The .htaccess (Hypertext Access) is a very powerful file. It allows you to make changes in Apache web server configuration settings without affecting the main configuration file. In other words, you can modify the way the server behaves without changing the core settings.
It is similar to using a child theme in WordPress because when we edit in child theme it does not effect on the parent theme. It is often used to specify the security restrictions for the particular directory. And an optimise .htaccess file can increase speed and security of your WordPress site.
Be Careful while Optimizing.htaccess Before you optimize or modify the .htaccess file you must have a backup of your .htaccess file.
If something gets spoiled, you can change the hacked .htaccess with the original one. On opening .htaccess file you can see some codes are already present in the file. But don’t touch these codes because by default these codes are required by permalink structures. Erasing these codes may cause major issues with your website. Also, .htaccess has the ability to lock you out of your domain so be careful while changing in the .htaccess file.
Tricks for optimizing your .htaccess are given below:-
WordPress has a 404.php template that’s created for the posts and pages that do not found on the website. But if post/page contains an image that’s deleted or have an incorrect path then It will show 404.php template to the browser but it doubles the traffic for a single page because for every not found object it will multiply traffic/load for every page. Also, some robot’s request some odd URLs that do not exist on your site that also slows down the server. So updated .htaccess file will look like that:
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !^.*\.png [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.jp?g [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.js [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.gif [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.css [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.js [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.xml [NC]
RewriteCond %{REQUEST_FILENAME} !^.*\.html [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Compression reduces response times by reducing the size of a file. But keep in mind that it is not good to compress small size files because as a result of compression below the size of 500 kb will definitely increase the loading time. Image and PDF files shouldn’t be gzipped because they are already compressed. And if we compress them again then it not only wastes processor but also increases the file sizes. It’s valuable to gzip your HTML documents, scripts, and stylesheets. By adding this code into your file you are able to use gzip compression.
<ifModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html Header append Vary User-Agent </ifModule>
By default, it is possible for every visitor to look within any of your website directory that does not contain index file like index.html, index.php, etc. in it. Which means configuration files and different sensitive data may be misused by nasty users. So the only solution to prevent that we have to add a blank index.html file to each folder on your web site. But if you have a large number of directories then it is time-consuming work so better option is to just open and change your .htaccess file by adding following code into your file. and it will solve this problem.
#Disable Directory Indexes Options -Indexes
Hotlinking is the act by which we display an image from another website via URL. By this, we can save a lot of space because images are not stored in our hard disk but don’t worry it’s possible to prevent other domains from hot linking to your website. But on loading web page, your website request for the image and this process eats up bandwidth on the host’s server. And slow down your page loading. To make sure no one is using your valuable bandwidth, add this script to your .htaccess file
#Prevent Hot Linking
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mysite.com [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [NC,F,L]
Your web site is frequently crawled by robots. Some of these robots are necessary like search engine robots because they index your site so it will show in search engine results. But on the other hand, some robots are not so friendly.So these robots are called Spam robots and they just jammed your server by using up bandwidth and resources. We can block robots based on the user-agent they provide. The script below denies some spam robots but isn’t exhaustive.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomainname.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
If you have forever changed the URL structure on your site because of optimization change or CMS migration and you will want to implement 301 redirects from the older URL to the new URL.The syntax for a basic 301 redirect is given below need to add in the .htaccess file. The first URL should be a relative path to the older URL and the second one should be an absolute path to the new URL.
Redirect 301 /relative/path/to/oldurl/ http://www.domain.com/newurl/
It is an important thing to protecting your .htaccess file because it contains some really important secrets, so we can’t leave the file itself open to attack. The following code can help .htaccess file from the hackers.
<Files ~ "^\.ht"> Order allow,deny Deny from all Satisfy All </Files>
Better still, you can rename the .htaccess to any other name you like
#rename htaccess files AccessFileName ht.access
Optimizing your .htaccess file is a simple yet powerful way to enhance the performance, security, and functionality of your WordPress site. By implementing caching rules, redirecting traffic efficiently, and adding security layers, you can significantly improve both load times and protection against vulnerabilities. Just remember to back up your .htaccess file before making any changes to avoid disruptions. With these optimizations in place, your WordPress site will run more smoothly and securely.
Trying to stay on top of it all? Get the best tools, resources and inspiration sent to your inbox every Wednesday.
