Restrict Access To WP-Includes Folder - WordPress Security & Hack Prevention | WP Learning Lab - Best Webhosting

ULTRAFAST, CHEAP, SCALABLE AND RELIABLE! WE STRONGLY RECOMMEND ACCU WEB HOSTING COMPANY

Watch Wordpress WPLearningLab Video: Restrict Access To WP-Includes Folder - WordPress Security & Hack Prevention | WP Learning Lab.
Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL
Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist
Restrict Access To WP-Includes Folder - WordPress Security & Hack Prevention | WP Learning Lab

# Block the include-only files.
(left pointy bracket)IfModule mod_rewrite.c(right pointy bracket)
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
(left pointy bracket)/IfModule(right pointy bracket)
# BEGIN WordPress

YouTube doesn't allow the pointy brackets (Shift period and Shift comma) so make sure they match what you see in the video.

In this tutorial I'm going to show you how to add a short Apache command to your .htaccess file in order to protect wp-includes folder. The code is above, so all you'll have to do is copy and paste it.

The WordPress wp-includes folder contains a lot of important scripts that your WordPress site needs to run. But NONE of those scripts need to be accessed by outside users, so we can lock this folder down.

Let's put that code into your .htaccess file and secure WordPress.

First login into your hosting account cPanel. Then find and click on the File Manager icon and choose the Document Root for the website that you are hardening. This will open the root of the website in another tab.

You can also log into the website root using FTP if you are more comfortable with that.

If you do not see a .htaccess in the website right then you can make one by clicking Add New File in the File Manager or right-clicking and choosing Create New File via File Transfer Protocol (FTP).

Open the .htaccess file and paste the code from above into it. There is no need to make adjustments to the code. Once pasted in just save the file and you're done.

Now you've done your better WordPress security for the day. Time to take a break! Or better yet, watch the next video.

I hope this information helps you! If you have any questions leave a comment below or ping me @WPLearningLab on Twitter.

--------------

If you want more excellent WordPress information check out our website where we post WordPress tutorials daily.

http://wplearninglab.com/

Connect with us:

WP Learning Lab Channel: http://www.youtube.com/subscription_center?add_user=wplearninglab

Facebook: https://www.facebook.com/wplearninglab

Twitter: https://twitter.com/WPLearningLab

Google Plus: http://google.com/+Wplearninglab

Pinterest: http://www.pinterest.com/wplearninglab/

Published: Saturday, August 10, 2019 8:43 AM
Category: Wordpress WPLearningLab

95 Views

Related Videos

WordPress Salts, Unique Keys & Database Prefix - WP Hack Prevention & Security | WP Learning Lab

by Best Webhosting Added 4 years ago 90 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist WordPress Salts, Unique Keys & Database Prefix - WP Hack Prevention & Security | WP Learning Lab In this tutorial I show you how to add WordPress unique keys and salts to your WP-Config.php file and how to change the WordPress database prefix. Both of these are import
How To Move WordPress Login Page For WordPress Security & Hack Prevention | WP Learning Lab

by Best Webhosting Added 4 years ago 81 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist How To Move WordPress Login Page For WordPress Security & Hack Prevention | WP Learning Lab In this tutorial I'm going to show you how to use the Move Login plugin to move the default WordPress login page. This will help reduce the likelihood of a successful brute for
SQL Injection Hack Explained - Better WordPress Security | WP Learning Lab

by Best Webhosting Added 4 years ago 75 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist SQL Injection Attack Explained - Better WordPress Security | WP Learning Lab #1 Biggest Security Threat Facing WordPress this year: http://bit.ly/WordPress-Security3 What is an SQL Injection? A hacker gains access to your site's database by submitting SQL commands via
Social.png (CryptoPHP) Hack Explained - Better WordPress Security | WP Learning Lab

by Best Webhosting Added 4 years ago 80 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist Social.png (CryptoPHP) Hack Explained - Better WordPress Security | WP Learning Lab #1 Biggest Security Threat Facing WordPress this year: http://bit.ly/WordPress-Security4 What is the Social.png Hack? A hacker gains access to your site when you install a theme or a p
How To Restrict Access To Areas Of Your WordPress Website

