Logo

dev-resources.site

for different kinds of informations.

WordPress Optimization Techniques Using .htaccess

Published at
12/28/2024
Categories
wordpress
website
tutorial
webdev
Author
Muhammad Usman
Categories
4 categories in total
wordpress
open
website
open
tutorial
open
webdev
open
WordPress Optimization Techniques Using .htaccess

Optimizing WordPress using the .htaccess file involves implementing directives to enhance site performance, security, and functionality. Below are key techniques with examples:

1. Enable GZIP Compression

Compress files to reduce their size and speed up loading times.

<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json application/x-javascript application/xml application/xhtml+xml application/rss+xml application/atom_xml application/font-woff application/font-woff2 image/svg+xml
</IfModule>

2. Leverage Browser Caching

Cache static resources in the user's browser.

<IfModule mod_expires.c>
ExpiresActive On ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType text/javascript "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 2 days"
</IfModule>

3. Prevent Hotlinking

Stop other sites from embedding your images.

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_REFERER} !^$
  RewriteCond %{HTTP_REFERER} !^https://(www\.)?yourwebsite\.com [NC]
  RewriteRule \.(jpg|jpeg|png|gif)$ - [F,NC,L]
</IfModule>

4. Block Bad Bots

Prevent access from known malicious bots.

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTP_USER_AGENT} ^.*(badbot|evilbot|maliciousbot).*$ [NC]
  RewriteRule .* - [F,L]
</IfModule>

5. Disable Directory Browsing

Prevent listing files in directories.

Options -Indexes

6. Limit Access to wp-config.php

Secure your critical WordPress configuration file.

<Files wp-config.php>
order allow,deny
deny from all
</Files>

7. Protect .htaccess File

Prevent others from modifying the .htaccess file.

<Files .htaccess>
order allow,deny
deny from all
</Files>

8. Redirect HTTP to HTTPS

Force your website to use HTTPS.

<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

9. Limit Post Request Size

Prevent large requests to mitigate DoS attacks.

LimitRequestBody 10485760

10. Enable CORS

Allow resources to be shared across domains (useful for APIs and fonts).

<IfModule mod_headers.c>
  Header set Access-Control-Allow-Origin "*"
</IfModule>

11. Restrict Access to Admin Area

Restrict wp-admin access to specific IPs.

<FilesMatch "wp-login.php">
  order deny,allow
  Deny from all
  Allow from 123.456.789.0
</FilesMatch>

12. Enable Keep-Alive

Improve connection handling.

<IfModule mod_headers.c>
  Header set Connection keep-alive
</IfModule>

13. Remove ETags

Reduce overhead by disabling ETags.

<IfModule mod_headers.c>
  Header unset ETag
</IfModule>
FileETag None

14. Optimize Default WordPress .htaccess

Include clean permalink rules and other optimizations.

# BEGIN WordPress
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteBase /
  RewriteRule ^index\.php$ - [L]
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule . /index.php [L]
</IfModule>
# END WordPress

These optimizations should be tested thoroughly to ensure compatibility with your WordPress setup and server configuration. Back up your .htaccess file before making changes.

Featured ones: