WordPress.org

• Extend Home
• Plugins
• Themes
• Mobile
• Ideas
• Kvetch!

Stop directory listing by default

1. NickDC
   Member

   12345

   Currently, a default installation of WordPress allows the /wp-content/plugins/ and /wp-content/themes/ folders to be listed in the web browser.

   Please could WordPress include a blank index.html file in these and other affected folders by default? It could help prevent malicious visitors discovering and exploiting plugins and themes that are known to be vulnerable.

   Posted: 3 years ago #

2. RogueHand
   Member

   12345

   Just makes good sense. Otherwise it's like buying a new car without seat belts.

   Posted: 3 years ago #

3. Stephanie Leary
   Member

   This was done a version or two ago, and now all directories contain an empty index.php file.

   Posted: 1 year ago #

RSS feed for this topic

Topic Closed

This topic has been closed to new replies.