HostOnNet Blog

Securing WordPress With .htaccess

Posted on March 27, 2017 by admin

Looking for Linux Server Admin or WordPress Expert? We can help.

Contact Us

To secure wordpress using .htaccess add following to your main .htaccess file that is in root folder of your wordpress installation.

<Files xmlrpc.php>
order deny,allow
deny from all
allow from YOUR_IP_ADDR_HERE
</Files>

<Files wp-login.php>
order deny,allow
deny from all
allow from YOUR_IP_ADDR_HERE
</Files>

To limit access to wp-admin folder, create an .htaccess file in wp-admin folder

vi wp-admin/.htaccess

Add following content

order deny,allow
deny from all
allow from YOUR_IP_ADDR_HERE

To disable execution of PHP files from uploads folder, create file wp-content/uploads/.htaccess

vi wp-content/uploads/.htaccess

Add following content

<Files *.php>
deny from all
</Files>

Posted in Wordpress

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.