Are you looking for some useful tips on your WordPress website .htaccess file?

The .htaccess file is a powerful configuration file that allows you to do a lot of things on your website. In this tutorial, we'll show you some of the most useful tips to try right away.

But before, if you have never installed WordPress discover How to Install a WordPress Blog in 7 Steps et How to search, install and activate a WordPress theme on your blog 

Then back to why we are here.

.htaccess file - Htaccess wordpress trick

What is .htaccess file and how do I edit it?

The .htaccess file is a server configuration file. It allows you to define rules for your server so that it better matches your website.

Discover also: How to find the ".htaccess" file on WordPress

WordPress uses the ".htaccess" file to generate an SEO URL structure. However, this file can do much more.

The .htaccess file is located in the root folder of your WordPress website. You need to connect to your website using an FTP client to edit it.

Editing wordpress ftp htaccess file

Before editing your .htaccess file, it is important to download a copy of it to your computer as a backup. You can use it in case of problem.

With that said, let's take a look at some useful ".htaccess" tips for WordPress that you can try.

1 - Protect your WordPress dashboard

You can use ".htaccess" to protect your WordPress dashboard by restricting access only to selected IP addresses. Just copy and paste this code into your .htaccess file:

AuthUserFile / dev / null AuthGroupFile / dev / null AuthName "WordPress Admin Access Control" AuthType Basic order deny, allow deny from all # whitelist Syed's IP address allow from # whitelist David's IP address allow from

Remember to replace the xx values ​​with your own IP address. If you are using more than one IP address to access the Internet, be sure to add them.

2 - Protecting the wp-admin folder with a password

If you are accessing your WordPress website from multiple locations, including public areas, restricting access to IP addresses may be a problem for you.

See also our article on 8 WordPress plugins to protect your website with a password

You can use the .htaccess file to add additional password protection to your WordPress dashboard.

First, you need to generate an “.htpasswds ". You can easily create one using this generator online.

Download this file.htpasswds outside your publicly accessible web directory or / public_html / folder. The right path would be:


Then create a .htaccess file and upload it to the / wp-admin / directory, then add the following codes here:

AuthName "Admins Only" AuthUserFile /home/yourdirectory/.htpasswds/public_html/wp-admin/passwd AuthGroupFile / dev / null AuthType basic require user putyourusernamehere Order allow, deny Allow from all Satisfy any

Important: Remember to replace the path AuthUserFile by the path of your file " .htpasswds And add your own username.

3 - Disable directory browsing

Disable directory browsing

Many WordPress security experts recommend disabling directory browsing. With directory browsing enabled, hackers can search your website's directory and file structure to find a vulnerable file.

Discover How to have advanced user control on WordPress

To disable directory browsing on your website, you must add the following line to your .htaccess file.


4- Disable PHP execution in certain WordPress directories

Sometimes hackers enter a WordPress website and install a back door. These backdoor files are often disguised as main WordPress files and are placed in / wp-includes / or / wp-content / uploads /. 

How to modify or update the PHP version of WordPress? Find out by following this link.

An easier way to improve your WordPress security is to disable PHP execution for certain WordPress directories.

You will need to create a blank .htaccess file on your computer and then paste the following code inside of it.

deny from all

Save the file, then download it to your folder / Wp-content / uploads / et / wp-includes /.

5 - Protect your WordPress wp-config.php configuration file

The most important file in the root directory of your WordPress website is the file " wp-config.php ". It contains information about your WordPress database and how to connect to it.

Go further with: What changes on wp-config.php to secure your WordPress blog

To protect your wp-config.php file, simply add this code to your .htaccess file:

order allow, deny deny from all

Discover also some premium WordPress plugins  

You can use other WordPress plugins to give a modern look and optimize the grip of your blog or website.

We offer you here some premium WordPress plugins that will help you do that.

1. WooCommerce Birthday Discount Vouchers

WooCommerce Birthday Discount Vouchers is a premium WooCommerce extension that allows you to set discounts and send the coupons to users on their birthday. Woo birthday discountvoucher wordpress plugin for discount

Whenever a new user registers on your website on their birthday, this plugin automatically generates a coupon code based on admin settings and sends it to the registered user on their birthday.

See also these 9 WooCommerce plugins to generate PDF invoices

This WordPress plugin internally uses coupons WooCommerce by default, so there are a lot of filter options and criteria when setting up birthday coupons.

Download | Demo | Web hosting

2. Stachethemes Event Calendar

Stachethemes Event Calendar is a premium WordPress plugin that allows you to create detailed events for users and visitors to your website. The functionality of the plugin allows you to add several types of information such as a detailed introduction with a photo gallery, calendar of events, guest list, location, weather, comment section, etc.

Stachethemes event calendar wordpress events calendar plugin

Its main functions are: import and export of .ics files, creation of events lasting one or more days, the choice of color that you want for your calendar category, the repetition of the event (daily, weekly, monthly or yearly), the ability to choose how many times the event will repeat, options to set aside the repetitions, and more…

Download Demo | Web hosting

3. UserPro

UserPro is a premium WordPress plugin much more than a means of login. It has a number of useful integrations and signup features that your users and visitors will find user-friendly.Userpro wordpress plugins create login form login

Although connecting to WordPress via social networks is very useful, it is the many connection features and the management of the profile section that make the premium WordPress plugin UserPro an excellent modern tool for creating registration and login forms.

Discover our 9 WordPress plugins to migrate and clone your blog

Its features are among others: theonnection on WordPress in one click thanks to the buttons of the different social networks, the mbeautiful User Profile section on the front-end, the uUnlimited use of custom fields, the configuration of content restrictions, et more.

Download | Demo | Web hosting

Other recommended resources

We also invite you to consult the resources below to go further in the grip and control of your website and blog.


Here is ! That's all for these tips, we hope they will allow you to further protect your WordPress blog. If you have some Comments or suggestions, do not hesitate to let us know in the reserved section.

However, you will also be able to consult our resources, if you need more elements to carry out your projects of creation of Internet sites, by consulting our guide on the WordPress blog creation or the one on Divi: the best WordPress theme of all time.

But meanwhile, share this article on your different social networks ...