[WordPress] 403 forbidden error

本文适用于当你打开自己的WP网站时, 遇到下面的问题: 



打开WP-Content 文件夹, 里面会有这个web.config 文件, 原本是不应该有的.里面的code就是禁止访问这个folder里面的所有的.php文件: 

其实以.php为后缀的文件, 不管里面是什么内容, 都是按照.php来处理的.

  <system.webServer>
    <rewrite>
      <rules>
            <clear />
            <rule name="SQL Injection" stopProcessing="true">
                <match url="^.*\.php.*$"/>             
                <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
            </rule></rules>
    </rewrite>
  </system.webServer>

2> Below is the solution :  

Yes, it shows 403 forbidden error for some requests on your WordPress site. That is because : Due to WordPress always hacked , Our system auto detect and put a web.config file within
WP-Content to prevent request .php file in this folder.There are 2 solutions for you:
1> Use other Themes which needn't to call .php file in that way ;
2> Comment the Rewrite rule in WP-Content/web.config file. But please note that by this way , you will need to take care of your site and set the proper permission on your folders.
We always suggest you to set your WP folder permissions to read Only to prevent hacking.

3> You can login into server/your computer  , touch in the web.config file in WP-content folder , set the property of this file to read-only.

.. Please remember that : 

是设置文件属性为只读, 不是文件权限.