Problem scenario
You go to your website's domain, and you find the info.php page displays like this:
www.acme.com/info.php
This is a security concern. You are using WordPress. How do you hide it?
Solution
1. Copy your .htaccess file. Keep a backup.
2. Make a modified copy that is separate.
3. Outside the WordPress section (e.g., after the "# END WordPress" section), enter this (but replace "1.2.3.4" with your own IP address):
Order Deny,Allow Deny from all Allow from 1.2.3.4
4. Save the .htaccess file.
5. Upload the .htaccess file but keep the original unmodified file as a backup.