Getting 403 error after disable PHP execution in .htaccess file.

So, when you disabled PHP execution in some directories by adding those lines to your .htaccess file, you inadvertently blocked access to PHP files, including those needed for your WordPress admin. That’s why you’re seeing that 403 Forbidden error when trying to log in.

WordPress relies heavily on PHP files to run, including those used for admin access. When you deny access to all PHP files in your .htaccess file, it locks down everything, even the files necessary for logging into your admin dashboard.

To fix this, you’ll want to take a more targeted approach to disable PHP execution. Instead of blocking access to all PHP files, you should only block access to specific directories or files that you want to protect.

You can achieve this by specifying the directories or files you want to block, rather than using the wildcard (*) to block all PHP files. For example:

This would only block access to the “admin.php” file, leaving other PHP files untouched and allowing your WordPress admin to function properly.

Give that a try and see if it resolves the issue. And remember, always double-check your changes to ensure they don’t inadvertently block access to essential files or directories. If you need further assistance, feel free to ask!

3 Comments

bluesix says:
May 8, 2024 at 7:21 am
“Some directory”?? Be specific.
And read the official guide: https://developer.wordpress.org/advanced-administration/security/hardening/
Honestly, there isn’t any need to do that. WordPress is very secure **if** you keep everything up to date at all times. Not doing that will get you hacked, regardless of whatever pseudo-security you implement.
hippotwat says:
May 8, 2024 at 7:23 am
It’s secure as can be now.
ConstructionClear607 says:
May 8, 2024 at 7:26 am
So, when you disabled PHP execution in some directories by adding those lines to your .htaccess file, you inadvertently blocked access to PHP files, including those needed for your WordPress admin. That’s why you’re seeing that 403 Forbidden error when trying to log in.
WordPress relies heavily on PHP files to run, including those used for admin access. When you deny access to all PHP files in your .htaccess file, it locks down everything, even the files necessary for logging into your admin dashboard.
To fix this, you’ll want to take a more targeted approach to disable PHP execution. Instead of blocking access to all PHP files, you should only block access to specific directories or files that you want to protect.
You can achieve this by specifying the directories or files you want to block, rather than using the wildcard (*) to block all PHP files. For example:
<Files admin.php>
deny from all
</Files>
This would only block access to the “admin.php” file, leaving other PHP files untouched and allowing your WordPress admin to function properly.
Give that a try and see if it resolves the issue. And remember, always double-check your changes to ensure they don’t inadvertently block access to essential files or directories. If you need further assistance, feel free to ask!

porto_merged_resources folder

Specify Browser to Use WP-CLI wp admin Command