Protect your .htaccess file

Protection Requirement:

OPTIONAL

Skills/Resources:

>Edit system files
>Text editor

THE THREAT
The .htaccess file controls access to your site. If someone is able to access it they can access your entire site.

THE OBJECTIVE
To ensure that no one from the outside world can access your .htaccess file, protecting yourself from intruders who attempt to change file permissions on your website.

PROPOSED SOLUTION
.htaccess is a hidden file that is located in the root directory of your website, so you’ll need to show hidden files in order to be able to access it.

Once you are able to edit it, add this to the file:

# protect .htaccess file
<Files ~ “^.*\.([Hh][Tt][Aa])”>
order allow,deny
deny from all
satisfy all
</Files>

MORE ADVANCED
none

NEED HELP?
If you need help implementing this and other security measures then Virtual Webmaster Services can help. Visit Virtual Webmaster Services