Hi, I'm using WordPress Tookit Deluxe.
I've enabled some security options but where are the security settings/ additional files added to?
For example:
"Block unauthorized access to wp-config.php"
I have manually entered the following code in the htaccess file and WordPress Tookit managed to detect that I've blocked access to wp-config.php :
# No access to wp-config.php
<Files wp-config.php>
Order allow,deny
Deny from all
</Files>
But on a separate installation, if I DO NOT manually include the snippet in the htaccess file and use the "Secure" option provided in WordPress Toolkit, I do not see the changes made in the htaccess file although it shows that the fix is applied. In other words, shouldn't I be able to SEE the above code snippet within the htaccess file?
As for security enhancements such as to "Forbid execution of PHP scripts in the wp-content/uploads directory", I would 'traditionally' be uploading a htaccess file to that directory containing this code snippet:
<Files *.php>
deny from all
</Files>
The new htaccess file isn't there when I secure the directory through WordPress Tookit although it shows that it's secured. In case someone asks, yes, I have enabled the option to "Show Hidden Files (dotfiles)" within cPanel's File Manager.
Please advise. Thank you so much in advance!
I've enabled some security options but where are the security settings/ additional files added to?
For example:
"Block unauthorized access to wp-config.php"
I have manually entered the following code in the htaccess file and WordPress Tookit managed to detect that I've blocked access to wp-config.php :
# No access to wp-config.php
<Files wp-config.php>
Order allow,deny
Deny from all
</Files>
But on a separate installation, if I DO NOT manually include the snippet in the htaccess file and use the "Secure" option provided in WordPress Toolkit, I do not see the changes made in the htaccess file although it shows that the fix is applied. In other words, shouldn't I be able to SEE the above code snippet within the htaccess file?
As for security enhancements such as to "Forbid execution of PHP scripts in the wp-content/uploads directory", I would 'traditionally' be uploading a htaccess file to that directory containing this code snippet:
<Files *.php>
deny from all
</Files>
The new htaccess file isn't there when I secure the directory through WordPress Tookit although it shows that it's secured. In case someone asks, yes, I have enabled the option to "Show Hidden Files (dotfiles)" within cPanel's File Manager.
Please advise. Thank you so much in advance!
Last edited by a moderator: