Tips to secure your wordpress using .htaccess

Here I am going to share few security tips to your wordpress cms/blog using .htaccess file
Below are the 3 important files/folders to be considered while thinking about security

  1. wp-config.php
  2. wp-contents folder
  3. .htaccess file

How to protect your wp-config.php

wp-config.php is the file in your root directory that stores information about your site as well as database details, this file in particular we would not want to fall into the wrong hands.
In your .htaccess add the following to prevent any access to the wp-config.php file:

<Files wp-config.php>
order allow,deny
deny from all
</Files>

No directory browsing

As WordPress is now so popular many people know the structure of a WordPress install and know where to look to discover what plug-ins you may use or any other files that might give away too much information about your site, one way to combat this is to prevent directory browsing

Options All -Indexes

Prevent Access To wp-content

The wp-content folder contains images, themes and plug-ins and it’s a very important folder within your WordPress install, so it makes sense to prevent outsiders accessing it.
This requires it’s very own .htaccess file which must be added to the wp-content folder, it allows users to see images, CSS etc … but protects the important PHP files:

Order deny,allow
Deny from all
<Files ~ ".(xml|css|jpe?g|png|gif|js)$">
Allow from all
</Files>

Protect .htaccess

This below code actually stops anyone viewing any file on your site that begins with “hta”, this will protect it and make it safer.

<Files ~ "^.*.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>

How to remove category from wordpress url

If you want to take the “category” base term out of your URL –
turning wordpress.org/category/news  into wordpress.org/news ?
It’s easy to do. You can  set it from the permalinks settings. set your permalinks to/%category%/%postname%/ and then put a period/dot into the Category base form.
Go to Settings > Permalinks and set it up as follows.

Remove category from wordpress url anvar
Remove category from wordpress url

 

Gallery Carousel Without Jetpack WordPress Plugin

There is no doubt that JetPack packed with tons of features. However, many users don’t want all that monstrous codes in their blog for one or two modules. Also, You should connect your blog to wordpress.com to get the JetPack features.
I really like that Tiled Gallery with Full Screen carousel module in JetPack and don’t want other modules. That’s why I’ve made the this Tiled Gallery Carousel Without JetPack Plugin from JetPack.
Tiled Gallery with carousel will completely transform your galleries to new look and your users will love this. Tiled Gallery allows you to display image galleries in following styles, a rectangular mosaic, a square mosaic, and a circular grid.
Preview:
http://demo.themepacific.com/plugin-tiled-gallery-carousel/2013/10/13/tiled-gallery-carousel-without-jetpack-wordpress-plugin/
Download:
http://downloads.wordpress.org/plugin/tiled-gallery-carousel-without-jetpack.zip

wordpress gallery carousel plugin in wordpress anvar web developer html wordpress css php tricks
wordpress gallery carousel plugin in wordpress