by Best Webhosting Added 4 years ago 98 Views / 0 Likes

In today’s video we take a look at how to restrict access to areas of your WordPress website. Blog post: https://www.elegantthemes.com/blog/tips-tricks/how-to-restrict-access-to-areas-of-your-wordpress-website Like us on Facebook: https://www.facebook.com/elegantthemes/
Popular
How to Restrict WordPress Site Access by IP or Logged In Users

by Best Webhosting Added 4 years ago 101 Views / 0 Likes

When you are ready to publish a new product and want to promote it with a website. You may not be ready to make it public so you can test it for errors first. In this video, we will show you how to restrict WordPress site access by IP or logged in users. If you liked this video, then please Like and consider subscribing to our channel for more WordPress videos. Text version of this tutorial: http://www.wpbeginner.com/plugins/how-to-restrict-wordpress-
Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab

by Best Webhosting Added 4 years ago 94 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist Password Protect Your WordPress Login Page - Brute Force Attack Prevention | WP Learning Lab # Password protect the wp-login.php file ErrorDocument 401 "Unauthorized Access" ErrorDocument 403 "Forbidden" (left pointy bracket)FilesMatch "wp-login.php"(right pointy brac
Popular
Change WordPress Admin Username Via MySQL - Brute Force Attack Prevention | WP Learning Lab

by Best Webhosting Added 4 years ago 101 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist Change WordPress Admin Username Via MySQL - Brute Force Attack Prevention | WP Learning Lab UPDATE wp_users SET user_login = 'Your New Username' WHERE user_login = 'Admin'; In this tutorial I'm going to show you how to change the Admin username on your WordPress accou
Joomla 3.x. How To Restrict Access To "Read More" Individually And Globally

by Best Webhosting Added 4 years ago 91 Views / 0 Likes

This tutorial is going to show you how to restrict access to "read more" individually and globally in Joomla 3.x template(s). / Subscribe Our Channel: http://goo.gl/zjoR8Z To View More Our Joomla Templates Go to Website: http://www.templatemonster.com/joomla-templates.php?utm_source=youtube&utm_medium=link&utm_campaign=jootuts230 Follow us: Facebook http://goo.gl/3yXKEu, Twitter http://goo.gl/NR5fDK, LinkedIn http://goo.gl/qDZeEO, Dribbble http://goo.
Restrict WordPress content access w/ Content Control plugin

by Best Webhosting Added 3 years ago 67 Views / 0 Likes

I was looking for a lightweight plugin to restrict access to WordPress pages and posts to logged-in users only. Content Control worked great in place of a heavy membership plugin! Get Content Control: https://wordpress.org/plugins/content-control/ Learn more: https://plugintut.com Subscribe! https://plugintut.com/subscribe Follow us! http://twitter.com/plugintut Like us! http://facebook.com/plugintut
Prevent PHP Execution In The WordPress Uploads Folder - Common Hacker Exploit | WP Learning Lab

by Best Webhosting Added 4 years ago 99 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL Download our exclusive 10-Point WP Hardening Checklist: http://bit.ly/10point-wordpress-hardening-checklist Prevent PHP Execution In The WordPress Uploads Folder - Common Hacker Exploit | WP Learning Lab # BEGIN Stop PHP Execution in Uploads Folder Order Allow,Deny Deny from all (left pointy bracket)FilesMatch "^[^.]+\.(?:[Jj][Pp][Ee]?[Gg]|[Pp][Nn][Gg]|[Gg][Ii][Ff]|[Pp][Dd]
Setup WordPress FTP Access in 6 Minutes | WP Learning Lab

by Best Webhosting Added 4 years ago 96 Views / 0 Likes

Grab Your Free 17-Point WordPress Pre-Launch PDF Checklist: http://vid.io/xqRL I hope this information helps you! If you have any questions leave a comment below or ping me @WPLearningLab on Twitter. -------------- If you want more excellent WordPress information check out our website where we post WordPress tutorials daily. https://wplearninglab.com/ Connect with us: WP Learning Lab Channel: http://www.youtube.com/subscription_center?add_user=wplearn