.htaccess, the file which control the Apache webserver, is very useful and allows you to do a lot of things. In this article, let’s see how .htaccess can help you with your WordPress blog, for both security,functionnality and usability.
Warning
When editing or modifying the .htaccess file of your WordPress blog, make sure to always have a backup that you can restore in case of something went wrong.1 – Redirect WordPress RSS feeds to feedburner with .htaccess
Which blogger doesn’t use feedburner? Sure, feedburner is a very nice service, allowing you to know how many people suscribed to your rss feeds. The only problem is that you must edit your theme files to manually change the rss url. Happilly, there’s a nice hack, using .htaccess, which will make you save a lot of time!Don’t forget to modify line 6 before applying this code!
# temp redirect wordpress content feeds to feedburner
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} !FeedBurner [NC]
RewriteCond %{HTTP_USER_AGENT} !FeedValidator [NC]
RewriteRule ^feed/?([_0-9a-z-]+)?/?$ http://feeds2.feedburner.com/catswhocode [R=302,NC,L]
</IfModule>
Source: How to redirect WordPress rss feeds to feedburner
2 – Remove /category/ from your WordPress url
By default, WordPress category permalinks are displayed that way:http://www.catswhocode.com/blog/category/wordpressAs you can see, the category in the url is pretty useless. Here’s how to remove it:
First backup your .htaccess file. Then, open it and append the following line:
RewriteRule ^category/(.+)$ http://www.yourblog.com/$1 [R=301,L]Once saved, your categories pages will be displayed like this:
http://www.catswhocode.com/blog/wordpress
Source: How to remove category from your WordPress url
3 – Using browser cache
A very good way to optimize your blog loading time is to force the use of the browser cache. This code will not improve your blog loading time directly, but it will save some work to the server by sending a 304 not modified status when the requested element haven’t been modified.FileETag MTime Size
<ifmodule mod_expires.c>
<filesmatch "\.(jpg|gif|png|css|js)$">
ExpiresActive on
ExpiresDefault "access plus 1 year"
</filesmatch>
</ifmodule>
Source: Comment accelerer le temps de chargement de votre blog
4 – Compress static data
Do you know that it is possible to send compressed data to the visitors, which will be decompressed by the client? This code will definitely save you (and your visitor) bandwidth and reduce your pages weight.AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html
5 – Redirect Day and name permalinks to /%postname%/
The first thing to do is to login to your WordPress admin, go to Settings → Permalinks and select custom. Fill out the field with /%postname%/.Your permalinks will now look like the ones on this blog:
http://www.yourblog.com/name-of-the-post
Now we got to redirect all backlinks using the old permalinks structure to the new permalink structure. To do so, you’ll have to edit the .htaccess file, located in WordPress root directory.
Paste the following line in your .htaccess:
RedirectMatch 301 /([0-9]+)/([0-9]+)/([0-9]+)/(.*)$ http://www.domain.com/$4
Allright! You just changed your permalinks structure without loosing any backlinks!
Source: Redirect day and name permalinks to postname
6 – How to: Deny comment posting to no referrer requests
Are you sick and tired about the daily amount of spam comments received? Sure, there’s akismet, but here’s a little .htaccess trick to prevent spammers posting on your blog. The fact is that most spammers uses bots comming from nowhere. This code will look for the referrer (the page from where the commentator come from) and will deny commenting if the commentator try to access the wp-comments-post.php file without directly comming from your blog.Just change the line 4 and specify your blog url there.
RewriteEngine OnSource: How to deny comment posting to no referrer requests
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
7 – Redirect visitors to a maintenance page
When you’re upgrading your blog, or making theme/design changes, it isn’t a good idea to let people see your blog being tweaked, sometimes with design or code problems, or even worst, security gaps.The solution is to design a nice “maintenance page” and temporarily redirect your visitors to that page until you finished the maintenance.
Replace maintenance.html (line 2) by the page you’d like to redirect your visitors, and the IP adress on line 3 by your own ip.
Note that a 302 redirection is used, to avoid search engines indexing the maintenance page instead of your real homepage!
RewriteEngine onSource: Comment faire une page d’accueil pour les internautes
RewriteCond %{REQUEST_URI} !/maintenance.html$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123
RewriteRule $ /maintenance.html [R=302,L]
8 – Protect your WordPress blog from hotlinking
Hotlinking is the use of an image from one site into a web page belonging to another site. Many bloggers are hotlinked, and have their bandwidth used on another websites. This very helpful code will protect your WordPress blog from hotlinking.RewriteEngine OnSource: How to protect your WordPress blog from hotlinking
#Replace ?mysite\.com/ with your blog url
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
#Replace /images/nohotlink.jpg with your "don't hotlink" image url
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L]
9 – Allow only your IP adress on the wp-admin directory
Excepted the case of a collaborative blog, only you should be allowed to visit the wp-admin directory. If you have a static IP, this code will do the job.All you have to do is to enter your static IP adress on line 8. Note that you can add more IPs if needed, by creating a new line with: allow from xx.xx.xxx.xx inside.
AuthUserFile /dev/nullSource: Protecting the WordPress wp-admin folder
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<LIMIT GET>
order allow, deny
deny from all
allow from xx.xx.xx.xx
</LIMIT>
10 – Banning a WordPress Spammer With .htaccess
You know it, spam is very annoying. In the case of a particular person/bot spamming you, you can easily avoid it by blacklisting the IP.Simply replace the IP adress on line 3 by the spammer’s IP. You can add more spammers by creating a new line with deny from xxx.xx.xxx.xxx inside.
<Limit GET POST>
order allow,deny
deny from 200.49.176.139
allow from all
</Limit>
Source: The easiest way to ban a WordPress spammer
0 komentar:
Post a Comment