Best .htaccess Hacks for WordPress

I previously wrote Best .htaccess Hacks For Websites, now this article has .htaccess hacks pertaining to WordPress only. .htaccess is a configuration file on your server which controls Apache Server and is a very powerful tool for your website if used properly. Here are some .htaccess snippets which will surely help you improve your WordPress installation.

Please backup your .htaccess file before doing any changes. In case anything goes unexpected just replace the .htaccess with your backup.

Redirect WordPress Feed to FeedBurner

This simple snippet will redirect your default WordPress feed to your Feedburner, easy yea?

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !FeedBurner    [NC]
RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
RewriteRule ^feed/?([_0-9a-z-]+)?/?$ http://feeds.feedburner.com/yourfeed [R=302,NC,L]

Simpler Login URL

A single line of code .htaccess can give you a better login experience, now you will just need to go to http://www.example.com/login instead of http://www.example.com/wp-login.php

RewriteRule ^login$ http://www.example.com/wp-login.php [NC,L]

Protect WordPress Blog from Script Injections

This snippet will protect your WordPress from malicious script injections.

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

Remove /category/ from your WordPress URL

This will transform http://www.example.com/category/post to http://www.example.com/post.

RewriteRule ^category/(.+)$ http://www.example.com/$1 [R=301,L]

Redirect Day and Name Permalinks to /%postname%/

If you have recently moved from day and name permalink structure to only post name structure, then use this snippet to redirect all backlinks.

RedirectMatch 301 /([0-9]+)/([0-9]+)/([0-9]+)/(.*)$ http://www.example.com/$4

Allow only particular IP address to wp-admin directory

If your blog is only managed by you and you have a static IP, then you can use this snippet to make the admin panel accessible only to your IP address.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic

order allow, deny
deny from all
allow from xx.xx.xx.xx

Protect your WordPress from Hotlinking

Wanna save bandwidth by not serving to other websites? Try the below snippet.

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?example\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L]

3,055 thoughts on “Best .htaccess Hacks for WordPress

  1. Pingback: surprise eggs
  2. Pingback: Facebook Hack

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>