Posts categorized: htaccess
As discussed, it's important to protect your site by setting proper file permissions on the server. This can be tricky for certain directories such as
/backups/, which need to be writable by the server in order for things like uploads, upgrades, and backups to work.
Here are six htacccess tricks that will help improve the security and SEO quality of your WordPress-powered site. We do this using .htaccess to establish canonical URLs for key peripheral files, such as your
sitemap.xml files. Canonicalization keeps legitimate bots on track, eliminates malicious behavior, and ensures a better user-experience for everyone. On the menu:
While manually upgrading a bunch of old WordPress sites, I realized that the WordPress htaccess rules for permalinks had changed. For many years and versions, the htaccess code that enables WordPress permalinks went unchanged, resulting in an almost sacred set of htaccess directives. Here are the original permalink rules as currently provided at the WordPress Codex:
Close monitoring of your site’s PHP errors is crucial to operating a healthy, secure, and well-performing website. When left undetected, PHP errors can reduce performance, waste bandwidth, and leave your site vulnerable to malicious attack. PHP errors usually occur unpredictably and spontaneously, and may be triggered by even the slightest changes to your server configuration, database setup, or WordPress files. Even if your site appears to working properly on the surface, it may in fact be suffering from undetected PHP errors that should be fixed as soon as possible.
Beginning with version 2.5, WordPress automatically handles many types of canonical redirects. A good example of this may be seen by typing your blog address into your browser both with and without the
www prefix. If you are using WordPress 2.5 or better, one of these versions of your blog URL will be immediately redirected to the other. The same type of automatic redirect may be seen for several other non-canonical URL variations, and is handled via PHP deep in the WordPress core.