How To Disable PHP Execution Using The .htaccess File?

htaccess disable php execution

Do you have any doubt that your website may get hacked due to lack of the security levels? To improve the security of your website, you should take some serious steps. In this post, I am going to tell you how can you disable PHP execution using the .htaccess file.

We all know that in a WordPress directory there are many files consisting of the PHP codes. The hackers try to create a backdoor using those PHP codes. To secure those scripts, you should stop PHP execution htaccess file.

The .htaccess Prevent PHP Execution By Running A Code.

You should know that the .htaccess file is very useful to secure your website. Though there isn’t the 100% surety that your website won’t get hacked after adding the code. It just an improved level of the security for your website. You can compress your website’s HTML and XML files using the GZIP.

You can disable the directory browsing using this file. If your website gets hacked then you should check this file to find any malicious code. The .htaccess prevent PHP execution so that the hackers won’t able to access those files. For all these things, you should know how to edit .htaccess file.

Basically, the wp-content,  wp-includes folders have the PHP codes. As you know that in the wp-content folder all the plugins and themes are stored which are coded in PHP.

If you don’t want others to access those PHP codes then you should disable the execution by adding a simple code in the .htaccess file. The code goes like this:-

<Files * .php>

deny from all


If you don’t have the .htaccess file then you can create it again. Just click on the new file, name it .htaccess and place this code on that file and upload it to the WordPress root directory. If you run multiple websites then make sure that you upload the file in the right folder of your website.

Improve The Security and Stop PHP Execution htaccess file?

No one wants to get his/her website hacked. Though you can recover your website after a hack. But why would you take chances? You should know the possible vulnerabilities to fix them. I am sure you won’t let that happen with your website.

The code should be added in the file so that the htaccess disable PHP execution for all the PHP codes present in your WordPress directory. It’s good to take a positive step towards the improvement.

If you liked the article, you can connect with us on Twitter, LinkedIn, and Facebook.

by Ravi Chahar

A WordPress Professional and the LinkedIn Influencer. A coder by passion and a blogger by choice. WordPress theme development is his forte. He is your WordPress guy who will teach you how to solve WordPress errors, WordPress security issues, design issues and what not.

Get Free Updates Into Your Inbox

Learn Everything Just Like I Did


Leave a Reply

Your email address will not be published. Required fields are marked *