To improve your WordPress security, you need to disable the execution of PHP files. In this article, we will learn how to disable PHP file execution using .htaccess.
First, create a .htaccess file. Write this 4 lines of code to your .htaccess file to disable PHP execution. Then upload this file to three directories of your WordPress site.
You can use File Manager or FTP to upload the .htaccess file.
Read all security tips and tricks about WordPress: The Powerful WordPress Security Guideline – Simple Tricks
<Files *.php> Order allow,deny Deny from all </Files>