{"id":29903,"date":"2017-05-02T23:01:48","date_gmt":"2017-05-02T15:01:48","guid":{"rendered":"https:\/\/www.hongkiat.com\/blog\/?p=29903"},"modified":"2022-10-18T20:12:24","modified_gmt":"2022-10-18T12:12:24","slug":"useful-htaccess-snippets-for-wordpress","status":"publish","type":"post","link":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/","title":{"rendered":"15 Useful .htaccess Snippets for Your WordPress Site"},"content":{"rendered":"

Having a well-configured .htaccess file<\/strong> is crucial if you want to increase security<\/strong> and reduce vulnerabilities<\/strong> on your WordPress site. Usually, the main goal of creating a custom .htaccess file<\/strong> is to prevent your site from being hacked but it\u2019s also an excellent way to handle redirects and manage cache-related tasks.<\/p>\n

.htaccess is a configuration file<\/strong> used on Apache web servers. Most WordPress sites run on an Apache server<\/a><\/strong>, although a small portion is powered by Nginx<\/a><\/strong>. In this article, you can find a collection of .htaccess code snippets<\/strong>, most of which you can use to secure your website while the rest implements other useful features.<\/p>\n

\n\t\t\t\t\tRead Also:<\/strong>\u00a0\n\t\t\t\t\tA Beginner\u2019s Guide to .htaccess for Designers and Developers<\/a>\n\t\t\t\t<\/p>\n

Don\u2019t forget to back up the .htaccess file<\/strong> before you edit it so that you can always return to the previous version<\/strong> if something goes wrong.<\/p>\n

And, if you\u2019re someone who rather not touch configuration files I recommend you the BulletProof Security<\/a><\/strong> plugin which is the most reliable (and probably the oldest) free .htaccess security plugin<\/strong> on the market.<\/p>\n

Create the default WP .htaccess<\/h2>\n

.htaccess works on a per-directory basis<\/strong> which means that each directory can have its own .htaccess file. It can easily happen that your WordPress site doesn\u2019t have a .htaccess file yet<\/a><\/strong>. If you don\u2019t find a .htaccess file in your root directory create an empty text file<\/strong> and name it to .htaccess<\/code>.<\/p>\n

Below, you can find the default .htaccess<\/strong> WordPress uses. Whenever you need this code you can quickly look it up in the WordPress Codex<\/a>. Note that there is a different .htaccess for WP Multisite<\/a>.<\/p>\n

