-2020, 06:21 AM
many thanks for sharing this .htaccess config ...............
Credit Monster
Prime
Posts:
437
Joined:
Jan 2019
Likes:
36
Credits:
11
Reputation:
4
1 Year of Service
#3
Posted: 06-07-2020, 02:03 PM
I have a thread here with a lot more htaccess features https://nulledbb.com/thread-Htaccess-tip...03-01-2019
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)