How to Stop Access to Sensitive Files of Your WordPress Website? [EASY GUIDE]☑️

Today in this tutorial you will learn how to secure and harden your WordPress website by denying the access to sensitive files of your WordPress. As you know, WordPress has some sensitive files, which can break the whole website, it’s essential to secure such files. Core files like .htaccess, wp-config.php, and more play a vital role.

The wp-config.php is responsible for making a connection between your website’s data and its database, and if something goes wrong, your site can’t remain intact. But before getting started it’s necessary to back up your whole website and its database. Having a backup secures you from losing your data, and you can restore it anytime you want.

Follow the steps to Secure the Most Important WordPress Core Files:

Step::1 Login to cPanel and search for the File Manager icon.

Step::2 Next you need to open the public_html folder, where all of your core files and folders are available.

Step::3 Search for the .htaccess file and right-click to Edit.

If you don’t find the .htaccess file, you have go to Settings at the top-right corner of the screen, and check to box to display hidden files.

Once you click on the Edit option, a popup displays, from which you need to click on the Edit button to authenticate that you are sure about editing the .htaccess file.

Step::4 You need to copy and paste the code given below

<FilesMatch "^.*(error_log|wp-config.php|php.ini|.[hH][tT][aApP].*)$">
    Order deny,allow
    Deny from all
    </FilesMatch>

Step::5 Click on Save Changes and Close the file.

Knowing the importance of all sensitive files is very essential for a WordPress user. So, be prepared to have the backup and secure such files using .htaccess. I hope, it’s an easy task.

The End! should you have any inquiries, we encourage you to reach out to the Vercaa Support Center without hesitation.