Articles Web Development

How To Create Default .htaccess File For WordPress?

No ratings yet.
  1. What is .htaccess File?
  2. How To Create .htaccess File?
  3. Htaccess For WordPress
  4. Conclusion

What is .htaccess File?

The .htaccess is a server configuration file allowing setting up the details of the website without changing the config folder. The file is present in WordPress themes along with all Apache web hosting and can be used for your web page performance, safety, and user-friendliness improve. It can be found in your WP site root directory. All you must do is to link the file to the website with the help of an FTP client so that it can be edited.

By employing .htaccess files, you will get the following features that can be either enabled or disabled on your own: server signature, URL forwarding, file caching, password security and custom mistake pages. The files mentioned above set up and operate so-called server farms where web hosting users utilize the same Apache server. Without .htaccess files, the virtual hosting indicates that every client of the similar segment should use identically the same settings.

Thus, web hosts such as GoDaddy, DreamHost, MediaTemple, etc. enable .htaccess files. When they are enabled, the web page becomes faster than any others.

How To Create .htaccess File?

Creating a.htaccess file is quite easy if you know how. It can be created using any preferable text editor or directly in cPanel. To begin, open an empty text file and save it as shown below:



In case your server does not let you do this, you may save the file named ‘htaccess.txt’ and rename it to the appropriate one when it is applied to your site. Then include the following default code in the file, save the adjustments and submit the file to your WordPress root folder with the help of FTP client:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Make sure that there is no gap between lines when pasting the code into the .htaccess file. The code must look like presented below:


We also recommend that you set up a website permit of 644, so it will be protected from possible assaults. To understand the purpose of this file permission, read the article .

Htaccess For WordPress

Here we will cover some helpful tricks for WP that can be tried in practice.

  • Protection of your WordPress admin panel by restricting the access to preferred IP addresses. All you must do is just copy-paste the below code into your .htaccess file. XX values should be changed to your IP address or all of them if you use more than one address.
  1. AuthUserFile /dev/null
  2. AuthGroupFile /dev/null
  3. AuthName "WordPress Admin Access Control"
  4. AuthType Basic
  5. <LIMIT GET>
  6. order deny,allow
  7. deny from all
  8. # whitelist Syed's IP address
  9. allow from
  10. # whitelist David's IP address
  11. allow from
  12. </LIMIT>


  • Directory browsing disable is highly recommended. If it is enabled, attackers can easily explore your site directory and file building to find unprotected files. To continue with the disable, add ‘Options-Indexes’ line to the .htaccess file.


  • 301 redirects option is the most SEO friendly method to inform your visitors that the content has been relocated. If you do not want to waste your time, there is a quick way to apply redirects: insert the code shown below into .htaccess file.
  1. Redirect 301 /oldurl/
  2. Redirect 301 /category/television/


  • File upload size increase can be reached out by pasting the next code into the file. The code indicates the server to the values which should be used to expand file upload size along with maximum runtime in WP.
  1. php_value upload_max_filesize 64M
  2. php_value post_max_size 64M
  3. php_value max_execution_time 300
  4. php_value max_input_time 300


  • Author scans blocking is needed if force attacks take place. This is a popular procedure being used to run author scans on WordPress site and try to hack passwords for those user accounts. To block such scans just add the code shown below to .htaccess file.
  1. # BEGIN block author scans
  2. RewriteEngine On
  3. RewriteBase /
  4. RewriteCond %{QUERY_STRING} (author=\d+) [NC]
  5. RewriteRule .* - [F]
  6. # END block author scans


You may find more useful .htaccess tricks for your WordPress site with the fullest description here .

wordpress themes


We have tried to cover some of the most crucial questions referring to a successful and productive work with .htaccess files in your WP website and hope that our article has helped you understand their principles better. We will be happy if you decide to share your user experience with us in the future.

Related Posts

Useful .htaccess Snippets Collection. 15 Tricks to Take Better Control of Your Site

Guide to Keep Your WordPress Theme and Plugin Code Secure

Best Customer Service and Chat Plugins for WordPress 2017

Brand New Solution to Attract Home Customers: Real Estate Agency WordPress Theme

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *