Support » Plugin: WP Hardening - Fix Your WordPress Security » Urgent Confirmation of file added

  • Resolved tinpeas

    (@tinpeas)


    Hi Guys

    Does your plugin put an index.php file inside the wp-includes folder?

    I think it does but Wordfence is listing this as a high priority issue.

    I installed the plugin last night on 5 sites and now I have this warning.

    A confirmation of this would be greatly appreciated.

    Thanks in advance.

    Cheers

    Gary

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter tinpeas

    (@tinpeas)

    I have found that by turning off the “Hide Directory Listing of WP includes” the index.php file is removed.

    Interestingly though the plugin does seem to stop some Wordfence scans from completing. Turning off the plugin and then doing the scan again seems to resolve the issue. Does this mean however that Wordfence is unable to complete its automatic scanning with the plugin enabled?

    Plugin Contributor Ananda Krishna

    (@wizak)

    Hi Gary,

    Yes, the current version of the plugin places an index.php file inside the wp-includes folder to prevent directory listing.

    We’re in the process of re-implementing this feature such that directory listing is fixed by adding Options -Indexes to the .htaccess file, rather than creating multiple index.php files.

    Can you try to run the WordFence scans, after disabling the ‘Disable WP API JSON’ security fixer within the WP Hardening settings?

    Thanks,
    Ananda

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Urgent Confirmation of file added’ is closed to new replies.