Corrupt .htaccess file

The question:

My site was running well last summer. But today when I tried to make updates in the wp-admin section, I got lots of 403 errors on all PHP files: load-styles, load-scripts, edit.php, media-new.php, etc… The interesting thing is that the front-end of my site has no problems.

Screenshot:

Corrupt .htaccess file

  1. I’ve read a few articles suggesting I disable plugins. I tried it, but it does not fix anything.
  2. Then I tried deleting my .htaccess file, and this does fix the wp-admin section, but it breaks the front-end, and now I get 403 errors on the homepage! It’s like I can only get one or the other. After about 5 minutes, WordPress automatically creates a new .htaccess file, and we’re back to square one.

What permissions and settings should I set on .htaccess so I can run both my front-end and wp-admin sections without 403 Forbidden errors? This is what it looks like now:

<FilesMatch ".(py|exe|php)$">
 Order allow,deny
 Deny from all
</FilesMatch>
<FilesMatch "^(about.php|radio.php|index.php|content.php|lock360.php|admin.php|wp-login.php)$">
 Order allow,deny
 Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

The Solutions:

Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.

Method 1

You appear to be denying access to PHP files, which would explain why you are denied access to PHP files:

<FilesMatch ".(py|exe|php)$">
 Order allow,deny
 Deny from all
</FilesMatch>

What is the purpose of this?


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Comment