.htaccess file is an acronym for Hypertext Access. It is a configuration file used by Apache-based web servers that control the directory. These .htaccess files can be used to alter the configuration of the Apache Web Server software to enable or disable additional functionality and features that the Apache Web Server software has to offer.

If you are using any CMS (Drupal, Joomla, WordPress or Blogger) then you might have definitely seen .htaccess file and wondered what exactly this do or what is wordpress htaccess file location. It can be found in cPanel under Web Root folder (.htaccess file can be hidden, while opening check ‘Show hidden files’).

If you are using WordPress SEO by Yoast plugin you can edit htaccess file there directly – SEO –> Tools –> File Editor –> .htaccess File

Note: Make sure you are keeping a backup of the previous .htaccess file before making ay changes.

htaccess File is useful in many ways:

Custom Error Pages:

.htaccess file additionally allows you to create custom error pages for your site. Most common error is ‘Error 404 : Page Not Found’ when a link is broken and cannot be found. To make a page look friendlier and to provide more information to the site visitor you can use the .htaccess file to create custom error pages.

Design an error page that you want to showcase whenever your blog gets Page Not Found error and provide its location in the .htaccess file.

ErrorDocument 404 /customError.html

Mime Types:

Sometimes our site features some application files but our server is not set up to deliver those files. In this case, we need to add MIME types to your Apache server in the .htaccess file with the following code.

AddType text/css .css

AddType text/x-component .htc

AddType application/x-javascript .js

AddType application/javascript .js2

AddType text/javascript .js3

AddType text/x-js .js4

AddType text/html .html .htm

AddType text/richtext .rtf .rtx

AddType image/svg+xml .svg .svgz

AddType text/plain .txt

AddType text/xsd .xsd

AddType text/xsl .xsl

AddType text/xml .xml

AddType video/asf .asf .asx .wax .wmv .wmx

AddType video/avi .avi

AddType image/bmp .bmp

Protect wp-config.php with .htaccess file

WP-config.php is the most crucial file in your blog. It allows data storing and retrieving. The information about username, password, host and database name are present in your wp-config.php. Protecting your wp-config.php should be your prior concern. Below code helps you to do so:

<Files wp-config.php>

order allow,deny

deny from all

</Files>

Restrict Spam visitors and Block them by using IP Address

When your site gets popularity and it attracts huge visitor base, it increases chances to be attacked by spammers or annoying visitors. You need to take proper action by stopping them to spam your site. Below code will allow you to restrict certain visitors:

<Limit GET POST>

order allow,deny

deny from {IP Address of the Denied Visitor1}

deny from {IP Address of the Denied Visitor2}

allow from all

</Limit>

Restricting other users to access Admin area

In our blog, we have many roles like editor, author, subscriber and author having partial access. But you need to restrict them to use your admin area. To do this, you can add the following code to the .htaccess file and fill your IP address –

order deny,allow

allow from {your IP Address}

deny from all

Got any questions? Feel free to contact.

Also, share your views or strategies that you use to secure your blog.