I have a question regarding the hardening of my wordpress + nginx setup.
I see a lot of websites advise to block php execution in the uploads folders since users can upload files to that location. But let’s say there is a vulnerability in a theme and/or plugin. Since the wp-content folder is owned by the web process user (to upload new plugins and themes). It can (in theory) upload a malicous php file anywhere in the wp-content folder. Not just in the uploads folder. And since the php execution block is only active for the uploads folder - they can still execute their script and do bad stuff.
So i was wondering why you almost never read that people advise to block (direct) php execution of a file in any of the sub directories of wp-content. I mean the themes & plugins are all included locally instead of being accessed directly so that will still work.
Am i overlooking something? Ifso, can you please explain what?
Thanks in advance!