Block xmlrpc.php WordPress running on OpenLiteSpeed using .htaccess

Block Xmlrpc Open Litespeed

You can block the xmlrpc.php WordPress file when running on OpenLiteSpeed by adding a rewrite rule in the .htaccess file. This will reduce the brute force threat of bots making multiple resource requests. Add to your webroot .htaccess file either add it in a mod_rewrite existing block or add a new one: <IfModule mod_rewrite.c> RewriteRule…

Read More

Block Modsec WAF from WordPress Website

Unblock Modsec

You can block modsec WAF from your website via .htaccess with the following code… <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> This may help when in development, remove when finished to get the protection back. If there is an actual rule you keep triggering you can make an exemption by IP address… # Whitelist 401…

Read More

Adding Expires Header to htaccess

Expires Header Htaccess

Expires Headers are a set of rules or directives from a website to tell a user’s local browser to either look in its own cache for files or to request the files off the webserver, the former is better for speed of the web page load and a reduction in the webserver processing. For Apache…

Read More

Redirect all pages to non-www and HTTPS in WordPress

Redirect Www Non Www Https

To redirect all URLs from www to non-www and also to redirect from http to https, this code snippet to be added to .htaccess file at the top should do the trick. So https://example.com # BEGIN Redirects RewriteEngine On # 301 redirect www to non-www RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC] RewriteRule ^(.*)$ https://%1/$1 [R=301,L] # 301…

Read More