Restrict access to wp-includes file

Share on facebook
Share on google
Share on twitter
Share on linkedin

For WordPress in particular, the majority of website breaches result from unpatched versions and vulnerable from plugins, another common hack is from WordPress data exposure. For example, Directory Browsing.

It is imperative to restrict access to your wp-includes.php file. Hackers can exploit files in your directory to reveal files with known vulnerabilities and gain unauthorized access.

Simply, add this code to your .htaccess document to restrict access to your wp-includes.php file.# Block wp-includes folder and files

RewriteEngine On

RewriteBase /

RewriteRule ^wp-admin/includes/ – [F,L]

RewriteRule !^wp-includes/ – [S=3]

RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]

RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]

RewriteRule ^wp-includes/theme-compat/ – [F,L]

What Are Your Thoughts? Leave a Reply :)

About Me

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Recent Posts

Follow Us

Weekly Tutorial

Tips on Hacking Digital Business Growth

Reserve A Consultation