PHP will still run them as usual and WordPress will work just fine...
By default subfolders within wp, The directories for uploads, themes and plugins are-content, and may be moved elsewhere.
Oh, ments in the examples on this page are here just to not fill up our logs with crap requests.
remove the statements accordingly..
This directory is by default wp-content, and you can define it to be elsewhere, e.g by simply setting WP CONTENT DIR WP CONTENT URL constants, so adjust the config accordingly. location ~* wp-content.*.php$ { deny all access log off log not found off }.
The directory may or may not be subdirectory of wp-content and may or may not have been renamed to something entirely different.
You define the constant pair WP PLUGIN DIR WP PLUGIN URL for plugins, and use the function register theme directory for themes to do so.
you can block requests to it.
it's beyond any doubt that you can not be attacked through XML-RPC if you block it entirely.
You have now reduced the public surface of your similar to standing sideways in Your vulnerable surface that attacker can hit is now much smaller...
Read more
Related items:
