Millions of us have used Wordpress at least once and I'm sure a lot of us know the structure of a typical website created with the software. Simple intrusions such as viewing important .php files in directories is common so here is some basic .htaccess code to stop this from happening as well as a little extra to stop hackers gaining access to certain locations.
This will block the viewing any file on your site beginning with "hta".
<Files ~ "^.*\.([Hh][Tt][Aa])"> order allow,deny deny from all satisfy all </Files>
Replace the IP with your own and it will only accept that for the access of the admin folder of the website.
order deny,allow allow from 192.168.1.254 (Replace IP) deny from all
This must be added to its own .htaccess file in the content folder and will block any file not listed in the 'Files' from being shown, thus protecting important files such as .php and more.
Order deny,allow Deny from all <Files ~ ".(jpe?g|png|gif)$"> Allow from all </Files>
You can ban any user you want via adding them to this code in the .htaccess file. Multiple users can be added as shown below.
<Limit GET POST> order allow,deny deny from 192.168.1.254 deny from 184.108.40.206 allow from all </Limit>