每个人都可以轻松访问我的wp,包括如何隐藏或不让用户看到文件有人能帮我吗这是我的wordpress网站链接看到每个人都可以看到https://pifserver.ml/wp-includes
Wp includes access control
1 个回复
最合适的回答,由SO网友:Lucien Dubois 整理而成
考虑到您有一台Apache服务器,请在中使用此完整代码。htaccess文件:
# Block the include-only files.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
作为奖励,我还要补充以下内容:<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>