Questions about .htaccess code (3)

  • Resolved Robert Eichhorn

    (@robert-eichhorn)


    3 years, 2 months ago

    I’ve found examples of .htaccess code to (1) block the include-only files by using RewriteRules, and (2) restrict PHP file execution in the /wp-includes/ directory by using Order Allow, Deny. I presume that the code using the RewriteRules is put in a .htaccess file in the root directory. The code using the Order Allow, Deny is put in a .htaccess file in the /wp-includes/ directory. I would like to know if the codes are going to accomplish the same function and/or different functions. And which code do you suggest using to restrict PHP file execution in the /wp-includes/ directory?

    Example (1)
    # Block the include-only files
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^wp-admin/includes/ – [F,L]
    RewriteRule !^wp-includes/ – [S=3]
    RewriteRule ^wp-includes/[^/]+\.php$ – [F,L]
    RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F,L]
    RewriteRule ^wp-includes/theme-compat/ – [F,L]
    </IfModule>

    Example (2)
    # Restrict PHP File Execution (in the /wp-includes/ directory)
    <Files *.php>
    Order Allow, Deny
    Deny from all
    </Files>

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Questions about .htaccess code (3)’ is closed to new replies.