We are facing so many cases of wordpress hacks now a days. It is observed that most of them are related to mail scripts in upload folder for spam mailing and some of them are related to database hacks. I have done some R&D on them and found solution for both the issues. We need to follow these instructions make our work secure and effective.

Disable PHP Execution in Some WordPress Directories

It is an easier way to improve your WordPress security is by disabling PHP execution for some WordPress directories.

Create a blank .htaccess file and paste this code inside it:

<Files *.php>
deny from all
</Files>

Now upload this file to your /wp-content/uploads/ and /wp-includes/ directories.

Protect Your WordPress Configuration wp-config.php File

The most important file in our WordPress website’s root directory is wp-config.php file. It contains almost all required information about our WordPress database. To protect your wp-config.php file from unathorized access, simply add this code to your .htaccess file:

<files wp-config.php>
order allow,deny
deny from all
</files>

May be few of us are aware of these tricks but make it your general practice is more important. It will enhance the security of our websites and make our work more effective.