Recently one of our users asked how to disable PHP execution in WordPress easily.
Certain WordPress directories such as Uploads or Themes or Plugins are writable by default. But unfortunately, this type of permission makes your site vulnerable to hacker attacks.
Hackers can take advantage of this function and upload backdoor access files or malware scripts to your WordPress website or blog. These malicious files are probably disguised as core WordPress files. They are mostly written in PHP and can run in the background to gain full access to your site or even destroy your website.
But do not worry you can fix it easily.
In this article, I will show you how to disable PHP execution in WordPress using the .htaccess file.
Note: Take a backup of your site before modifying the files. A single mistake can break your site or cause other problems. Backup can revert to a working copy of your site.
Brief Descriptions of The Content
Disabling PHP Execution in Certain WordPress Directories Using .htaccess
Since the .htaccess file is found in the root folder of WordPress sites. But you can also create and use it inside your certain WordPress directories to disable PHP execution.
Simply create a .htaccess file and upload it to your site’s /wp-includes/ and /wp-content/uploads/ folders.
You can use Notepad (TextEdit on Mac). Save the file as .htaccess and paste the code below in it:
<Files *.php> deny from all </Files>
After creating your file .htaccess file, upload it to /wp-includes/ and /wp-content/uploads/ folders. You can upload it using an FTP client or via the File Manager (cPanel dashboard).
After uploading the .htaccess file with this code, it will disable PHP Execution from these directories.
Here I told you how to disable PHP execution in WordPress site manually. It makes your WordPress security
If you want to use the plugin to disable it, you can use the security plugin like Sucuri or All In One WP Security & Firewall Plugin.
- WordPress Security Tips 2019: Secure WordPress Website from Hackers
- 13 Best Security Plugins for WordPress 2019
I’ve done it, and now it’s your turn! Find this article helpful? Don’t forget to share!