RewriteEngine Off on wp-admin?

  • What do you guys think of this?

    If you want to avoid this specific sort of attack, what you can do is add .htaccess files to wp-admin/, wp-content/, wp-includes/, etc. which turn off URL rewriting (“RewriteEngine Off”). This will then serve a generic 404 instead of having WordPress handle the request

    Will this break anything? Is this advisable? Would I copy exactly what’s on the home and paste it into each of those folders while turning off RewriteEngine?

    Thoughts?

  • The topic ‘RewriteEngine Off on wp-admin?’ is closed to new replies.