How To Create Default .htaccess File For WordPress?
- What is .htaccess File?
- How To Create .htaccess File?
- Htaccess For WordPress
- Small intro in the manual generation of .htaccess
- How to customize the default .htaccess files
- Conclusion
What is .htaccess File?
The .Htaccess是一个服务器配置文件,允许在不更改配置文件夹的情况下设置网站的详细信息. The file is present in WordPress themes 以及所有Apache web托管,可以用于您的网页性能, safety, and user-friendliness improve. It can be found in your WP site root directory. 你所要做的就是在FTP客户端的帮助下将文件链接到网站上,这样就可以对其进行编辑.
By employing .htaccess files, 您将获得以下特性,您可以自己启用或禁用它们, URL forwarding, file caching, password security and custom mistake pages. 上面提到的文件设置和操作所谓的服务器农场,网络托管用户使用相同的Apache服务器. Without .htaccess files, 虚拟主机表示类似网段的每个客户端都应该使用相同的设置.
Thus, web hosts such as GoDaddy, DreamHost, MediaTemple, etc. enable .htaccess files. When they are enabled, the web page becomes faster than any others.
How To Create .htaccess File?
Creating a.htaccess file is quite easy if you know how. It can be created using any preferable text editor or directly in cPanel. To begin, open an empty text file and save it as shown below:
‘.htaccess’
如果您的服务器不允许您这样做,您可以保存名为“htaccess”的文件.并在应用到您的站点时将其重命名为适当的名称. Then include the following default code in the file, 保存调整后的文件,并在FTP客户端的帮助下提交到你的WordPress根目录下:
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
控件中粘贴代码时,确保行与行之间没有间隙 .htaccess file. The code must look like presented below:
We also recommend that you set up a website permit of 644, so it will be protected from possible assaults. To understand the purpose of this file permission, read the article .
Best Plugins For A New WordPress Site [Free EBook]
Htaccess For WordPress
在这里,我们将介绍一些实用的WP技巧,可以在实践中尝试.
- Protection 通过限制对首选IP地址的访问来限制您的WordPress管理面板. All you must do is just copy-paste the below code into your .htaccess file. XX值应更改为您的IP地址,如果使用多个地址,则应更改为所有IP地址.
- AuthUserFile /dev/null
- AuthGroupFile /dev/null
- AuthName "WordPress Admin Access Control"
- AuthType Basic
- order deny,allow
- deny from all
- # whitelist Syed's IP address
- allow from xx.xx.xx.xxx
- # whitelist David's IP address
- allow from xx.xx.xx.xxx
- Directory browsing disable is highly recommended. If it is enabled, 攻击者可以很容易地浏览您的站点目录和文件构建,以找到未受保护的文件. To continue with the disable, add ‘Options-Indexes’ line to the .htaccess file.
- 301 redirects option is the most SEO friendly method to inform your visitors that the content has been relocated. If you do not want to waste your time, 有一种快速的方法可以应用重定向:将下面所示的代码插入到 .htaccess file.
- Redirect 301 /oldurl/ http://www.example.com/newurl
- Redirect 301 /category/television/ http://www.example.com/category/tv/
- 可以通过将下一个代码粘贴到文件中来增加文件上传大小. 该代码指示服务器的值,该值应用于扩展文件上传大小以及WP中的最大运行时间.
- php_value upload_max_filesize 64M
- php_value post_max_size 64M
- php_value max_execution_time 300
- php_value max_input_time 300
- Author scans blocking is needed if force attacks take place. 这是一个流行的程序,用于在WordPress网站上运行作者扫描,并试图破解这些用户帐户的密码. To block such scans just add the code shown below to .htaccess file.
- # BEGIN block author scans
- RewriteEngine On
- RewriteBase /
- RewriteCond %{QUERY_STRING} (author=\d+) [NC]
- RewriteRule .* - [F]
- # END block author scans
You may find more useful .htaccess tricks for your WordPress site with the fullest description here .
Conclusion
我们试图涵盖一些与成功和富有成效的工作有关的最关键的问题 .希望我们的文章能够帮助您更好地理解它们的原理. 如果您将来决定与我们分享您的用户体验,我们将非常高兴.
.htaccess文件是为在Apache服务器上执行特定命令而开发的配置文件. 根据它的位置,它直接影响一个网站或一些子目录. 显然,最重要的文件存储在根目录下,但您也可以找到 .htaccess files in wp-includes, wp-content/upload or wp-admin.
Small intro in the manual generation of .htaccess
WordPress Dashboard的开发人员使自动生成这些文件成为可能. IT is pretty easy to do. In Settings, there is a Permalinks button. Click on and after that simply save the changes you have implemented. And voila you have a WordPress default .htaccess file in a website's’ root. Moreover, there are few editors ready to help you change .htaccess file fast.
But it is wise to know the ways to edit everything manually. Including default .htaccess generation. 有两种方法:您可以在计算机或服务器上创建这样的文件. A text editor is the easiest way to generate such files on a PC. Let’s create a .txt file named htaccess.txt. 然后打开它并执行实现其他命令所需的编码. Then copy-paste created file to the root. Just remember to change the file’s extension to .htaccess.
