|  Inicio
Ayuda

WordPress Ayuda

Block PHP in directories


Verify WordPress is up-to-date Make the WordPress version private
Block PHP in directories Remove WordPress readme file
Enable DISSALLOW_FILE_EDIT in WordPress

One of the ways a site can be compromised is by PHP files being injected into your WordPress folders and executed from there. The following steps will help you block PHP files in those directories, but you will want to test your site functionality to ensure these settings are not interferring with your theme and plugins.

  1. You should always backup your site before making any changes.
  2. Log in to WordPress.
  3. Go to Sucuri Security > Settings.
  4. Click on the Hardening tab.
  5. Find the section labled Block PHP Files in Uploads Directory.
  6. If the section is red, click on the Apply Hardening button.
  7. Repeat the previous two steps for Block PHP Files in WP-CONTENT Directory and Block PHP Files in WP-INCLUDES Directory

If the section turns green, the plugin was able to enable this feature. If the section is still red, the plugin does not have permission to make this change.

More info


¿Este artículo fue útil?
Gracias por tus comentarios. Para hablar con un representante de servicio al cliente, usa el número de teléfono de asistencia técnica o la opción de chat que aparece más arriba.
¡Nos complace haber ayudado! ¿Hay algo más que podamos hacer por ti?
Lo sentimos. Cuéntanos lo que te resultaba confuso o por qué la solución no resolvió tu problema.