.htacess security | ww.wp.xz.cn

steve986
(@steve986)

6 years ago
Hi All,

Just a quick one is it recommend to take any additional security measures to protect the default .htacess file which is in public_html?

Some people talk about hiding it using …
```
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>
```
Anyhow new to wordpress so just after as much advice to keep my site safe and secure.

Many thanks Steve
- This topic was modified 6 years ago by Jan Dembowski. Reason: Moved to Fixing WordPress, this is not an Everything else WordPress topic

Viewing 2 replies - 1 through 2 (of 2 total)

MarkRH
(@markrh)

6 years ago
Well, depending on the host, that may already be denied in the main Apache httpd.conf file.

Just try to go to https://(site)/.htaccess and see if it lets you.

On my local host, it has:
```
#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ".ht*">
    Require all denied
</Files>
```
- This reply was modified 6 years ago by MarkRH.
Thread Starter steve986
(@steve986)

6 years ago
Hi Mark,

I must ok then because I’m getting this back when I try to access it…

Forbidden
You don’t have permission to access /.htaccess on this server.

Steve
- This reply was modified 6 years ago by steve986.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘.htacess security’ is closed to new replies.

In: Fixing WordPress
2 replies
2 participants
Last reply from: steve986
Last activity: 6 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics