Here’s a quick tip to help in securing your WordPress uploads folder from being abused by people uploading unauthorised file types.
Create a new blank file in your /wp-content/uploads/ folder called .htaccess
Add the following code:
[gist id=8143102 file=code-snippet-1.txt]
Modify line 5 and add in any file extensions that you may need to upload to your WordPress website such as pdf or mp4.
Was this article helpful?
YesNo
Many thanks Wil. Your .htaccess works like a charm. 🙂