Optimized Version htaccess for wordpress website

April 7, 2026 in WordPress

Optimized Version htaccess for wordpress website

🔥 What Improved

• ✅ Single clean redirect (faster + SEO friendly)
• ✅ AI folder properly excluded
• ✅ No duplicate rewrite engine
• ✅ Better security
• ✅ Safer structure

RewriteOptions inherit
DirectoryIndex index.php

# ======================================
# 🔁 Rewrite Rules (Clean + Optimized)
# ======================================
<IfModule mod_rewrite.c>
RewriteEngine On

# ✅ Exclude AI folder
RewriteRule ^ai/ - [L]

# ✅ Force HTTPS + non-www in ONE step
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP_HOST} ^www\.soatechnology\.net [NC]
RewriteRule ^ https://soatechnology.net%{REQUEST_URI} [L,R=301]

# ✅ Preserve Authorization Header
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# ✅ WordPress Rules
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

</IfModule>

# ======================================
# ⚡ Compression
# ======================================
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/javascript application/json
</IfModule>

# ======================================
# ⚡ Caching
# ======================================
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/webp "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
</IfModule>

# ======================================
# 🔒 Security
# ======================================
Options -Indexes

<FilesMatch "(wp-config\.php|\.htaccess)">
    Require all denied
</FilesMatch>

# ======================================
# 🔐 Security Headers
# ======================================
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
Header set X-Frame-Options "SAMEORIGIN"
Header set X-XSS-Protection "1; mode=block"
</IfModule>

# ======================================
# ⚠️ Login Redirect (Use carefully)
# ======================================
 RedirectMatch "^/wp-login/?" /login

October 1, 2025 in WordPress

rel=”pingback” is good for WordPress website or not

rel="pingback" is a special <link> tag that WordPress (and some other CMSs) insert into the <head> of your site. It looks like this:

<link rel="pingback" href="https://example.com/xmlrpc.php" />

What it does

• It tells other sites where to send pingbacks when they link to your posts.
• Pingbacks are part of WordPress’s old XML-RPC system, used for blog-to-blog communication (when someone links your post, WordPress tries to notify you).

Pros

• Used to be good for SEO visibility and networking between blogs.
• Lets you know when someone links to your site.
• Can create automatic backlinks if the other site also supports pingbacks/trackbacks.

Cons

• High spam rate: Spammers can abuse pingbacks/trackbacks to flood your site with fake notifications or links.
• Security risk: XML-RPC (which powers pingbacks) has been exploited in DDoS attacks and brute-force attacks on WordPress sites.
• Not useful anymore: Most modern blogs and CMSs have stopped using pingbacks.

Current Best Practice

• Not recommended for modern WordPress sites.
• If you don’t actively use or need pingbacks/trackbacks, you should disable them.
• You can disable from WordPress Settings → Discussion → Allow link notifications from other blogs (pingbacks and trackbacks) (just uncheck it).
• You can also remove the <link rel="pingback"> tag from your theme’s header.php for cleaner code.

Conclusion:
For SEO and security reasons, it’s better to disable pingbacks today. They add little value and open doors to spam/attacks.

August 21, 2025 in WordPress

Remove All nofollow From WordPress Output

Instead of targeting comments or posts separately, hook into the final HTML output and strip every rel="nofollow" before it reaches the browser.

Add this to your functions.php (or better: a small custom plugin):

// Remove all nofollow from final HTML output
function wp_remove_nofollow_from_output($buffer) {
    // Remove nofollow, ugc, and combinations
    $buffer = str_replace(
        [' rel="nofollow"', ' rel="nofollow ugc"', ' rel="ugc nofollow"', ' rel="nofollow noopener"', ' rel="noopener nofollow"'],
        '',
        $buffer
    );
    return $buffer;
}

// Start output buffering
function wp_start_remove_nofollow() {
    ob_start('wp_remove_nofollow_from_output');
}
add_action('template_redirect', 'wp_start_remove_nofollow');

How This Works

• ob_start captures the entire HTML page just before it’s sent to the browser.
• It strips out any rel="nofollow" (no matter where it came from).
• Works for posts, pages, menus, comments, plugins, SEO tools – everything.

Steps

1. Go to Appearance > Theme File Editor > functions.php
2. Paste the above code at the bottom (before ?> if exists).
3. Save.
4. Clear all caches (WordPress cache, browser, Cloudflare if using).
5. Reload your site → nofollow should be gone.

August 18, 2025 in WordPress

why my WordPress website not indexed by google

Several reasons can prevent a WordPress website from being indexed by Google:

