Edit .htaccess for Your WordPress Blog

How to configure .htaccess for WordPress blog, to preventing your blog being hacked. Ne one step ahead and prevent hackers attack. Edit your .htaccess file for your wordpress blog.

The more common methods used for someone hack your websites include:

  • Hacked cPanel or FTP password
  • Code injection
  • Remote File Inclusion

Lock your wordpress blog

You can read more detail on this website: http://www.webhostinghub.com/support/website/website-troubleshooting/website-hacked

This is my .htaccess file:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

<Files ~ “^.*\.([Hh][Tt][Aa])”>
order allow,deny
deny from all
satisfy all

# protect wp-config.php
<files wp-config.php>
Order deny,allow
Deny from all

# protect from sql injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]