WordPress – The most widely used Content Management System (CMS) in today’s internet realm – due to its popularity, is an incredibly attractive target for hackers. .htaccess is the most essential file for any website. Also, you can do a lot of things using the WordPress .htaccess file. You can restrict your website access. Additionally, It can be placed in any folder of the website to change the behavior of that folder.
Precautions:
As you’re aware, .htaccess is the control room of your whole website. Even a single misspelt dot (.) can destroy your complete website. So, before making any changes, back up your .htaccess file to an offsite location.
So, here we go!
By default, every web hosting has .htaccess file in the root directory. If it is not available, you can create one by opening Notepad and saving it with the name “.htaccess”. Be sure it’s not “htaccess”, its “.htaccess” and set “Save as type” to “All files”. Upload it to the root directory of your WordPress hosting server.
1. Protect .htaccess
.htaccess has the ability to control your whole website. Thus, it is important to first protect this file from unauthorized users. By using the snippet below, you can restrict access to unauthorized users. But, you can edit the file from FTP and your hosting.
Just copy and paste the snippet below into your .htaccess file.