05 Apr htaccess Security – WordPress

# HOTLINK PROTECTION 
<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{HTTP_REFERER} !^$
 RewriteCond %{REQUEST_FILENAME} -f
 RewriteCond %{REQUEST_FILENAME} \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf|mp4|mov)$ [NC]
 RewriteCond %{HTTP_REFERER} !^https?://([^.]+\.)?your-domain-name\. [NC]
 RewriteRule \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|php|png|css|pdf|mp4|mov)$ - [F,NC,L]
</IfModule>

# PROTECT WP-CONFIG
<Files wp-config.php>
 Order Allow,Deny
 Deny from all
</Files>