How to Prevent Unauthorized Access to the .htaccess File?

How to Prevent Unauthorized Access to the .htaccess File?

WordPress is made up of numerous files. These can be divided into core and supporting files. Core files are more important than others in maintaining the integrity of the website. .htaccess is part of the WordPress Core files.

Many a times, hackers try to inject some malicious codes into the .htaccess file, which contains rules, security codes, and important code from the plugins. Therefore, you must take necessary precautions to prevent unauthorized access to this file. In this article, learn the exact process you need to follow.

Add the Security Code

To protect the .htaccess file, you need to add some security codes to it. You can use a plugin for editing or following the steps mentioned below.
  • Log into your cPanel account
  • Open File Manager from under the Files section
  • From the left-hand side panel, click on the “public_html” folder
  • Now, on the right-hand side, find the “.htaccess” file.
  • If you don’t find it, then you have to make some changes on the Settings. Click on the gear icon and tick the “Show hidden files” option. This should show the .htaccess file
  • Right-click on it and click on “Edit”
  • Now copy and paste the following code just before the #END WordPress:
<files ~ "^.*.([Hh][Tt][Aa])">
order allow,deny
deny from all
Save the changes and exit. This will restrict any unauthorized access to the file. Only those with the correct credentials will be allowed to open and edit it.

You should also take adequate precautions against the use of FTP. They make your website vulnerable, and hackers may use it to access the .htaccess file to inject codes.

So that’s how you secure your .htaccess file and prevent unauthorized access.
First release
Last update
0.00 star(s) 0 ratings

More resources from kumkumsharma