Can't improve security of WP

Hi, I have a little/big problem :) with improve security of WP. I would like to use .htaccess file with this content:

<FilesMatch "\.(php)$">
    deny from all
    allow from localhost
</FilesMatch>

This file allow run .php files from localhost only. But if I am using this, BeTheme doesn't work correctly. It show only HTML page without any CSS and JS.
Please how can I fix it?

Comments

  • Hi,

    this is not possible to do what you need. Our theme uses dynamic css (css files with .php extension) and this won't work.

    Thanks for understanding.
  • Why other multipurpose themes, that use dynamic CSS too ( yes, use .php for generate css) ,  works with .htaccess file fine?
    I think, if you use .php files for dynamic CSS, they can run from localhost... there is not any need for running "out of localhost".
    All Wordpress use .php files, plugins use .php files and works with .htaccess restriction.

    I think, you could debug and find what files are loading "out of localhost" and fix it... otherwise BeTheme is very poor in security and I will be very unhappy.
    Security should be on first place! Thanks for thinking about this.
  • We can promise that we'll think about it while future updates.
Sign In or Register to comment.