In order to enhance the security of destroy, necessary security settings are required. This article uses Rewrite rule settings to increase website security as an example:
Rule 1:
Block dynamic files that are not extended by php, such as asp, aspx, etc., which can prevent backdoor programs with suffixes such as asp, aspx, etc. from running.
RewriteRule ^(.*)\.(asp|aspx|asa|asax|dll|jsp|cgi|fcgi|pl)(.*)$ /
Rule 2:
Block the site file directory PHP run permissions. The site's file directory has write permissions by default. When an unknown vulnerability occurs on the website, it may be written to the backdoor program. After preventing the php from running, it will not be able to run even if there is a backdoor program.
RewriteRule ^(.*)/file/(.*)\.php(.*)$ /
3.0 and below versions need to add another one
RewriteRule ^(.*)/cache/(.*)\.php(.*)$ /