The following is something I was going to share with only my newsletter subscribers, but it’s important enough that everyone should know about it.
Did you know that by default, WordPress will reveal all of the plugins you use (free AND paid) to anyone who looks at
Talk about a pain! Not only is it a security hazard…
Hackers who know of plugin vulnerabilities can scan to see how easy it is to break into your blog
But it also lets people STEAL your plugins as well (you’d be shocked how many plugin zips I’ve seen over the past 48 hours, simply by looking for unprotected plugin directories).
Luckily, the fix for this is quite simple!
Just upload a blank index.html file into your plugins directory (and themes directory as well) and all should be well.
But wait! An opportunity arises as well!
You can also display something like:
Halt! Thou Art Not Allowed Here!
But I invite you to visit my blog whenever you’d like. 🙂
WordPress Plugin Page Enhancement by Barbara Ling
Check out how that works at my plugins directory.
You can grab that index.html page over at plugins-index.txt . Just open that file, copy and paste the contents into a blank index.html, and upload that to your wp-content/plugins directory
(note! if your blog is at /blog or /news or what have you, you’ll have to modify the final destination place).
Thus, do yourself a favor and check out if your WordPress blog is flaunting itself to the Internet at large….if to, clothe it today! Your blog safety will thank you for it.
Like this post? Please feel free to tell your friends and Digg It – I very much appreciate your time!