To prevent unauthorized scanning of backup files, scripts, etc.  Add this to your WordPress htaccess file:

RewriteEngine On
RewriteRule \.php~$ – [forbidden,last]

The second line above should go right under the first line as shown.

This will prevent index.php~ from displaying in URLs increasing security on your WordPress site.

As always, make a local backup of your files before editing so that you can make easy corrections of things don’t work out as planned.

Need WordPress web hosting?