Mod rewrite rule to disallow direct acccess to files from some directory

Discussion in 'Apache' started by postcd, Oct 26, 2014.

0
  1. #1
    Hello, in wordpress is wp-includes folder, i dont want anyone just execute file from this directory so it just serve wordpress not any malicious file be executed from there,

    so i added this rule into /wp-includes/.htaccess:
    But it appears someone injected spam mailing php script into /wp-includes/js/tinymce/plugins/wplink

    So i want to ask how i need to tweak my rewrite rule so it includes all wp-includes subdirectories?

    Thank you
     
    postcd, Oct 26, 2014 IP
  2. Phat Vo

    Phat Vo Member

    Messages:
    17
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    38
    #2
    Disallow anyone access to this folder and subfolder in wp-includes ???
    Did you try Order deny allow ???
     
    Phat Vo, Nov 17, 2014 IP
  3. postcd

    postcd Well-Known Member

    Messages:
    1,043
    Likes Received:
    9
    Best Answers:
    1
    Trophy Points:
    190
    #3
    that made my wp non function properly
     
    postcd, Nov 19, 2014 IP