• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

JUST BRIGHT ME

Makes WordPress and SEO Easier

  • Start Blog
  • Blogging
  • SEO
  • WordPress Guide
Home » WordPress Guide » How to Disable PHP Execution in WordPress for Maximum Security

How to Disable PHP Execution in WordPress for Maximum Security

Written by AMAN SINGH

Recently one of our users asked how to disable PHP execution in WordPress easily.

Certain WordPress directories such as Uploads or Themes or Plugins are writable by default. But unfortunately, this type of permission makes your site vulnerable to hacker attacks.

Hackers can take advantage of this function and upload backdoor access files or malware scripts to your WordPress website or blog. These malicious files are probably disguised as core WordPress files. They are mostly written in PHP and can run in the background to gain full access to your site or even destroy your website.

But do not worry you can fix it easily.

In this article, I will show you how to disable PHP execution in WordPress using the .htaccess file.

Note: Take a backup of your site before modifying the files. A single mistake can break your site or cause other problems. Backup can revert to a working copy of your site.

  • Disabling PHP Execution in Certain WordPress Directories Using .htaccess
    • Final Thought

Disabling PHP Execution in Certain WordPress Directories Using .htaccess

Since the .htaccess file is found in the root folder of WordPress sites. But you can also create and use it inside your certain WordPress directories to disable PHP execution.

Simply create a .htaccess file and upload it to your site’s /wp-includes/ and /wp-content/uploads/ folders.

You can use Notepad (TextEdit on Mac). Save the file as .htaccess and paste the code below in it:

<Files *.php>
deny from all
</Files>

After creating your file .htaccess file, upload it to /wp-includes/ and /wp-content/uploads/ folders. You can upload it using an FTP client or via the File Manager (cPanel dashboard).

After uploading the .htaccess file with this code, it will disable PHP Execution from these directories.

Final Thought

Here I told you how to disable PHP execution in WordPress site manually. It makes your WordPress security harden, but can not work for an already hacked WordPress site.

If you want to use the plugin to disable it, you can use the security plugin like Sucuri or All In One WP Security & Firewall Plugin.

More resources:

  • WordPress Security Tips 2019: Secure WordPress Website from Hackers
  • 13 Best Security Plugins for WordPress 2019

I’ve done it, and now it’s your turn! Find this article helpful? Don’t forget to share!

About AMAN SINGH

AMAN SINGH, who owns JustBrightMe, is a full-time blogger and loves sharing content on WordPress, SEO & Blogging Tips.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Blog’s Popular Post

How To Increase Website Traffic in 2021 (54 Working Methods)

The Ultimate On-Page SEO Techniques

Best Autoptimize Settings Updated

Fix Submitted URL marked ‘noindex’ in Google Search Console Tool

How to Protect Your Website from Negative SEO

76 Best Free Responsive Blogger Templates

Rank Math SEO VS Yoast SEO Comparision

650+ High Domain Authority Sites to Get Dofollow Backlinks

How to Transfer SBI Account from One Branch to Another Branch

16 Free Ways to Promote Your Website

Blog’s Recent Post

How to Change Name in Aadhar Card Online

How To Get Free Domain For Your Website

20 Ways How to Speed Up WordPress Site

How to Change Mobile Number in SBI

How to Unlock a PUK Blocked Sim Card

How to Remove Image Background Online in One Click

How to Block SBI ATM Card

How to Disable Windows Defender in Windows 10

How to Make Windows 10 Faster

How to Turn off Windows 10 Update Permanently

Footer

SEO Guides

  • Learn SEO: A Beginner’s Guide to SEO
  • 40 Google Ranking Factors
  • How to Create Quality Backlinks
  • How to Improve Google Ranking
  • 23 Best On-Page SEO Techniques
  • How to Keyword Research for SEO
  • 29 Most Common SEO Mistakes to Avoid
  • How to Increase Domain Authority
  • Image SEO Tips You Need to Know
  • Keyword Density in SEO
  • Internal Linking for SEO
  • How to Protect Website from Negative SEO

WordPress Guides

  • How to Create a Blog on WordPress
  • Top 25 Must-have WordPress Plugins on Every Blog
  • 34 Best SEO Friendly WordPress Themes
  • 42 Most Common WordPress Mistakes to Avoid
  • How to Speed Up WordPress Site
  • 19 Essential Settings After Installing WordPress
  • 57 Best Responsive WordPress Themes
  • Top 41 Fast Loading WordPress Themes
  • How to Scan WordPress Site for Malware

Useful Guide

  • How To Increase Website Traffic (54 Working Methods)
  • A Complete Guide to Google Search Console
  • 20 Ways How to Reduce Bounce Rate
  • 46 Killer Blogging Tips for Beginners
  • How to Become a Successful Blogger
  • 50 Best SEO Tools (Ultimate List)
  • 16 Free Ways to Promote Your Website
  • 11 Best Blogging Platforms to Launch a Blog in 2020
  • How to Update Old Blog Posts (and Why You Should)

© 2021 · JUST BRIGHT ME

  • About us
  • Privacy Policy
  • Sitemap