How to prevent php file execution in WordPress Uploads Directory
Uploads Directory is the most targetted directory attack from mallware or another malicious script. If you wish to prevent PHP execution in uploads directory, you can following these steps:
Prevent php execution with .htaccess file
You can prevent php file execution with .htaccess file. Create .htaccess file and write this command:
<Files *.php> deny from all </Files>
Now, if someone try to open php file, they will get 403 forbidden error.