WordPress.org

Ready to get started?Download WordPress

Forums

[Urgent] How to protect wp-content folder and other directory folders inside? (11 posts)

  1. Tri-Fusion
    Member
    Posted 7 years ago #

    I just check my blog on google and it shows up wp-content/plugins ... I can access to every plugin files and folder via google search engine.

  2. Chris_K
    Member
    Posted 7 years ago #

    Seems like you want to disable directory browsing on your server.

  3. Tri-Fusion
    Member
    Posted 7 years ago #

    I want to set wp-content and other folder insid of it to 403 but don't know how :-(

  4. Andrew Ozz
    WordPress Dev
    Posted 7 years ago #

    Umm, .htaccess hack for unknown/not local referrers? But you will have to open access to your main theme's folder. It still can break stuff tho...

  5. Tri-Fusion
    Member
    Posted 7 years ago #

    I don't know how shoemoney and problogger can do it

    http://www.shoemoney.com/wp-content/plugins

    http://www.problogger.net/wp-content/plugins

    If visitor able to access to your themes folder then he/she can rip your themes

  6. Chris_K
    Member
    Posted 7 years ago #

    Seems like you want to disable directory browsing on your server.

  7. vkaryl
    Member
    Posted 7 years ago #

    Can't you simply add this line:

    options -indexes

    into your .htaccess file? [Keep in mind that if that works for you, the stuff that's already showing up in google will be there a while yet. Not sure what google's age-out timeframe might be....]

  8. kellwych
    Member
    Posted 7 years ago #

    Can't you simply add this line:

    options -indexes

    yes. yes you can. thanks vkaryl, i heart you. you've saved me from even MORE hours of running in circles - researching that is.

    -

  9. whooami
    Member
    Posted 7 years ago #

    for clarification on a dredged up 3 month old post, what handy said not once, but twice. is exactly what options -indexes does. Creating a situation where a 403 occurs would cause everything within wp-content/ to be unaccessible. By unaccessible, I mean your themes wouldn't work, your plugins wouldn't work, administering your plugins and themes wouldn't work.

    You cannot do that.

  10. ssor
    Member
    Posted 7 years ago #

    Sorry for my ignorance, but where can the .htaccess file be found? Is it within the .htmaster folder? I have a file called .ok_user.

    Ssor

  11. whooami
    Member
    Posted 7 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic