htpw is a project to increase the security of your WordPress!
.htaccess to protect WordPress
htpw is a project to increase the security of your WordPress installation without installing external plugins to preserve memory, space and integrity of the cms installation.
It doesn't introduce invasive rules (XSS or Injection protection) to avoid creating malfunctions with external plugins.
htpw introduces protection against:
Add to the bottom of your .htaccess file the contents of the htaccess file.
htpw works if your webserver is Apache (not NGINX).
If you want to test if the new rules work and protect your WordPress site you can use WPScan (WordPress Security Scanner), if the default scan fails htpw is working!
You can install WPScan on your PC or use it online, online scan failed example:
mod_remoteip
apache moduleGNU General Public License v3.0