How To Disable Execution of PHP Files in Specific WordPress Directory

avatar
Published: Jul 09, 2017 - Updated: Mar 16, 2022

To improve your WordPress security, you need to disable the execution of PHP files. In this article, we will learn how to disable PHP file execution using .htaccess.

First, create a .htaccess file. Write this 4 lines of code to your .htaccess file to disable PHP execution. Then upload this file to three directories of your WordPress site.

  • wp-includes
  • wp-content/uploads
  • wp-content

You can use File Manager or FTP to upload the .htaccess file.

.htaccess
<Files *.php>
Order allow,deny
Deny from all
</Files>
Read all security tips and tricks about WordPress: The Powerful WordPress Security Guideline – Simple Tricks

Comments

No comments yet…