\r\n# BEGIN WordPress\r\n<IfModule mod_rewrite.c>\r\nRewriteEngine On\r\nRewriteBase \/\r\nRewriteRule ^index\\.php$ - [L]\r\nRewriteCond %{REQUEST_FILENAME} !-f\r\nRewriteCond %{REQUEST_FILENAME} !-d\r\nRewriteRule . \/index.php [L]\r\n<\/IfModule>\r\n# END WordPress\r\n<\/pre>\n
The lines beginning with #<\/code> are comments. Don\u2019t edit anything<\/strong> between the lines # BEGIN WordPress<\/code> and # END WordPress<\/code>. Add your custom .htaccess rules below these default rules<\/strong>.<\/p>\n
All code snippets you can find in this article go to the core .htaccess file<\/strong> found in your root directory.<\/p>\n
1. Deny access to all .htaccess files<\/h2>\n
The code below denies access<\/strong> to all .htaccess files you have installed in your WordPress. This way you can prevent people from seeing your web server configurations<\/strong>.<\/p>\n
\r\n# Denies access to all .htaccess files\r\n<Files ~ \"^.*\\.([Hh][Tt][Aa])\">\r\nOrder Allow,Deny\r\nDeny from all\r\nSatisfy all\r\n<\/Files>\r\n<\/pre>\n
2. Protect your WP configuration<\/h2>\n
The wp-config.php<\/code> file contains all your WP configurations<\/strong>, including your database login and password. You can either deny it from everyone or give permission to admins to access it<\/strong>.<\/p>\n
If you choose the latter comment out<\/strong> the # Allow from xx.xx.xx.xxx<\/code> line (remove #<\/code> from the beginning of the line) and insert the admin\u2019s IP address<\/strong> in place of xx.xx.xx.xxx<\/code>.<\/p>\n
\r\n# Protects wp-config\r\n<Files wp-config.php>\r\nOrder Allow,Deny\r\n# Allow from xx.xx.xx.xxx\r\n# Allow from yy.yy.yy.yyy\r\nDeny from all\r\n<\/Files>\r\n<\/pre>\n
3. Prevent XML-RPC DDoS attack<\/h2>\n
WordPress supports XML-RPC<\/a><\/strong> by default, which is an interface that makes remote publishing<\/strong> possible. However, while it\u2019s a great feature, it\u2019s also one of WP\u2019s biggest security vulnerability as hackers may exploit it for DDoS attacks<\/a><\/strong>.<\/p>\n
If you don\u2019t want to use this feature it\u2019s better to just disable it<\/strong>. Just like before, you can add exceptions by commenting out<\/strong> the # Allow from xx.xx.xx.xxx<\/code> line and adding the IPs of your admin(s).<\/p>\n
\r\n# Protects XML-RPC, prevents DDoS attack\r\n<FilesMatch \"^(xmlrpc\\.php)\">\r\nOrder Deny,Allow\r\n# Allow from xx.xx.xx.xxx\r\n# Allow from yy.yy.yy.yyy\r\nDeny from all\r\n<\/FilesMatch>\r\n<\/pre>\n
4. Protect your admin area<\/h2>\n
It\u2019s also a good idea to protect the admin area<\/strong> by giving access only to administrators. Here, don\u2019t forget to add at least one \u201cAllow\u201d exception<\/strong> otherwise you won\u2019t be able to access your admin at all.<\/p>\n
\r\n# Protects admin area by IP\r\nAuthUserFile \/dev\/null\r\nAuthGroupFile \/dev\/null\r\nAuthName \"WordPress Admin Access Control\"\r\nAuthType Basic\r\n<LIMIT GET>\r\nOrder Deny,Allow\r\nDeny from all\r\nAllow from xx.xx.xx.xxx\r\nAllow from yy.yy.yy.yyy\r\n<\/LIMIT>\r\n<\/pre>\n
5. Prevent directory listing<\/h2>\n
Most WordPress sites don\u2019t disable directory listing, which means anyone can browse their folders and files<\/strong>, including media uploads and plugin files. It\u2019s needless to say that this is a huge security vulnerability.<\/p>\n
Below, you can see how a typical WordPress directory listing looks like<\/strong>.<\/p>\n
\"Directory<\/figure>\n
Luckily, you just need one line of code<\/strong> to block this feature. This code snippet will return a 403 error message<\/strong> to anyone who wants to access your directories.<\/p>\n
\r\n# Prevents directory listing\r\nOptions -Indexes\r\n<\/pre>\n
6. Prevent username enumeration<\/h2>\n
If WP permalinks are enabled, it\u2019s quite easy to enumerate usernames<\/strong> using the author archives. The revealed usernames (including the admin\u2019s username) then can be used in brute force attacks<\/a><\/strong>.<\/p>\n
Insert the code below into your .htaccess file to prevent username enumeration<\/strong>.<\/p>\n
\r\n# Prevents username  enumeration\r\nRewriteCond %{QUERY_STRING} author=d\r\nRewriteRule ^ \/? [L,R=301]\r\n<\/pre>\n
7. Block spammers and bots<\/h2>\n
Sometimes you may want to restrict access from certain IP addresses<\/strong>. This code snippet provides an easy way to block spammers and bots you already know.<\/p>\n
\r\n# Blocks spammers and bots\r\n<Limit GET POST>\r\nOrder Allow,Deny\r\nDeny from xx.xx.xx.xxx\r\nDeny from yy.yy.yy.yyy\r\n<\/Limit>\r\nAllow from all\r\n<\/pre>\n
8. Prevent image hotlinking<\/h2>\n
