security issue? files to delete after install?
-
I haven’t seen anything in the readme that comes with wp about deleting “unneccessary” files after you successfully installed wp.
I figured it might be a good idea to delete the following files that can be run by anyone typing in the url. Please correct me if I am wrong:
wp-admin/install.php
wp-admin/install-helper.php
wp-admin/upgrade.php (anyone can launch this, even here on wordpress.org/development/…)
wp-admin/upgrade-functions.php
wp-admin/import*.php
I guess you could alternatively secure the wp-admin folder with a .htaccess file.
Or maybe I am wrong and these files do not pose a security risk by being freely accessible?
cheers
ai
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘security issue? files to delete after install?’ is closed to new replies.