X-Security Headers for Apache / .htaccess for Security purpose

Open your .htaccess file and paste below Code in that. WordPress / CodeIgniter / Magento / Opencart / Joomla

 

### X-Security Headers ###

# X-XSS-Protection
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
</IfModule>

# X-Frame-Options
<IfModule mod_headers.c>
Header always append X-Frame-Options SAMEORIGIN
</IfModule>

# X-Content-Type nosniff
<IfModule mod_headers.c>
Header set X-Content-Type-Options nosniff
</IfModule>

# Extra Security Headers
<IfModule mod_headers.c>
Header set X-XSS-Protection "1; mode=block"
Header always append X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
</IfModule>

# Strict-Transport-Security security header
<IfModule mod_headers.c> 
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" 
</IfModule>
### X-Security Headers ###

 

 

Block bad bots in .htaccess file in cPanel / WordPress / Apache

Add below code in .htaccess file
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^.*(adscanner|AhrefsBot|archive.org_bot|Baiduspider|BehloolBot|bingbot|BLEXBot|coccocbot-image|coccocbot-web|compatible|contxbot|DotBot|DuckDuckGo-Favicons-Bot|DuckDuckBot|Exabot|facebot|facebookexternalhit|Slurp|GrapeshotCrawler|houzzbot|MJ12bot|MojeekBot|Nimbostratus-Bot|PaperLiBot|PlurkBot|Seekport|SemrushBot|SEOkicks|SeznamBot|stagefright|SurdotlyBot|Sogou|TinEye-bot|YaK|YandexBot|YandexImages).*$ [NC]
RewriteRule .* - [F,L]

List of Bots which you have just blocked
adscanner
AhrefsBot
archive.org_bot
Baiduspider
BehloolBot
bingbot
BLEXBot
coccocbot-image
coccocbot-web
contxbot
DotBot
DuckDuckGo-Favicons-Bot
DuckDuckBot
Exabot
Slurp
GrapeshotCrawler
houzzbot
MJ12bot
MojeekBot
Nimbostratus-Bot
PaperLiBot
PlurkBot
Seekport
SemrushBot
SEOkicks
SeznamBot
stagefright
SurdotlyBot
Sogou
TinEye-bot
YandexBot
YandexImages
Exabot
istellabot