WordPress.org

Ready to get started?Download WordPress

Forums

Acunetix Secure WordPress
[Plugin: Secure WordPress] Insecure: readme.html/license.txt (2 posts)

  1. hm2k
    Member
    Posted 2 years ago #

    Software such as Nikto looks for files such as readme.html and license.txt to identify wordpress.

    + /readme.html: This WordPress file reveals the installed version.
    + OSVDB-3092: /license.txt: License file found may identify site software.

    The readme.html is an obvious target because it contains the version number of the wordpress install.

    Sure I could rename them to obscure them, but what's the point of a "secure" plugin when it doesn't even cover the basics?

    Sure I could delete these files, but what I want to keep them for my reference?

    Plus it's likely that they will be restored when WordPress updates itself.

    http://wordpress.org/extend/plugins/secure-wordpress/

  2. WebsiteDefender
    Member
    Posted 2 years ago #

    This issue has been addressed by the other security plug-in provided by WebsiteDefender: WebsiteDefender WordPress Security (http://wordpress.org/extend/plugins/websitedefender-wordpress-security/)

    Best Regards,
    Costin T.

    (plug-in dev)

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic