Here is a quick set of codes that can be easily added to your HTACCESS file to give your website an extra layer of security than the standard, these all work great with either WordPress or a custom PHP website.
Turn Off Directory Browsing
Directory browsing allows any public users to type in yourdomainc.com/images/ and basically see every file available. Hackers and malicious bots can also use this to discover information on your site structure.
Use the below code in your HTACCESS file to turn this feature off
Options All -Indexes
Disabling Access to Scripts
Some important scripts like the HTACCESS file and say a configuration file which contains important database connection username and password details you may want to block access to for the case that they can be displayed in plain text.
<Files .htaccess> order allow,deny deny from all </Files> <Files /wp-config.php> order allow,deny deny from all </Files>
Allow Access Only for Set IP Addresses
This is great for your admin and should be placed in a separate
<Limit GET POST PUT> Order allow, deny allow from all deny from 220.127.116.11 </Limit>