Two changes to the .htaccess that are easy to implement and will improve the security of PHP websites.
If you have subdomains that you would like to restrict access to and they are running a PHP site. You can use the .htaccess file to allow or deny access.
A very uncomplicated way is if you have a particular site that you would like to ringfence why not just reduce access to it to one location… Your home..
<RequireAny> require ip x.x.x.x require ip y.y.y.y </RequireAny>
You can also use this to allow or block entire countries
Block a country from your site
And if you would like to find out the IP address range required to block you can find that here.
The nice thing about this is that it works on subdomains. Using the CPANEL file manager just go into the subdomain find the htaccess file and block accordingly.
And
Force all of your pages to use HTTPS. To do this you will need to modify your .htaccess file (or create one if it doesn’t exist)
Using the Code Editor in the file manager, add these lines to the beginning of the .htaccess file
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]