• Search Engine Visibility Settings:In your WordPress dashboard, navigate to Settings > Reading. Ensure that the “Discourage search engines from indexing this site” checkbox is not checked. If it is, Google will be instructed not to crawl and index your site.
• Robots.txt File:Your robots.txt file might be blocking Googlebot from crawling important pages or even your entire site. Check this file to ensure it’s not inadvertently preventing access.
• Noindex Directives:Individual pages or posts might have a “noindex” meta tag or an X-Robots-Tag HTTP header, which explicitly tells search engines not to index that specific content. Check your page source code and any SEO plugins for these directives.
• Google Search Console Issues:
  • Not Connected: Your WordPress site might not be properly connected to Google Search Console.
  • Sitemap Not Submitted: If your XML sitemap isn’t submitted or is incorrect, Google might have difficulty discovering all your pages.
  • Manual Actions/Penalties: Google might have penalized or de-indexed your site due to violations of its Search Essentials (e.g., spammy tactics, thin content, cloaking).
• New Website or Lack of Crawlability:
  • New Site: It takes time for Google to discover and crawl new websites.
  • Insufficient Internal Linking: If pages are not well-linked internally, Googlebot might struggle to find them.
  • No Backlinks: A lack of external links (backlinks) can make it harder for Google to discover your site’s existence.
• Content Quality and Relevancy:
  • Thin or Duplicate Content: Pages with minimal content or content copied from other sources are less likely to be indexed.
  • Lack of Value: Google prioritizes valuable, original content that serves user needs.
• Technical Issues:
  • Server Issues: If your server is frequently overloaded or inaccessible, Googlebot may fail to crawl your site.
  • Mobile-Friendliness: Google prioritizes mobile-friendly websites for indexing.

Troubleshooting Steps:

• Verify WordPress Settings: Double-check the “Search Engine Visibility” setting.
• Check Robots.txt and Noindex Tags: Use tools like Google Search Console’s URL Inspection tool to identify any blocking directives.
• Connect to Google Search Console: Ensure your site is verified and submit your sitemap.
• Improve Content Quality: Create valuable, original, and comprehensive content.
• Build Internal and External Links: Enhance crawlability and discoverability.
• Address Technical Issues: Ensure your site is mobile-friendly and address any server or rendering problems.

August 1, 2025 in WordPress

Notice: ob_end_flush(): Failed to send buffer of zlib output compression (0)

The notice “ob_end_flush(): Failed to send buffer of zlib output compression (0)” in PHP indicates an issue with output buffering and zlib compression. This often occurs in environments where zlib.output_compression is enabled in php.ini, and there’s a conflict or problem when PHP attempts to flush the compressed output buffer.

Common Causes and Solutions:

• WordPress-Specific Issues:
  • wp_ob_end_flush_all() function: In WordPress, the wp_ob_end_flush_all() function, hooked to the shutdown action, can sometimes conflict with zlib.output_compression.
  • Solution: A common fix involves replacing the default WordPress shutdown action with a custom one that handles output buffering more robustly. This can be done by adding code to a custom plugin or a mu-plugin file (e.g., wp-content/mu-plugins/fix-zlib.php):

Code

        <?php
        /**
         * Fix zlib Error
         */
        remove_action( 'shutdown', 'wp_ob_end_flush_all', 1 );
        add_action( 'shutdown', static function () {
            $levels = ob_get_level();
            for ( $i = 0; $i < $levels; $i ++ ) {
                @ob_end_flush();
            }
        }, 9999999 );
        ?>

• Server Configuration (php.ini):
  • zlib.output_compression: If this setting is enabled and causing issues, it might be necessary to disable it.
  • Solution: Modify your php.ini file to set zlib.output_compression = Off. Remember to restart your web server after making this change.
• Missing Closing Tags or Output Conflicts:
  • In some cases, especially in templating engines like Blade (Laravel), missing closing statements or unexpected output before the end of the script can lead to this notice.
  • Solution: Review your code, particularly template files, for any unclosed HTML tags or accidental output before the intended content.
• Plugin/Theme Conflicts (WordPress):
  • Certain plugins or themes might interfere with output buffering or zlib compression, leading to this notice.
  • Solution: Deactivate plugins one by one to identify the culprit. If a specific plugin or theme is causing the issue, consider looking for updates or alternative solutions.

August 1, 2025 in WordPress

update wordpress without ftp

Updating WordPress without FTP access is achievable through a couple of primary methods:

1. WordPress Admin Dashboard (Automatic Updates):

This is the simplest and most common method. When a new WordPress core version, plugin, or theme update is available, a notification will typically appear in your WordPress admin dashboard (e.g., in the “Updates” section or a banner at the top of the dashboard).

• Core Updates:Navigate to Dashboard > Updates. If a new WordPress version is available, you will see an “Update Now” button. Clicking this button initiates the automatic update process. Your site might enter maintenance mode briefly during the update.
• Plugin & Theme Updates:In the same “Updates” section, you can select individual plugins or themes that have available updates and click the “Update” button to update them.

2. Modifying wp-config.php for Direct File System Access:

If WordPress consistently prompts for FTP credentials during updates or installations, even when using the dashboard, it often indicates a file permissions issue or a setting that prevents direct file system access. You can address this by adding a line to your wp-config.php file:

• Access wp-config.php:You will need to access your site’s files through your hosting provider’s control panel (e.g., cPanel’s File Manager) as you cannot use FTP.
• Add the Code:Locate the wp-config.php file in the root directory of your WordPress installation. Open it for editing and add the following line of code: 

Code

    define('FS_METHOD', 'direct');

Place this line before the /* That's all, stop editing! Happy blogging. */ line.

• Save and Upload: Save the changes to wp-config.php and upload it back to your server (or save directly if editing in a file manager).

This setting tells WordPress to use direct file system methods for updates and installations, bypassing the need for FTP credentials. Ensure your file and folder permissions are correctly set (typically folders to 755 and files to 644) for this method to work effectively.