How to use htaccess to protect site

  • hi there

    My site was recently hacked, and I just reinstalled everything. I read that I can use .htaccess to protect my upload folder which is CHMOD 777

    https://blogsecurity.net/wordpress/article-210607

    So here’s the problem:
    I used the following code for the .htaccess file which I put in my upload folder

    Order Allow,Deny
    Deny from all
    <Files ~ “\.(css|jpe?g|png|gif|js)$”>
    Allow from all
    </Files>

    I set the CHMOD for the .htaccess file as 644. Then tried to test to see if it blocked uploads of any file other than the above specified ones. I used the media library uploader, and was able to upload ANY file type. My htaccess file did nothing to block them

    If you guys can give me a hand, that’d be great!

    Thanks!

  • The topic ‘How to use htaccess to protect site’ is closed to new replies.