Most of the beginners don’t know the importance of the functions.php file and how we can extend the functionality of our theme or site by adding some functions. WordPress sites have a .htaccess file. In this article, I will show you some .htaccess file tips & tricks that can be used to extend the security of your site as well as it’s functionality.

what is .htaccess File?

.htaccess is a configuration file for use on web servers running the Apache Web Server software. When a .htaccess file is placed in a directory which is in turn ‘loaded via the Apache Web Server’, then the .htaccess file is detected and executed by the Apache Web Server software. These .htaccess files can be used to alter the configuration of the Apache Web Server software to enable/disable additional functionality and features that the Apache Web Server software has to offer.

Having said that, here are some extremely useful tricks for the WordPress .htaccess file.

Increase/decrease maximum upload size through the media uploader

Depending on the host, you’ll see a limit for the file size that you can upload through your Media Uploader page in WP.

Add the below code to your .htaccess file to increase the upload limit to 64MB or 128MB

php_value upload_max_filesize 64M
php_value post_max_size 64M
php_value max_execution_time 300
php_value max_input_time 300

If you need to decrease the size of files which can be uploaded, all you need to do is lower the value to something like 8M or whatever you prefer.

Redirect to a maintenance page (Maintenance mode)

Sometimes you may need to redirect the site to a maintenance page. Create a maintenance page and name it as maintenance.html. Upload it to the root directory. Add the below code to .htaccess and redirect all traffic to maintenance.html

# Redirect all traffic to maintenance.html file
RewriteEngine on
RewriteCond %{REQUEST_URI} !/maintenance.html$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
RewriteRule $ /maintenance.html [R=302,L]

Block specific IP address

Sometimes we found some of the IP’s that are not secure or vulnerable and we don’t want they can visit our site. In that case, we may have to block those IP addresses to our site.

Add the following code to .htaccess file and make sure to replace xxx.xxx.xxx.xxx to a certain IP address.

# allow all except those indicated here
<Files *>
order allow,deny
allow from all
deny from xxx.xxx.xxx.xxx
</Files>

Disable access to directories

To disable external access to the root directory, Just add the following to .htaccess file.

# Disable directory browsing
Options All -Indexes

Disable access to specific file types

Create a new .htaccess file, and then add the following code and upload the file inside the wp-content folder.

# Disable access to all file types except the following
Order deny,allow
Deny from all
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$">
Allow from all
</Files>

This will disable access to all file types except the mentioned files in the code.

Deny access to all .htaccess files

Add the code to .htaccess to deny access to all of your .htaccess files

# Deny access to all .htaccess files
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

You may also refer https://wordpress.org/support/article/htaccess/, https://quicklearncode.com/7-wordpress-functions-php-file-tips-tricks/

If you like this post, So please leave a comment with your thoughts and share this on your Facebook group(s). Thank you for sharing and being nice!