How To Disable Execution of PHP Files in Specific WordPress Directory

Last modified on March 20, 2019 23 sec read

To improve your WordPress security, you need to disable the execution of PHP files. In this article, we will learn how to disable PHP file execution using .htaccess.

First, create a .htaccess file. Write this 4 lines of code to your .htaccess file to disable PHP execution. Then upload this file to three directories of your WordPress site.

  • wp-includes
  • wp-content/uploads
  • wp-content

You can use File Manager or FTP to upload the .htaccess file.

.htaccess
<Files *.php>
Order allow,deny
Deny from all
</Files>
Read all security tips and tricks about WordPress: The Powerful WordPress Security Guideline – Simple Tricks

Monthly Newsletter

One email a month, packed with the latest tutorials, delivered straight to your inbox.
We'll never send any spam or promotional emails.
Author

Hey, I'm Md Obydullah. I build open-source projects and write article on Laravel, Linux server, modern JavaScript and more on web development.

Follow