Protect the wp-content Folder of Your WordPress Website
Today’s lesson will teach you how to safeguard your WordPress website’s wp-content folder in a few simple steps. So let’s get this party started!!
Step::1 Login to your cPanel account and open the File Manager under Files.
![Protect the wp-content Folder](https://encodebyte.com/pseefeds/2023/04/Screenshot_1613-300x180-1.png)
Step::2 Open the root directory/public_html
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1614-262x300-1.png)
Search for wp-content, click to open
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1615-300x268-1.png)
Step::3 The folder consists of many directories from which, you need to open the uploads folder.
Also See: Enable Two Factor in cPanel
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1616-300x185-1.png)
The UPLOADS directory has all the media files of your WordPress website. You can see the arrangement after opening it.
Step::4 Here you have to create a new file, click on +File showing at the top-left corner of the main navigation menu of cPanel.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1617-300x227-1.png)
Step::5 A popup appears, which require you add the file name. Make sure you don’t forget the dot as a prefix of the .htaccess file.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1620-300x150-1.png)
You can see the path of your wp-content/uploads directory. For now, click on the Create New File button.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1621-300x147-1.png)
Step::6 Refresh the page, and you can see the .htaccess file. As always, you need to right-click to edit it.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1622-300x230-1.png)
A new tab appears to you. You can see an empty file because it’s just a text file, unlike the main .htaccess file, it doesn’t contain the rewrite rules.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1624-300x168-1.png)
Step::7 Add the code given below
# Kill PHP Execution
<Files ~ ".ph(?:p[345]?|t|tml)$">
deny from all
</Files>
Step::8 Click Save Changes button and close the file.
![How to Protect the wp-content Folder of Your WordPress Website](https://encodebyte.com/pseefeds/2023/04/Screenshot_1625-300x183-1.png)
This code will stop PHP execution in wp-content/uploads directory.
How to Reset WordPress Admin Password from Softaculous?