Website Protection with htaccess

January 18, 2017 | Views: 3346

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here
Estimated reading time: 1.5 minutes
Hello everyone,
 
Many experts say that nothing is secure. I agreed, but if one is a programmer as well as a security expert, then we can make this game very difficult for the bad guys. Now, to make the game challenging, we have some kind of file, “.htaccess”.
 
But, what is the “.htaccess” file.
 
A “.htaccess” file stands for Hyper-Text Access file. We can create projects on our local server, or on a server that we buy/rent a through a service. On a local server, we have to create it, but on public servers, the hosting company provides this file by default.
 
The .htaccess file is the centralized file of our server. By configuring this file, we can allow or deny any user.
 
We can protect our website from a DOS attack or SQL injection attack.
 
We can also protect our website from theft (i.e. direct copy). Copying a website is effortless, but we can make it very difficult.
 
It is also possible to stop or block any IP or any range of IP’s. We can even block an entire country’s IP by using this file.
 
For security purposes, this file is excellent at protecting a website from basic attacks. Please understand that I’m not trying to say that this is the most secure means of protection. What I mean is that making a game out of it increases the difficulty of access. This makes the bad guys have to work harder and evaluate whether it is worth the effort.
Thank you for reading. If you have any comments or suggestions, please post them below!
Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
7 Comments
  1. But i need a example to more understand
    Thank you very much

    • It good that there is someone who focuses on such things.
      And in example, i would like to contribute

      Suppose ,
      http://www.site.com/xmlrpc.php

      if by typing above URL, we get in response that, “XML-RPC server accepts POST requests only.” more likely to occur in WordPress sites.

      Then by typing following code in between tagsin .Htaccess file ,we can deny all user from accessing file XML-rpc.php
      ****************

      # Block WordPress xmlrpc.php requests

      order allow,deny
      deny from all

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel