How to Harden Your Site with .htaccess

Category: Security & SSL  •  Est. reading time: 2 minutes

Your .htaccess file is a small but powerful configuration file in your site’s public_html folder. A few lines can meaningfully tighten your security. Here are two of the most useful, plus a safety word. Always copy your .htaccess before editing, because a typo here can take your site down.

Disable Directory Browsing

By default, if a folder has no index file, some servers show a bare list of everything inside it, which hands visitors a map of your files. Turn that off by adding:

Options -Indexes

Protect the .htaccess File Itself

Your .htaccess file holds sensitive rules, so it should not be readable from the web. Lock it down with:

<Files .htaccess>

Require all denied

</Files>

Blocking specific IP addresses? That is closely related and we cover it in its own guide, “How to Block IP Addresses,” which walks through the cPanel IP Blocker and the .htaccess method together.

Edit It Safely

You can edit .htaccess in cPanel’s File Manager. Make a backup copy first, change one thing at a time, and reload your site after each change so you can catch a mistake immediately.

Want your site hardened properly without the risk? This is part of what our managed hosting does. Reach us at support@allydrez.com or 1-321-209-2004.