Skip to content

111 Recipes

How to disable manual uploading of WordPress themes and plugins in Apache 2.4

<LocationMatch "^/wp-admin/update.php">
  <If "%{QUERY_STRING} =~ /.*action=upload-(plugin|theme).*/">
    Require all denied
  </If>
</LocationMatch>

How to add exceptions for trusted IP addresses:

<LocationMatch "^/wp-admin/update.php">
  <If "%{QUERY_STRING} =~ /.*action=upload-(plugin|theme).*/">
    Require all denied
    Require ip 192.0.2.1
    Require ip 192.0.2.2
  </If>
</LocationMatch>