.htaccess WordPress security tips


.htaccess WordPress security tips

Today in this article we are going to talk about a few security tips for your WordPress website. For this, we are going to secure your .htaccess file in the CPanel. So, let us discuss the steps required to secure the WordPress Website.

Note: Before starting this take the backup of your .htaccess file and keep a copy on your PC.

1. Hide wp-config.php file

Securing wp-confiq.php is another way to protect your WordPress. This file contains very sensitive information about WordPress installation like the security keys and the database connection details. To secure this file,

  • Open your hosting site and tap on the File manager.
  • Then search for .htaccess file and choose Edit.
  • Now at the end of the .htaccess code, type the following and tap on Save changes.
<Files wp-config.php>

order allow, deny

deny from all


2. Disable PHP execution

Another way to improve WP security is by disabling PHP execution.

  • Firstly, create a blank .htaccess file on your PC and type the following command.
<Files *.PHP>

deny from all

  • Save this file and then upload it to your /wp-content/uploads and /wp-includes/ directories.
  • If you want to hide some other files in your directories, you can use the above commands and modify it accordingly.