You need even fewer steps when you need to generate a .htaccess file directly on a server. At first, go to the directory (or subdirectory) where your .htaccess file will locate. Open the drop-down menu with RMB and create a new file with .htaccess extension. Then edit it as you wish with a Notepad++ for example.
How to customize the default .htaccess files
Here we have to make a little note. Keep in mind that manual editing and generation of .htaccess files can be risky. 它可以破坏你的网站,之后,它可能需要时间来恢复以前的版本. So remember to make a few things when you work with .htaccess file.
- Backup the current version of your WordPress project. 当你把一切都搞砸了(这在第一次尝试时经常发生),从检查点开始总是好的.
- 这也是一个好主意,检查更改的结果与WP网站克隆. 作为你网站的副本,这样的工具可以告诉你如何改变你的网站. 显然,如果不直接对原始网站进行这些更改.
- Backup your .htaccess file too. Save it on your PC before you start editing. Most obvious tip. 但是,简单地复制文件而不是通过内存重新创建文件可以节省很多时间.
-
Customizing the code of .htaccess files with snippets
Snippets are an important part of .htaccess file editing. 如果你知道如何使用这些可重用的代码部分,它们可以让你的生活变得非常简单,并丰富你的网站功能.
You can find many of them online. For example, on a GitHub or CSS-tricks. 所以让我们来看看其中的一些,看看它们能对你的网站做些什么.
So, at first, we must find a .htaccess file. Go to the root directory and open it. If the installation was successful then you wills this code:
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# WordPress
Now you can add new code or snippers into this default .htaccess file.
Let’s start with snippers for the root of your server.
Directory browsing disable
服务器的默认设置允许您浏览网站的目录. But it may lead to some security risks. It looks like this:
And if you want to eliminate this threat than use this code:
# Désactivate the display of contents of rédirectories Options All -Indexes
The result will look like:
Snipper for hiding information about your server
The same risks may push you to hide information about your server. It can be done with next snipper:
# Mask the information of server ServerSignature Off
Time settings for the server
When your server is abroad it may have some troubles with time settings. And you can change them with:
# set the server timezone SetEnv TZ America/Washington
And the last snipper is restricting access to your .htaccess file.
It looks like this:
# Restrict access to htaccessorder allow,deny deny from all satisfy all
For some hackers, 也有可能通过在您网站上的图像上进行热链接来消耗您的带宽. It creates risks for your website optimization, and we all know that web search algorithms prefer fast websites. It may harm your SEO function.
This snipper can help you avoid such issues:
#Stop hotlinkers in their tracks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?feeds2.feedburner.com/yoursite [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]
It is also important how to ban the IP address
这是非常有用的,如果有垃圾邮件评论或一些可疑的活动在您的网站上的问题.
#Ban Spammers and bots by blacklisting IP addressesorder allow,deny deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x deny from xxx.xxx.xx.x allow from all
We should not forget about snippets for .htaccess in wp-admin.
It is a place where most of your customization stores. 在这里你可以写文章,做菜单配置,定制你的主题等等.
很明显,您想要限制访问您的网站管理. 为此,您可以列出可以访问管理区域的ip.
order deny,allow deny from all allow from xx.xx.xx.xx //( your static IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP) allow from xx.xx.xx.xx //( Whitelist IP)
wp-includes has snippets too.
With this snippet, you can limit direct access to files with a .PHP extension.
allow Aallow from all Order allow,deny Deny from all Require all denied :Allow from all Allow from all
And our last topic: snippet for .htaccess in wp-content/uploads
这个编码产品允许我们只使用wp-content子目录中的选定文件. In a few words, it denies entry to stored files. 此外,它将允许您有选择地取消阻止各种类型的文件.
# Disable access to all file types except the following Order deny,allow Deny from allAllow from all
Related Posts
Useful .htaccess Snippets Collection. 15 Tricks to Take Better Control of Your Site
Guide to Keep Your WordPress Theme and Plugin Code Secure
Best Customer Service and Chat Plugins for WordPress 2020
吸引家庭客户的全新解决方案:房地产代理WordPress主题
Don’t miss out these all-time favourites
- The best hosting for a WordPress website. Tap our link to get the best price on the market with 82% off. If HostPapa didn’t impress you check out other alternatives.
- Website Installation service -让您的模板启动和运行在短短6小时内没有麻烦. No minute is wasted and the work is going.
- ONE Membership - to download unlimited number of WordPress themes, plugins, ppt and other products within one license. Since bigger is always better.
- Ready-to-Use Website service is the ultimate solution that includes full template installation & configuration, content integration, implementation of must-have plugins, security features and Extended on-page SEO optimization. A team of developers will do all the work for you.
- Must-Have WordPress Plugins - to get the most essential plugins for your website in one bundle. 所有插件将被安装、激活并检查是否正常运行.
- Finest Stock Images for Websites - to create amazing visuals. You’ll get access to Depositphotos.com to choose 15 images with unlimited topic and size selection.
- SSL Certificate Creation service - to get the absolute trust of your website visitors. Comodo证书是最可靠的http协议,确保用户数据安全,免受网络攻击.
- Website speed optimization service - to increase UX of your site and get a better Google PageSpeed score.
Get more to your email
订阅我们的时事通讯和访问独家内容和提供只提供给og体育首页Post订户.
