Uploads folder is the most attack target in WordPress Website. How to prevent PHP Execution in Uploads folder?

Prevent php Execution in Uploads Directory with .htaccess

Create .htacces file in uploads folder and write this command inside:

<Files *.php>
deny from all

Test .htaccess

You can create simple php file in uploads folder like phpinfo or other:

echo "hanya test";

Now, try to load your php file trough browser. You must see 403 Forbidden Error