Low prio request: Can we prevent direct access to PHPPHP PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. http://php.net/manual/en/intro-whatis.php. files in the wp-content directory?
I originally noticed this for wp-themes.com. @dd32 suggested to return “a 403 for ^http://wp-themes.com/wp-content/(.+).php$ but the rest of wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ could benefit of the same restriction.