WordPress.org

Ready to get started?Download WordPress

Forums

How to check others can access my public_html folder? (3 posts)

  1. Bluemad
    Member
    Posted 1 year ago #

    Hello!

    I like to know, how do I know others can or can't access and read my public_html folder contains some sensitive files? Such as "htaccess", wp-config.php" files?

  2. kjodle
    Member
    Posted 1 year ago #

    Well, "public_html" is just that: public. It has to be readable so that people can actually see your blog.

    However, individual files within that folder can have different permissions. For example, when I try to view my own .htaccess file, I get this message:

    Access forbidden!

    You don't have permission to access the requested object. It is either read-protected or not readable by the server.

    If you think this is a server error, please contact the webmaster.
    Error 403

    php files generate static html files, so anyone trying to access it will only get the html that it generates. They will not be able to get to the actual file itself. When I try to view my own wp-config.php file, it just displays a blank screen, because that page doesn't generate any html.

    Of course, anyone with a little knowledge and access to Google can figure out how to hack a site and get at that information. That's why you have to take steps to protect your WordPress installation. But with regard to the files you've mentioned above, no they are not accessible through a web browser.

  3. Bluemad
    Member
    Posted 1 year ago #

    Hello kjodle!

    Yes, if I paste my .htaccess I got "Access forbidden!" If i try to view WP-config files, it shows blank web page.

    Thanks Kjodle!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.