One thing I would always love about the .htaccess file in a website root directory is its ability to override configuration settings which includes server’s global configuration, content type and character set. With this in mind, it is simply possible to perform lots of functions on your wordpress blog using the .htacces files, functions such as securing your wordpress blog.

If up till now you do not know what the .htaccess file is, let me explain

What is a .htaccess file

According to Wikipedia, A .htaccess (hypertext access) file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration. They are placed inside the web tree, and are able to override a subset of the server’s global configuration for the directory that they are in, and all sub-directories.

10 .htaccess tips to improve wordpress

Now you know a .htaccess file is, let’s move on to 10 tricks you can use the .haccess file to improve your wordpress blog.

How to Improve Your WordPress Blog Using .htaccess

  1. Redirect WordPress Feeds to Feedburner
    Do you want to redirect your WordPress Feeds to your Feedburner address, add this to your .htaccess file.

    # temp redirect wordpress content feeds to feedburner
    <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP_USER_AGENT} !FeedBurner [NC]
    RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
    RewriteRule ^feed/?([_0-9a-z-]+)?/?$ [R=302,NC,L]

  2. Block or Ban a Specific IP
    You can ban an IP using the .htaccess file, the list of IP’s should be changed to the one you wish to BAN

    <Limit GET POST PUT>
    order allow,deny
    allow from all
    deny from 123.456.789
    deny from 93.121.788
    deny from 223.956.789
    deny from 128.456.780

  3. Deny access to your wp-config.php file
    You can block access from your wp-config.php file, it contains stuff like database username,name and password. Blocking it would help secure your blog.

    # protect wpconfig.php
    <files wp-config.php>
    order allow,deny
    deny from all

  4. Redirect error to Customized 404, 403, 500 and other error pages
    You can create a customized error page such as 404 Error Page, 500 Error Page and other error pages. Simply create files in your root directory with designs for your Error Pages. For instance for 404 Error, create a 404.php design in your root directory and now add the below code to your .htaccess.

    # custom error pages
    ErrorDocument 401 /err/401.php
    ErrorDocument 403 /err/403.php
    ErrorDocument 404 /err/404.php
    ErrorDocument 500 /err/500.php

  5. Checkspelling
    Adding a Simple Auto Correct check spelling to your wordpress blog.

    <IfModule mod_speling.c>
    CheckSpelling On

  6. Allow only your IP on wp-admin
    If you do not run a multiple author blog and wish to allow only your IP to the wp-admin login page, then this is for you.

    AuthUserFile /dev/null
    AuthGroupFile /dev/null
    AuthName "Wordpress Admin Access Control"
    AuthType Basic
    order deny,allow
    deny from all
    allow from xx.xx.xx.xx

  7. Redirect www to non www or vice versa
    To redirect from www to non www use this

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^ [NC]
    RewriteRule ^(.*)$$1 [L,R=301]

    To redirect from non www to www use this

    RewriteEngine On
    RewriteBase /
    RewriteCond %{HTTP_HOST} ^ [NC]
    RewriteRule ^(.*)$$1 [L,R=301]

  8. Redirect Day and name permalinks to /%postname%/
    Lets say you Moved from Blogger to wordpress, your sites post permalinks would have the date and year inclusive. You can use this .htaccess trick to redirect such permalinks to %postname% structure.

    RedirectMatch 301 /([0-9]+)/([0-9]+)/([0-9]+)/(.*)$$4

  9. Redirect visitors to a maintenance page
    Let’s say you are working on your blog and you wish to redirect your visitors to a Maintenance Page, here is what you need.

    RewriteEngine on
    RewriteCond %{REQUEST_URI} !/maintenance.html$
    RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
    RewriteRule $ /maintenance.html [R=302,L]

  10. Secure Plugin Files
    There might be known loopholes in particular plugin unknown to, here is how to secure all your Plugin Files on wordpress.

    <Files ~ "\.(js|css)$">
    order allow,deny
    allow from all

Now you know the power of .htaccess file. Implement these wonderful tips at once. Remember, sharing is caring.


  1. Thanks Oscar, you’re always known for teaching wonderful tutorial that can’t be gotten anywhere else. I’m still new on wordpress blog but I believe I can learn a lots from your blog. Come to think of it, I don’t really know much about .htacces but from what I just read on your blog now, I believe it will solve one of my problem which is my email subscribers could not get my new update. Thanks for doing what you know how to do


Please enter your comment!
Please enter your name here