Created
March 26, 2012 10:09
-
-
Save palimadra/2204270 to your computer and use it in GitHub Desktop.
htacess file for WordPress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WordPress .htaccess file | |
| # Changes have to be made in lines where the domain needs to be added without any prefix like http://www. | |
| # Description: .htaccess file for WordPress based website | |
| # Author: Pali Madra | |
| # URL: http://www.agilewebdev.com | |
| # Created on: Mon Mar 26 15:37:11 2012 | |
| # Revised on: Mon Mar 26 15:37:26 2012 | |
| # Review the .htaccess file before uploading as you should not have plugins doing the same | |
| # Many thanks to http://www.josiahcole.com/2007/07/11/almost-perfect-htaccess-file-for-wordpress-blogs/ | |
| #NOTE | |
| # At times it happens that the images do not show up and if that is the case please remove the hotlinking of | |
| # images code and upload the htaccess again and the images should work. I have had this problem with some | |
| # websites and if it continues I will either edit the code or remove it. | |
| # limit file uploads to 10mb | |
| LimitRequestBody 10240000 | |
| # protect the htaccess file | |
| <Files ~ "^.*\.([Hh][Tt][Aa])"> | |
| order allow,deny | |
| deny from all | |
| satisfy all | |
| </Files> | |
| # disable the server signature | |
| ServerSignature Off | |
| # protect wpconfig.php | |
| <files wp-config.php> | |
| order allow,deny | |
| deny from all | |
| </files> | |
| #disable hotlinking of images with forbidden or custom image option | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine on | |
| RewriteCond %{HTTP_REFERER} !^$ | |
| RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)agilewebsitedev.com [NC] | |
| RewriteCond %{HTTP_REFERER} !^http://(www.)?TrustedDomain.com/.*$ [NC] | |
| RewriteRule \.(jpg|jpeg|png|gif)$ http://agilewebsitedev.com/images/HotlinkingNotPermitted.gif [NC,R,L] | |
| </IfModule> | |
| #custom error docs | |
| ErrorDocument 404 /notfound.php | |
| ErrorDocument 403 /forbidden.php | |
| ErrorDocument 500 /error.php | |
| # protect from spam comments | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteCond %{REQUEST_METHOD} POST | |
| RewriteCond %{REQUEST_URI} .wp-comments-post\.php* | |
| RewriteCond %{HTTP_REFERER} !.*agilewebsitedev.com.* [OR] | |
| RewriteCond %{HTTP_USER_AGENT} ^$ | |
| RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L] | |
| </IfModule> | |
| # protect the website from script injections | |
| Options +FollowSymLinks | |
| RewriteEngine On | |
| RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] | |
| RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR] | |
| RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2}) | |
| RewriteRule ^(.*)$ index.php [F,L] | |
| # Disable Directory Browsing | |
| Options All -Indexes | |
| # BEGIN WordPress recommended by the codex on WordPress.org | |
| <IfModule mod_rewrite.c> | |
| RewriteEngine On | |
| RewriteBase / | |
| RewriteRule ^index\.php$ - [L] | |
| RewriteCond %{REQUEST_FILENAME} !-f | |
| RewriteCond %{REQUEST_FILENAME} !-d | |
| RewriteRule . /index.php [L] | |
| </IfModule> | |
| # END WordPress |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment