WordPress.org

Support

Support » Installation » Reducing Hacks?

Reducing Hacks?

  • I was just wondering … Are there any files you should remove after you install? I know a lot of other programs (like MT) suggest you remove some config files (aka the current wp-config.php and install.php) from your site after installation to prevent someone coming in and hacking or messing with your program. I’m just asking, since, although I found the installation easy and well documented, that was the one point not mentioned in the readme.html nagging me…
    BTW, sweet program … I hope I can contribute and help make the WordPress community grow.

Viewing 3 replies - 1 through 3 (of 3 total)
  • I believe WP is secure enough that no one can just rerun the files and mess up your blog. If it was not, believe me you would haev been warned!
    and I think it’s safe to remove the install/upgrade + files related to upgrading from other blogging tools. but since I upgrade to a new nightly every other day… who cares about removing these files everytime I upgrade. 🙂

    TechGnome

    @techgnome

    Moderator

    I wouldn’t recommend removing wp-config.php…. that holds your current DB & connection info…. but you could remove the wp-config-sample.php file. Anything with install or upgrade could probably be removed, as well as any docs you don’t need (or have a copy of locally).
    I basically did the samething on my site when I published it live and have not had any problems.
    TG

    Appreciate the comments … they all sound like good ideas. Wonder if some of them should be official, and included in the readme.html?
    Cheers!
    AW

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Reducing Hacks?’ is closed to new replies.