Support Center Visit Demo License manager Buy @ envato

Can't improve security of WP

neridevneridev
in General info & installation
Hi, I have a little/big problem :) with improve security of WP. I would like to use .htaccess file with this content:

<FilesMatch "\.(php)$">
    deny from all
    allow from localhost
</FilesMatch>

This file allow run .php files from localhost only. But if I am using this, BeTheme doesn't work correctly. It show only HTML page without any CSS and JS.
Please how can I fix it?

Comments

  • AlbertAlbert
    Hi,

    this is not possible to do what you need. Our theme uses dynamic css (css files with .php extension) and this won't work.

    Thanks for understanding.
    Learn more: Video Tutorials | How To | FAQ Vote on what comes next
  • neridevneridev
    Why other multipurpose themes, that use dynamic CSS too ( yes, use .php for generate css) ,  works with .htaccess file fine?
    I think, if you use .php files for dynamic CSS, they can run from localhost... there is not any need for running "out of localhost".
    All Wordpress use .php files, plugins use .php files and works with .htaccess restriction.

    I think, you could debug and find what files are loading "out of localhost" and fix it... otherwise BeTheme is very poor in security and I will be very unhappy.
    Security should be on first place! Thanks for thinking about this.
  • AlbertAlbert
    We can promise that we'll think about it while future updates.
    Learn more: Video Tutorials | How To | FAQ Vote on what comes next
Sign In or Register to comment.