Securing the WordPress Uploads Folder

Here’s a quick tip to help in securing your WordPress uploads folder from being abused by people uploading unauthorised file types.

Create a new blank file in your /wp-content/uploads/ folder called .htaccess

Add the following code:

[gist id=8143102 file=code-snippet-1.txt]

Modify line 5 and add in any file extensions that you may need to upload to your WordPress website such as pdf or mp4.