Limited offer: Get 50% OFF on monthly VPS Hosting plans!

How to Disable PHP Execution in WordPress Directories

Estimated reading time: < 1 min

Most of the times, hacked WordPress sites usually have backdoor files. These backdoor files are often disguised as core WordPress files and are placed in /wp-includes/ or /wp-content/uploads/folders.

An easy way to improve your WordPress security is by disabling PHP execution for some WordPress directories.

How to Disable PHP Execution in WordPress Directories

Create a blank .htaccess file and paste this code inside it:

<Files *.php>
deny from all
</Files>

Then upload this file to /wp-content/uploads/ and /wp-includes/ directories.

That’s it!

Don’t forget that ChemiCloud’s infrastructure supports WordPress out of the box. If you’d like to experience top speed and reliability and have access to amazing WordPress Experts, try our WordPress hosting30 days for free!

Was this article helpful?
No 0