WP-Safety

Htaccess File Editor – Safely Edit Htaccess File Security & Risk Analysis

wordpress.org/plugins/wp-htaccess-editor

A safe & simple htaccess file editor with automatic htaccess backups & htaccess file syntax testing.

40K active installs v1.73 PHP 5.2+ WP 4.0+ Updated Dec 3, 2025
file-editorhtaccesshtaccess-editorhtaccess-filehtaccess-file-editor
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Htaccess File Editor – Safely Edit Htaccess File Safe to Use in 2026?

Generally Safe

Score 100/100

Htaccess File Editor – Safely Edit Htaccess File has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5mo ago
Risk Assessment

The "wp-htaccess-editor" plugin, version 1.73, demonstrates a generally strong security posture based on the provided static analysis. It boasts a minimal attack surface with only two AJAX handlers, neither of which are exposed without authentication. Furthermore, the complete absence of vulnerable SQL queries, critical taint flows, and a clean vulnerability history are significant strengths. The plugin also incorporates good practices like nonces and capability checks, and a high percentage of its outputs are properly escaped, reducing the risk of cross-site scripting (XSS) vulnerabilities.

Key Concerns

  • Several outputs are not properly escaped
  • File operations present a potential risk
  • External HTTP requests are a potential risk
Vulnerabilities
None known

Htaccess File Editor – Safely Edit Htaccess File Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Htaccess File Editor – Safely Edit Htaccess File Release Timeline

v1.73Current
v1.72
v1.71
v1.70
v1.67
v1.66
v1.65
v1.60
v1.55
v1.5
v1.3.0
v1.2.0
v1.1.1
v1.1.0
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 16, 2026

Htaccess File Editor – Safely Edit Htaccess File Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
9
24 escaped
Nonce Checks
3
Capability Checks
6
File Operations
3
External Requests
1
Bundled Libraries
0

Output Escaping

73% escaped33 total outputs
Attack Surface

Htaccess File Editor – Safely Edit Htaccess File Attack Surface

Entry Points2
Unprotected0

AJAX Handlers 2

authwp_ajax_wp_htaccess_editor_dismiss_noticewp-htaccess-editor.php:81
authwp_ajax_wp_htaccess_editor_do_actionwp-htaccess-editor.php:82
WordPress Hooks 12
actionadmin_initwf-flyout\wf-flyout.php:27
actionadmin_enqueue_scriptswf-flyout\wf-flyout.php:73
actionadmin_headwf-flyout\wf-flyout.php:74
actionadmin_footerwf-flyout\wf-flyout.php:75
actionadmin_menuwp-htaccess-editor.php:79
actionadmin_enqueue_scriptswp-htaccess-editor.php:80
actionadmin_action_wp_htaccess_editor_install_wp301wp-htaccess-editor.php:83
filterplugin_row_metawp-htaccess-editor.php:86
filteradmin_footer_textwp-htaccess-editor.php:87
filtersafe_style_csswp-htaccess-editor.php:1063
filtersafe_style_csswp-htaccess-editor.php:1344
actionplugins_loadedwp-htaccess-editor.php:1533
Maintenance & Trust

Htaccess File Editor – Safely Edit Htaccess File Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 3, 2025
PHP min version5.2
Downloads812K

Community Trust

Rating100/100
Number of ratings102
Active installs40K
Alternatives

Htaccess File Editor – Safely Edit Htaccess File Alternatives

Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file

Htaccess File Editor – Easily Edit, Backup, Restore .htaccess file

htaccess-file-editor

A
99

Simple editor htaccess file without using FTP client.

10K 2 CVEs
Simple Redirect Manager

Simple Redirect Manager

simple-redirect-manager

A
92

The ideal plugin to setup 301 or 302 redirects without editing your .htaccess file.

10 No CVEs
WP Peon

WP Peon

wp-peon

A
85

An helper plugin for getting work done quickly from admin panel.

10 No CVEs
Redirection

Redirection

redirection

A
97

Manage 301 redirects, track 404 errors, and improve your site. No knowledge of Apache or Nginx required.

2.0M 5 CVEs
WPIDE – File Manager & Code Editor

WPIDE – File Manager & Code Editor

wpide

A
95

WPIDE is a powerful file manager and code editor for WordPress with tabs, code completion, and full access to the entire wp-content folder.

40K 4 CVEs
Developer Profile

Htaccess File Editor – Safely Edit Htaccess File Developer Profile

WebFactory

28 plugins · 3.5M total installs

78
trust score
Avg Security Score
98/100
Avg Patch Time
699 days
View full developer profile
Detection Fingerprints

How We Detect Htaccess File Editor – Safely Edit Htaccess File

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wp-htaccess-editor/css/wp-htaccess-editor.css/wp-content/plugins/wp-htaccess-editor/js/wp-htaccess-editor.js/wp-content/plugins/wp-htaccess-editor/js/codemirror/lib/codemirror.js/wp-content/plugins/wp-htaccess-editor/js/codemirror/mode/apache/apache.js/wp-content/plugins/wp-htaccess-editor/js/codemirror/lib/codemirror.css/wp-content/plugins/wp-htaccess-editor/js/codemirror/theme/elegant.css
Script Paths
/wp-content/plugins/wp-htaccess-editor/js/wp-htaccess-editor.js
Version Parameters
wp-htaccess-editor/css/wp-htaccess-editor.css?ver=wp-htaccess-editor/js/wp-htaccess-editor.js?ver=wp-htaccess-editor/js/codemirror/lib/codemirror.js?ver=wp-htaccess-editor/js/codemirror/mode/apache/apache.js?ver=wp-htaccess-editor/js/codemirror/lib/codemirror.css?ver=wp-htaccess-editor/js/codemirror/theme/elegant.css?ver=

HTML / DOM Fingerprints

CSS Classes
wp-htaccess-editor-wrapwp-htaccess-editor-editor-wrapwp-htaccess-editor-main-contentwp-htaccess-editor-page-titlewp-htaccess-editor-content
Data Attributes
data-wp-htaccess-editor-actiondata-wp-htaccess-editor-nonce
JS Globals
wp_htaccess_editor_data
FAQ

Frequently Asked Questions about Htaccess File Editor – Safely Edit Htaccess File