Hello, my wp is updated, but from time to time someone inject spam php script or such malicious things into my WP structure. usually into wp themes folders or upload folder or plugins folder. i wish to prevent execution of such scripts by .htaccess <Files *.php*> deny from all </Files> so i want to ask which wordpress folders require execution rights, so which folders i need to exclude from adding this htaccess. thanks