.htaccess for WordPress

Here are some great codes to insert into your .htaccess file to help with securing your website. Put this in your root folder.

#Disable disable directory browsing
Options All -Indexes
# Block wp-includes folder and files

RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
<files wp-config.php>
order allow,deny
deny from all
</files>

This one should go in your wp-content folder.

#Disable Directory Browsing
Options All -Indexes

# Disable access to all file types except the following
Order deny,allow
Deny from all
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar|html)$">
Allow from all
</Files>

admin has written 38 articles