I have tried the rewrite rule above but I've just found out that it only works if the file name is explicitly written.
If I have such .htaccess file inside a folder named /uploads, it would prevent someone trying to access
but they would still be able to access //example.com/uploads/
and it would show them the index.php file.
I believe the only way to prevent this would be to completely disable the PHP file execution inside de folder but I didn't find a way to do it.
Is there a way to disable PHP execution inside specific directories?
I've tried to create a context and got the same result: if I use /wp-contents/uploads/ as the context, file uploads stop working.
If I use /wp-contents/uploads/*.php, file uploads work fine, I cannot access /wp-contents/uploads/index.php but /wp-contents/uploads/ still show me index.php.