WordPress.org

Ready to get started?Download WordPress

Forums

How to fully protect a folder plugins? (3 posts)

  1. insideinside
    Member
    Posted 2 years ago #

    Dear friends,

    Is there any way to protect my plugins folder? For there is no way to know which plugins are installed on my WordPress?

    I think my blog are not as vunerĂ¡vel, I'm not expert but it is not possible to list the plugins folder simply by entering this:

    http://www.siteexample.com/wp-content/plugins

    But if I try to put it this way:

    http://www.siteexample.com/wp-content/plugins/akismet

    I can know that this plugin is installed and if I know that plugin has security flaws that could be exploited at least we know that the plugin is installed.

    Is there any way to protect direct access to wp-content/plugins folder?

    Example: When someone tries to access the folder directly from this 404 error or some other form of protection.

    The question here is totally restrict dsa way that we can not know which plugins are installed.

    Thank you for your attention.

  2. Mark (podz)
    Support Maven
    Posted 2 years ago #

    Your webhost can switch it off so when a directory is viewed that does not have an index it does not list the contents.

    You can also add a blank index file if you wish.
    Just create a file, call it index.php and upload it to the directory you are concerned about. The file doesn't have to have anything in it.

  3. insideinside
    Member
    Posted 2 years ago #

    I had found an article about putting a blank index.php but still do not think it solves.

    An example, if I try to access this address tere will answer with certainty:

    http://www.siteexample.com/wp-content/plugins/akismet/akismet.php

    There would be no way to directly access the browser when the user is redirected to a 404 page or something that protects access direct.

    Thank you for your attention.

Topic Closed

This topic has been closed to new replies.

About this Topic