Top 5 Security Scripts for Your Website in .htaccess
Security Scripts for Your Website in .htaccess
Learn how to protect your website using five powerful .htaccess security scripts. From blocking malicious IPs to preventing hotlinking, secure your site with these essential configurations.
1. Block Specific IP Addresses
Prevent malicious users or bots from accessing your site by blocking their IPs.
order allow,deny
deny from 192.168.1.100
deny from 203.0.113.0/24
allow from all
Why use it? Stops specific attackers from accessing your server.
2. Prevent Hotlinking
Stops other websites from stealing your images and bandwidth.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(jpg|jpeg|png|gif)$ - [F]
Why use it? Protects your images and reduces bandwidth usage.
3. Disable Directory Browsing
Prevents users from viewing files in directories that don’t have an index file.
Options -Indexes
Why use it? Hides sensitive files from public view.
4. Protect .htaccess and Other Critical Files
Ensure attackers can’t access your .htaccess or configuration files.
Order Allow,Deny
Deny from all
Why use it? Blocks direct access to .htaccess and other hidden files.
5. Enable HTTPS (Force SSL)
Redirect all HTTP traffic to HTTPS for better security.
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://yourdomain.com/$1 [R=301,L]
Why use it? Ensures encrypted connections for better security.
