Uploads folder is the most attack target in WordPress Website. How to prevent PHP Execution in Uploads folder?

Prevent php Execution in Uploads Directory with .htaccess

Create .htacces file in uploads folder and write this command inside:

<Files *.php>
deny from all

Test .htaccess

You can create simple php file in uploads folder like phpinfo or other:

echo "hanya test";

Now, try to load your php file trough browser. You must see 403 Forbidden Error


I am Freelance Web Developer at Bestariweb Studio, and Linux System administrator at Bestariweb Hosting, Living in Tangerang, Banten, Indonesia.

Write A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.