How to Stop Access to Sensitive Files of WordPress site in cPanel

This guide explains how to stop access to sensitive files of WordPress site in cPanel.

Let us follow the steps:

1. Log in to cPanel.
2. Select the “File Manager” sub-option, under the “Files” section.
   
3. Open “public_html” folder, where all your important files are available.
   
4. Search for the “.htaccess” file and right-click to “Edit”.
   
5. If you do not find the .htaccess file, click on the “Settings” option on the top right corner. As soon as you click on the settings button, a pop up window will open up. Check in the “Show Hidden Files (dotfiles)” option and click on the “Save” button.
   
6. Now, as soon as you click on the “Edit” button to an .htaccess file, you will head towards a new page. Copy paste the below outlined code there-
   <FilesMatch “^.*(error_log|wp-config.php|php.ini|.[hH][tT][aApP].*)$”>
   Order deny,allow
   Deny from all
   </FilesMatch>
   
7. Finally, click on the “Save Changes” button.
   

This way, you can stop access to sensitive files of WordPress site in cPanel. Now, when someone tries to access the protected directory, they will be prompted to enter the username and password you created. This adds an extra layer of security to your WordPress site and helps protect your sensitive files from unauthorised access.