Support » Installation » security issue? files to delete after install?

security issue? files to delete after install?

  • I haven’t seen anything in the readme that comes with wp about deleting “unneccessary” files after you successfully installed wp.
    I figured it might be a good idea to delete the following files that can be run by anyone typing in the url. Please correct me if I am wrong:
    wp-admin/upgrade.php (anyone can launch this, even here on wordpress.org/development/…)
    I guess you could alternatively secure the wp-admin folder with a .htaccess file.
    Or maybe I am wrong and these files do not pose a security risk by being freely accessible?

Viewing 3 replies - 1 through 3 (of 3 total)
  • There is no security risk at all by leaving everything exactly as it is uploaded.
    You can of course remove some files purely to save a small amount of disk space, but there is absolutely nothing anyone can do to your blog, or your database by leaving those files. Honest 🙂

    save a TINY amount of space! well if it doesn’t pose any risk then by all means, they may remain where they are 😀

    running upgrade file repeatedly does not harm the blog. it checks for everything before doing anything.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘security issue? files to delete after install?’ is closed to new replies.