When you have an active blog, the last thing you want to stop and worry about is security. Nevertheless, WordPress security is very important to the safety and longevity of your blog. Using WordPress’ .htaccess file, you can tighten your blog’s security and not have to worry about its safety.
Protect your config file
The WordPress configuration file is a great place for attackers to gain access to your site and possibly even your server. Since you are the only one who ever needs to access it, you can setup your .htaccess file to deny people from even seeing it.
deny from all
IP Only Access
Using your .htaccess file, you can also prevent computers that do you have your IP address from specifically accessing your WordPress administration area. For example, if your IP address is 220.127.116.11, you would enter:
allow from 192.168.255.55
deny from all
Ban Your Enemies
If you know a particular user with a static IP address is giving you trouble, you can ban them with your .htaccess file; however, you should be very careful with this feature.
<Limit GET POST>
deny from 192.168.222.44
allow from all
Prevent access to wp-content
Your wp-content directory contains images and other files that are unique to your site and are very important. To prevent others from accessing it, you will need a special .htaccess file within this directory. The following will only prevent users from seeing the PHP files inside.
Deny from all
<Files ~ “.(xml|css|jpe?g|png|gif|js)$”>
Allow from all
With .htaccess files, you can secure your WordPress installation and spend more time focusing on actually publishing content on your blog.