Although not a security threat, image hotlinking<\/a><\/strong> is still an annoying thing. People don\u2019t only use your images without your permission<\/strong> but they even do it at your cost. With these few lines of code, you can protect your site from image hotlinking.<\/p>\n
\r\n# Prevents image hotlinking\r\nRewriteEngine on\r\nRewriteCond %{HTTP_REFERER} !^$\r\nRewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?yourwebsite.com [NC]\r\nRewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www\\.)?yourwebsite2.com [NC]\r\nRewriteRule \\.(jpe?g?|png|gif|ico|pdf|flv|swf|gz)$ - [NC,F,L]\r\n<\/pre>\n
9. Restrict direct access to plugin & theme PHP files<\/h2>\n
It can be dangerous if someone directly calls your plugin and theme files<\/strong>, whether it happens accidentally or by a malicious attacker. This code snippet comes from the Acunetix website security company<\/strong>; you can read more about this vulnerability in their blog post<\/a>.<\/p>\n
\r\n# Restricts access to PHP files from plugin and theme directories\r\nRewriteCond %{REQUEST_URI} !^\/wp-content\/plugins\/file\/to\/exclude\\.php\r\nRewriteCond %{REQUEST_URI} !^\/wp-content\/plugins\/directory\/to\/exclude\/\r\nRewriteRule wp-content\/plugins\/(.*\\.php)$ - [R=404,L]\r\nRewriteCond %{REQUEST_URI} !^\/wp-content\/themes\/file\/to\/exclude\\.php\r\nRewriteCond %{REQUEST_URI} !^\/wp-content\/themes\/directory\/to\/exclude\/\r\nRewriteRule wp-content\/themes\/(.*\\.php)$ - [R=404,L]\r\n<\/pre>\n
10. Set up permanent redirects<\/h2>\n
You can easily handle permanent redirects<\/strong> with .htaccess. First you have to add the old URL<\/strong>, then follow the new URL<\/strong> that points to the page you want to redirect the user to.<\/p>\n
\r\n# Permanent redirects\r\nRedirect 301 \/oldurl1\/ http:\/\/yoursite.com\/newurl1\r\nRedirect 301 \/oldurl2\/ http:\/\/yoursite.com\/newurl2\r\n<\/pre>\n
11. Send visitors to a maintenance page<\/h2>\n
We wrote about this technique in detail here<\/a>. You need a separate maintenance page<\/strong> (maintenance.html<\/code> in the example) for this .htaccess rule to work. This code puts your WordPress site into maintenance mode<\/strong>.<\/p>\n
\r\n# Redirects to maintenance page\r\n<IfModule mod_rewrite.c>\r\nRewriteEngine on\r\nRewriteCond %{REMOTE_ADDR} !^123\\.456\\.789\\.000\r\nRewriteCond %{REQUEST_URI} !\/maintenance.html$ [NC]\r\nRewriteCond %{REQUEST_URI} !\\.(jpe?g?|png|gif) [NC]\r\nRewriteRule .* \/maintenance.html [R=503,L]\r\n<\/IfModule>\r\n<\/pre>\n
12. Restrict all access to WP includes<\/h2>\n
The \/wp-includes\/<\/code> folder contains the core WordPress files<\/strong> that are necessary for the CMS to work. There are no content, plugins, themes or anything else a user may want to access here. So to harden security it\u2019s best to restrict all access to it<\/strong>.<\/p>\n
\r\n# Blocks all wp-includes folders and files\r\n<IfModule mod_rewrite.c>\r\nRewriteEngine On\r\nRewriteBase \/\r\nRewriteRule ^wp-admin\/includes\/ - [F,L]\r\nRewriteRule !^wp-includes\/ - [S=3]\r\nRewriteRule ^wp-includes\/[^\/]+\\.php$ - [F,L]\r\nRewriteRule ^wp-includes\/js\/tinymce\/langs\/.+\\.php - [F,L]\r\nRewriteRule ^wp-includes\/theme-compat\/ - [F,L]\r\n<\/IfModule>\r\n<\/pre>\n
13. Block cross-site scripting (XSS)<\/h2>\n
The following code snippet is from WP Mix<\/a> and it protects your site against some common XSS attacks<\/strong>, namely script injections and attempts to modify global and request variables.<\/p>\n
\r\n# Blocks some XSS attacks\r\n<IfModule mod_rewrite.c>\r\nRewriteCond %{QUERY_STRING} (\\<|%3C).*script.*(\\>|%3E) [NC,OR]\r\nRewriteCond %{QUERY_STRING} GLOBALS(=|\\[|\\%[0-9A-Z]{0,2}) [OR]\r\nRewriteCond %{QUERY_STRING} _REQUEST(=|\\[|\\%[0-9A-Z]{0,2})\r\nRewriteRule .* index.php [F,L]\r\n<\/IfModule>\r\n<\/pre>\n
14. Enable browser caching<\/h2>\n
As I mentioned before, .htaccess is not only good for security reasons and redirections but it can also help you manage the cache<\/strong>. The code snippet below is from Elegant Themes<\/a> and it makes browser caching possible<\/strong> by enabling visitors to save certain kinds of files<\/strong>, so next time they visit they don\u2019t have to download them again.<\/p>\n
\r\n# Enables browser caching\r\n<IfModule mod_expires.c>\r\nExpiresActive On\r\nExpiresByType image\/jpg \"access 1 year\"\r\nExpiresByType image\/jpeg \"access 1 year\"\r\nExpiresByType image\/gif \"access 1 year\"\r\nExpiresByType image\/png \"access 1 year\"\r\nExpiresByType text\/css \"access 1 month\"\r\nExpiresByType application\/pdf \"access 1 month\"\r\nExpiresByType text\/x-javascript \"access 1 month\"\r\nExpiresByType application\/x-shockwave-flash \"access 1 month\"\r\nExpiresByType image\/x-icon \"access 1 year\"\r\nExpiresDefault \"access 2 days\"\r\n<\/IfModule>\r\n<\/pre>\n
