Posts

Showing posts from July, 2017

How to set up internal protection for .htaccess to | Website security

This part is applicable only for cases when you wish to manually set up all the necessary settings and rules. All these settings can be set up automatically with secure plugins (especially BulletProof Security). We recommend using the secure plugins first and only if they fail to deliver necessary control, perform manual configuration. If you do need to make specific changes to the .htaccess file manually, kindly use the guide provided below:

.htaccess (hypertext access) is the default name of the directory-level configuration file specific for web servers running Apache.

This is a file which is modified the most often when dealing with redirects and is also often used to change file types to make them executable. It is also the one you will be using to harden your environment.

To protect it, apply a few simple rules – set low permissions and deny access.


Apply Low Permissions


The basic guidance for permissions is simple: the lower the number, the harder the access becomes. Good rule of th…