.htaccess Tips That Increase WordPress Speed & Security

5 Hacks That Improve WordPress

1. Protect the .htaccess file itself

The first code helps protect the .htacces file itself. You wouldn’t want anyone having access to that. Along with that code you also get code to disable directory browsing and disallow access to anyone not authorized to view them.

2. Use Browser Caching

The next code enables browser caching. This significantly improves website speed and performance. I’m sure there are plugins that do this, but this code is site wide. Even pages NOT created with wordpress will be cached and fed faster.

3. Protect the wpconfig.php file

There’s also code to protect the wpconfig.php file. Another very important file you don’t want the evil digital hackers to gain access to.

4. Eliminate Spam Bot Comments

Even with Akismet you can still get hundreds of spam comments. This code helps eliminate the ones that get through. It has helped a lot on my site.

IMPORTANT: Be sure to change ‘YOURDOMAIN.COM’ with your own domain, or else it won’t work.

5. Compress Static Data

Again, performance and speed are two important factors that shouldn’t be ignored. By compressing static data, you can save bandwidth and make your website lighter; which in turn makes your pages load faster.

Action Step:

Open up your .htacess file with Notepad and add (copy and paste) this code to the top. Then save the file and upload it to your root domain. Make sure to save it over the existing .htaccess file.

# protect the htaccess file
<files .htaccess>
order allow,deny
deny from all

# disable directory browsing
Options All -Indexes

#who has access who doesnt
order allow,deny
#deny from
allow from all

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg “access 1 year”
ExpiresByType image/jpeg “access 1 year”
ExpiresByType image/gif “access 1 year”
ExpiresByType image/png “access 1 year”
ExpiresByType text/css “access 1 month”
ExpiresByType application/pdf “access 1 month”
ExpiresByType text/x-javascript “access 1 month”
ExpiresByType application/x-shockwave-flash “access 1 month”
ExpiresByType image/x-icon “access 1 year”
ExpiresDefault “access 2 days”

# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml
application/xhtml+xml text/javascript text/css application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html

That’s it. You’re done.

Have a project you'd like to talk about?

If you want to throw some ideas around or ask us a question.

Contact Us