Edit your existing code to exclude the index.php from redirecting like this: RewriteCond %{HTTPS} on RewriteCond %{REQUEST_URI} !^/info/ RewriteCond %{REQUEST_URI} !^/index\.php$ RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L] For an explanation, check the answer to this question at Stackoverflow: Issue with .htaccess redirecting all pages to HTTPS except one .
The default .htaccess-file will already support the behaviour you want; # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress The magic is in the lines that start with RewriteCond. They instruct Apache to apply the rule RewriteRule … Read more
The PHP files in the wp-includes directory will do nothing when accessed directly. They are designed to be include()‘d in an existing PHP script, such as on the front-end or in the dashboard. Your Options -Indexes entry in the .htaccess file simply prevents a list of the files in a directory when no index.php is … Read more
If you place your “custom” directives outside of any # BEGIN … / # END … comment markers then WordPress (and plugins) should not overwrite them when they update. (Of course, if you have plugins that don’t “play nice” then they could do anything to .htaccess if you let them, so you would need to … Read more
Ok I figured this out and I am providing answer just for the case that someone else experiences this problem. The problem was in the plugin that was used on the original automatic installation of the WordPress done via Mojo Marketplace. The name of the plugin was Endurance PHP Edge and it was not in … Read more
It appears to prevent any POST requests to wp-login.php that aren’t made from a page on my-domain.com. When the browser sends a POST request, say after submitting a form, it will include a HTTP Referrer header telling the server where the request came from. This theoretically prevents bots submitting POST requests directly to wp-login.php as … Read more
About Hacked sites: First of all, let’s be clear about issues related to hacking: If your site was genuinely hacked, then in short of completely erasing all the files and then reinstalling the server (not just WordPress) with new passwords, updating all files and identifying and removing previous loop holes that caused the site to … Read more
Using remove_action() can be remove unnecessary links for example: remove_action(‘wp_head’, ‘rsd_link’); //removes EditURI/RSD (Really Simple Discovery) link. remove_action(‘wp_head’, ‘wlwmanifest_link’); //removes wlwmanifest (Windows Live Writer) link. remove_action(‘wp_head’, ‘wp_generator’); //removes meta name generator. remove_action(‘wp_head’, ‘wp_shortlink_wp_head’); //removes shortlink. remove_action( ‘wp_head’, ‘feed_links’, 2 ); //removes feed links. remove_action(‘wp_head’, ‘feed_links_extra’, 3 ); //removes comments feed.
It’s not clear from your question what you are changing in each of these files, but I presume in each case it is the upload_max_filesize PHP setting. In general, settings will be applied in this order, each over-riding the previous value: php.ini Apache directives in .htaccess calls to ini_set() However, this setting is defined as … Read more
Here is the default code for that file. # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress you can check it here for default htaccess file. http://codex.wordpress.org/Using_Permalinks. Thanks. I hope it helps little.