15. Set up custom error pages<\/h2>\n
You can use .htaccess to set up custom error pages on your WordPress site. For this method to work, you also need to create the custom error pages<\/strong> (custom-403.html<\/code>, custom-404.html<\/code> in the example) and upload them<\/strong> to your root folder.<\/p>\n
You can set up a custom error page for any HTTP error status code<\/a><\/strong> (4XX and 5XX status codes) you want.<\/p>\n
\r\n# Sets up custom error pages\r\nErrorDocument 403 \/custom-403.html\r\nErrorDocument 404 \/custom-404.html\r\n<\/pre>\n
\n\t\t\t\t\tRead Also:<\/strong>\u00a0\n\t\t\t\t\tHow to Enable Maintenance Mode on Your WordPress Site<\/a>\n\t\t\t\t<\/p>","protected":false},"excerpt":{"rendered":"
Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main goal of creating a custom .htaccess file is to prevent your site from being hacked but it\u2019s also an excellent way to handle redirects and manage cache-related tasks. .htaccess is a configuration…<\/p>\n","protected":false},"author":146,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[49],"tags":[4663,952,3325,252],"topic":[4520],"class_list":["entry-content","is-maxi"],"acf":[],"yoast_head":"\n15 Useful .htaccess Snippets for Your WordPress Site - Hongkiat<\/title>\n<meta name=\"description\" content=\"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"15 Useful .htaccess Snippets for Your WordPress Site\" \/>\n<meta property=\"og:description\" content=\"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/\" \/>\n<meta property=\"og:site_name\" content=\"Hongkiat\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/hongkiatcom\" \/>\n<meta property=\"article:published_time\" content=\"2017-05-02T15:01:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-18T12:12:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg\" \/>\n<meta name=\"author\" content=\"Anna Monus\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:site\" content=\"@hongkiat\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anna Monus\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/\"},\"author\":{\"name\":\"Anna Monus\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/a601053a0ab457901e00cdc83bd5359e\"},\"headline\":\"15 Useful .htaccess Snippets for Your WordPress Site\",\"datePublished\":\"2017-05-02T15:01:48+00:00\",\"dateModified\":\"2022-10-18T12:12:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/\"},\"wordCount\":1046,\"commentCount\":5,\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/useful-htaccess-snippets-for-wordpress\\\/directory-listing.jpg\",\"keywords\":[\"ad-divi\",\"htaccess\",\"WordPress Security\",\"WordPress Tips\"],\"articleSection\":[\"WordPress\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/\",\"name\":\"15 Useful .htaccess Snippets for Your WordPress Site - Hongkiat\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/useful-htaccess-snippets-for-wordpress\\\/directory-listing.jpg\",\"datePublished\":\"2017-05-02T15:01:48+00:00\",\"dateModified\":\"2022-10-18T12:12:24+00:00\",\"description\":\"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#primaryimage\",\"url\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/useful-htaccess-snippets-for-wordpress\\\/directory-listing.jpg\",\"contentUrl\":\"https:\\\/\\\/assets.hongkiat.com\\\/uploads\\\/useful-htaccess-snippets-for-wordpress\\\/directory-listing.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/useful-htaccess-snippets-for-wordpress\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"15 Useful .htaccess Snippets for Your WordPress Site\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"name\":\"Hongkiat\",\"description\":\"Tech and Design Tips\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#organization\",\"name\":\"Hongkiat.com\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"contentUrl\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/wp-content\\\/uploads\\\/hkdc-logo-rect-yoast.jpg\",\"width\":1200,\"height\":799,\"caption\":\"Hongkiat.com\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/hongkiatcom\",\"https:\\\/\\\/x.com\\\/hongkiat\",\"https:\\\/\\\/www.pinterest.com\\\/hongkiat\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/#\\\/schema\\\/person\\\/a601053a0ab457901e00cdc83bd5359e\",\"name\":\"Anna Monus\",\"description\":\"Anna is Technical Editor and Writer for Hongkiat.com. She mainly covers front-end frameworks, web standards, accessibility, WordPress development, and UX design.