• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar

JustBrightMe

Be Smart and Don’t Stop Learning

  • Best Apps
  • How To
  • Banking
  • Make Money
  • Story
Home » WordPress Guide » How to Disable PHP Execution in WordPress for Maximum Security

How to Disable PHP Execution in WordPress for Maximum Security

July 1, 2019 by AMAN SINGH Leave a Comment

Recently one of our users asked how to disable PHP execution in WordPress easily.

Certain WordPress directories such as Uploads or Themes or Plugins are writable by default. But unfortunately, this type of permission makes your site vulnerable to hacker attacks.

Hackers can take advantage of this function and upload backdoor access files or malware scripts to your WordPress website or blog. These malicious files are probably disguised as core WordPress files. They are mostly written in PHP and can run in the background to gain full access to your site or even destroy your website.

But do not worry you can fix it easily.

In this article, I will show you how to disable PHP execution in WordPress using the .htaccess file.

Note: Take a backup of your site before modifying the files. A single mistake can break your site or cause other problems. Backup can revert to a working copy of your site.

Brief Descriptions of The Content

  • Disabling PHP Execution in Certain WordPress Directories Using .htaccess
    • Final Thought

Disabling PHP Execution in Certain WordPress Directories Using .htaccess

Since the .htaccess file is found in the root folder of WordPress sites. But you can also create and use it inside your certain WordPress directories to disable PHP execution.

Simply create a .htaccess file and upload it to your site’s /wp-includes/ and /wp-content/uploads/ folders.

You can use Notepad (TextEdit on Mac). Save the file as .htaccess and paste the code below in it:

<Files *.php>
deny from all
</Files>

After creating your file .htaccess file, upload it to /wp-includes/ and /wp-content/uploads/ folders. You can upload it using an FTP client or via the File Manager (cPanel dashboard).

After uploading the .htaccess file with this code, it will disable PHP Execution from these directories.

Final Thought

Here I told you how to disable PHP execution in WordPress site manually. It makes your WordPress security harden, but can not work for an already hacked WordPress site.

If you want to use the plugin to disable it, you can use the security plugin like Sucuri or All In One WP Security & Firewall Plugin.

More resources:

  • WordPress Security Tips 2019: Secure WordPress Website from Hackers
  • 13 Best Security Plugins for WordPress 2019

I’ve done it, and now it’s your turn! Find this article helpful? Don’t forget to share!

Related Posts

Filed Under: WordPress Guide Tagged With: Website Security, WordPress Guide

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Published

What Is Google Task Mate and How to Earn Money From It

11 Best Scratch Earning Apps: Scratch and Earn Money 2023

23 Ways How to Earn Money in India as a Student 2023

29 Best Refer and Earn Apps 2023

How to get free Bitcoins instantly 2023

13 Apps to Get Money to Watch Videos 2023

How to Earn in Dollars in India 2023

How To Earn Money From Google 2023

8 Highest Paying PPD Sites to Earn Money 2023

Top 7 PTC Sites In India To Earn Money 2023

© 2015–2023 · JustBrightMe | All Rights Reserved · About us · Privacy Policy · Sitemap