WordPress.org

Ready to get started?Download WordPress

Forums

wp-includes and .htaccess (2 posts)

  1. finid
    Member
    Posted 1 year ago #

    Trying to clean up a site after a hack, so was looking through the wp-includes folder and found a .htaccess file with this in it:

    <Files *.php>
    deny from all
    </Files>
    <Files wp-tinymce.php>
    allow from all
    </Files>

    Is it supposed to be in that direcotry or should I be worried?

    TIA

  2. bc1121
    Member
    Posted 1 year ago #

    The top entry is good. It is probably from your Sucuri plugin if you or your security guy didn't put it there yourself. I also am recovering from a hack. Mine has the same entry plus one more. I found your post trying to answer the same question for myself.

    * Don't forget to check your file permissions!

    <Files *.php>
    deny from all
    </Files>
    <Files wp-tinymce.php>
    allow from all
    </Files>
    <Files ms-files.php>
    allow from all
    </Files>

Topic Closed

This topic has been closed to new replies.

About this Topic