# Rename to .htaccess and place inside wp-content/uploads/.
# Prevents an uploaded PHP payload from executing.

<FilesMatch "\.(?:php[0-9]?|phtml|phar)$">
  Require all denied
</FilesMatch>

Options -Indexes