\",\"sameAs\":[\"https:\\\/\\\/www.annalytic.com\\\/\"],\"url\":\"https:\\\/\\\/www.hongkiat.com\\\/blog\\\/author\\\/anna_monus\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"15 Useful .htaccess Snippets for Your WordPress Site - Hongkiat","description":"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/","og_locale":"en_US","og_type":"article","og_title":"15 Useful .htaccess Snippets for Your WordPress Site","og_description":"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main","og_url":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/","og_site_name":"Hongkiat","article_publisher":"https:\/\/www.facebook.com\/hongkiatcom","article_published_time":"2017-05-02T15:01:48+00:00","article_modified_time":"2022-10-18T12:12:24+00:00","og_image":[{"url":"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg","type":"","width":"","height":""}],"author":"Anna Monus","twitter_card":"summary_large_image","twitter_creator":"@hongkiat","twitter_site":"@hongkiat","twitter_misc":{"Written by":"Anna Monus","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#article","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/"},"author":{"name":"Anna Monus","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/a601053a0ab457901e00cdc83bd5359e"},"headline":"15 Useful .htaccess Snippets for Your WordPress Site","datePublished":"2017-05-02T15:01:48+00:00","dateModified":"2022-10-18T12:12:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/"},"wordCount":1046,"commentCount":5,"publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg","keywords":["ad-divi","htaccess","WordPress Security","WordPress Tips"],"articleSection":["WordPress"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/","url":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/","name":"15 Useful .htaccess Snippets for Your WordPress Site - Hongkiat","isPartOf":{"@id":"https:\/\/www.hongkiat.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#primaryimage"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg","datePublished":"2017-05-02T15:01:48+00:00","dateModified":"2022-10-18T12:12:24+00:00","description":"Having a well-configured .htaccess file is crucial if you want to increase security and reduce vulnerabilities on your WordPress site. Usually, the main","breadcrumb":{"@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#primaryimage","url":"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg","contentUrl":"https:\/\/assets.hongkiat.com\/uploads\/useful-htaccess-snippets-for-wordpress\/directory-listing.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.hongkiat.com\/blog\/useful-htaccess-snippets-for-wordpress\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.hongkiat.com\/blog\/"},{"@type":"ListItem","position":2,"name":"15 Useful .htaccess Snippets for Your WordPress Site"}]},{"@type":"WebSite","@id":"https:\/\/www.hongkiat.com\/blog\/#website","url":"https:\/\/www.hongkiat.com\/blog\/","name":"Hongkiat","description":"Tech and Design Tips","publisher":{"@id":"https:\/\/www.hongkiat.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.hongkiat.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.hongkiat.com\/blog\/#organization","name":"Hongkiat.com","url":"https:\/\/www.hongkiat.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","contentUrl":"https:\/\/www.hongkiat.com\/blog\/wp-content\/uploads\/hkdc-logo-rect-yoast.jpg","width":1200,"height":799,"caption":"Hongkiat.com"},"image":{"@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/hongkiatcom","https:\/\/x.com\/hongkiat","https:\/\/www.pinterest.com\/hongkiat\/"]},{"@type":"Person","@id":"https:\/\/www.hongkiat.com\/blog\/#\/schema\/person\/a601053a0ab457901e00cdc83bd5359e","name":"Anna Monus","description":"Anna is Technical Editor and Writer for Hongkiat.com. She mainly covers front-end frameworks, web standards, accessibility, WordPress development, and UX design.","sameAs":["https:\/\/www.annalytic.com\/"],"url":"https:\/\/www.hongkiat.com\/blog\/author\/anna_monus\/"}]}},"jetpack_featured_media_url":"https:\/\/","jetpack_shortlink":"https:\/\/wp.me\/p4uxU-7Mj","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/29903","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/users\/146"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/comments?post=29903"}],"version-history":[{"count":3,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/29903\/revisions"}],"predecessor-version":[{"id":61685,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/posts\/29903\/revisions\/61685"}],"wp:attachment":[{"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/media?parent=29903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/categories?post=29903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/tags?post=29903"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.hongkiat.com\/blog\/wp-json\/wp\/v2\/topic?post=29903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}