1. Home
  2. Applications Management
  3. WordPress
  4. How to Disable PHP Execution in WordPress Directories

How to Disable PHP Execution in WordPress Directories

Most of the times, hacked WordPress sites usually have backdoor files. These backdoor files are often disguised as core WordPress files and are placed in /wp-includes/ or /wp-content/uploads/folders.

An easy way to improve your WordPress security is by disabling PHP execution for some WordPress directories.

How to Disable PHP Execution in WordPress Directories

Create a blank .htaccess file and paste this code inside it:

<Files *.php>
deny from all
</Files>

Then upload this file to /wp-content/uploads/ and /wp-includes/ directories.

That’s it!

Don’t forget that ChemiCloud’s infrastructure supports WordPress out of the box. If you’d like to experience top speed and reliability and have access to amazing WordPress Experts, try our WordPress hosting30 days for free!

Updated on June 29, 2019

Was this article helpful?

Related Articles

Do you still need help?
Get amazingly fast Support from our Happiness Engineers!
Submit Ticket