Speeding Up Your WordPress Blog With .Htaccess ~ Super Effective Tips

Statistics shows that users expect a website to load in just under 2 seconds, if it takes longer than that they are half as likely to leave the page. You might have put in tremendous amount of effort into your blog’s design and content, but all that comes to naught if your visitors just “bounce” back without ever having appreciated your website. Furthermore, one factor that most search engines use in their ranking algorithm is loading time.

So speeding up your blog will not only guarantee you won’t lose your visitors, but also makes sure your blog will get seen.

If your blog is built on the Apache Web Server, you can take full use of its .htaccess file.


First, let’s explain what the .htaccess file is:

.htaccess is a configuration file on Apache Web Server, usually used to make changes on a per-directory basis. The directives you can give range from domain redirection, leveraging caching, compression to blocking IPs, setting up passwords, protection from spammers and bots and much more. The modifications made to the .htaccess file are applied immediately, since when the use of .htaccess is enabled, Apache looks for those files first.


The .htaccess file is located in your server’s root directory, but it’s hidden so make sure you have “show hidden files” enabled. If you don’t see it, no worries. WordPress generates a .htaccess file when you turn on permalinks, just go to Settings> Permalinks and click on “Save Changes”. If you still can’t find the .htaccess file after you’ve done that, you can create it yourself.  Use any text editor of your preference, Notepad would work as well. Paste in the default code below:


# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress


Save the file as htaccess.txt, rename it to .htaccess (with no .txt extension) and upload it to your WordPress installation folder.

Before you start modifying your .htaccess file, be sure to make a back-up somewhere.

Now that all that is done, let’s move on to what you can do with a .htaccess file to improve your blog.


Why use compression? When a user requests your web page, the server compresses the files’ size before sending them, which means the size of the data that needs to be transferred is smaller, hence it takes a lot less time for it to be loaded.

Paste the following into your .htaccess file to enable Gzip compression:


<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*


Leveraging Browser Cache

Every browser stores websites’ static content (CSS files, scripts, images, stylesheets etc.) in its cache. That’s why when you visit pages that you’ve been to before they load much faster than initially. Since you already have some of the files, your browser doesn’t need to download them again.

For leveraging cache there are two mods you can use, mod_expires and mod_headers.

mod_expires tells the browser what content and for how long to store it, the time is estimated in seconds. If you’re not sure what duration’s to set, you can the ones provided in the code below:


# BEGIN Expire headers
<ifModule mod_expires.c>
  ExpiresActive On
  ExpiresDefault “access plus 5 seconds”
  ExpiresByType image/x-icon “access plus 1 month”
  ExpiresByType image/jpeg “access plus 1 month”
  ExpiresByType image/png “access plus 1 month”
  ExpiresByType image/gif “access plus 1 month”
  ExpiresByType application/x-shockwave-flash “access plus 1 month”
  ExpiresByType text/css “access plus 14 days”
  ExpiresByType text/javascript “access plus 1 month”
  ExpiresByType application/javascript “access plus 1 month”
  ExpiresByType application/x-javascript “access plus 1 month”
  ExpiresByType text/html “access plus 600 seconds”
  ExpiresByType application/xhtml+xml “access plus 600 seconds”
# END Expire headers


You don’t want to set the timers for a very long duration (max 1 year in advance), since then the users won’t get the updated version of your site.

And the rule for mod_headers :


# BEGIN Cache-Control Headers
<ifModule mod_headers.c>
<filesMatch “\.(ico|jpe?g|png|gif|swf)$”>
Header set Cache-Control “public”
<filesMatch “\.(css)$”>
Header set Cache-Control “public”
<filesMatch “\.(js)$”>
Header set Cache-Control “private”
<filesMatch “\.(x?html?|php)$”>
Header set Cache-Control “private, must-revalidate”
# END Cache-Control Headers


Note: There’s no need specify the time in mod_headers since it’s already been defined by mod_expires.

If you’re not yet using cache plugins for your WordPress blog, you might want to also add either WP Super Cache (recommended) or W3 Total Cache.

Disabling hotlinks

Someone might directly link an image from your blog, subsequently stealing your bandwidth. That is called hotlinking. Disabling hotlinking also prevents other websites from stealing your content such as images, videos or CSS files. This requires the mod_rewrite function to be enabled, which you did if you had to create the file yourself and added the code given at the beginning of the article. If you’re not sure that mod_rewrite is enabled in your already existing .htaccess file, simply open the search bar in the Notepad or any editor you’re using and search for it. If you can’t find it then add the code at the beginning of the article to your .htaccess and you’ll be good to go.

Insert the following code into your .htaccess file to disable hotlinking:


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|css)$ – [F]


Make sure to change the yourdomain.com for your own website’s address.

If you’d like you can set up Apache Web Server to display a different content when someone is trying to hotlink your .jpg or .gif files, for example you could show an image with a warning instead. To do so paste the following code:


RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.yourdomain.com/hotlink.jpg [R,L]


In the code above yourdomain.com is your domain and the http://www.yourdomain.com/hotlink.jpg is a link to the image you’d like to display, make sure to replace both for the suitable addresses.

Protecting your blog from spammers and bots

There are hundreds of bots crawling the internet, site rippers, email harvesters, spammers, and every time they visit your webpage, they use your resources. Blocking them would free up said resources and the load on your server, as a result speed up your page. There a numerous bot blacklists online, PerishablePress has an excellent one. The following code stops bots and spammers from accessing your website by instead redirecting them to an error page:

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* – [F,L]

Additionally, you can block spammers by their IP address:

Substitute IP-address with an IP address of a spammer.

.htaccess can also be used to block users based on where the traffic is coming from, meaning a website. To do this use the following code:

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} spamdomain1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} spamdomain2\.com
RewriteRule .* – [F]

The above tells your webserver to block traffic from spamdomain1.com and spamdomain2\.com and instead show a 403 error message. You can add as many addreses as you want, make sure to change the domains given in the code above to appropriate addresses. Keep the backslash before the dot as it’s important.

Security measures

As a final step, you should protect your .htaccess file from unauthorized access, you don’t want just anyone getting a hold of it.

Add the following to your .htaccess code:


<Files .htaccess>
order allow,deny
deny from all


It is also worth mentioning, that there are various online tools available to help you configure your .htaccess file, by practically doing everything for you. So if you aren’t particularly tech-savvy, you might find them useful.

Now that you’re done configuring your .htaccess file, save your changes and  go ahead and check if the loading time got faster.

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

How To Do SEO For Website Guide by MINHAJ
Blogging Tips
How To Do SEO For Website? A-Z FREE Exclusive Guide by MINHAJ

Hello, dear bloggers and webmasters! Hope all of you are fine 😀 Well, let me introduce myself little bit 😀  It’s me Minhaj, person behind this website 😀 A passionate Blogger, Search Engine Optimizer and a Google Adsense Publisher 😀  I have over 3 Years experience on internet marketing field. …

How to start blog and make money online-image -1
Blogging Tips
How to Start A FREE BLOG and Make MONEY From It ~ Full Guide

How to start a blog for free and make money: Are you searching online for the ways to earn money staying at home? Do you want a detail guide on how to start blogging from beginning in order to earn Handsome Cash from online? Then no doubt, you have just …

how to increase website traffic through google, social networking , free
Blogging Tips
Top 6 HOT @ SURE-FIRE Strategies to Get Huge Visitors To Your Site

You might have to confess yourself that actually you do blogging for Passion , Money or whatever you say 😀 But it shouldn’t be your main purpose to write content for Google robots or other search engines bots especially! Right? You want blog readers to read your content. If Your …