Dave McCourt thinks some thoughts...

WordPress root htaccess

Posted in: Code snippets, WordPress
#
# Prevent directory browsing
#
Options All -Indexes

#
# Domain rewrites
#
RewriteEngine On 
RewriteCond %{HTTP_HOST} !^www\.bananadesign\.co\.uk$
RewriteRule (.*) https://www.bananadesign.co.uk/$1 [R=301,L]

#
# Prevent access to various important directories
#
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]

#
# Prevent viewing of wp-config.php
#
<Files wp-config.php>
order allow,deny
deny from all
</Files>

#
# Prevent viewing of .htaccess
#
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>

#
# Expires Caching
#
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/svg+xml "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
</IfModule>

#
# Compression
#
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript image/gif image/png image/jpeg image/jpg image/svg+xml 
</IfModule>

#
# Wordfence WAF
#
<Files ".user.ini">
<IfModule mod_authz_core.c>
 Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
 Order deny,allow
 Deny from all
</IfModule>
</Files>


#
# BEGIN WordPress
#
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# Media Vault Rewrite Rules (restricts access to uploaded files to logged in users)
RewriteRule ^wp-content/uploads(/_mediavault/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L]
RewriteCond %{QUERY_STRING} ^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$
RewriteRule ^wp-content/uploads(/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L]
# Media Vault Rewrite Rules End

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress