[wp-trac] [WordPress Trac] #23394: Remove version from readme.html / Upgrade core doesn't restore the file
WordPress Trac
noreply at wordpress.org
Tue Feb 5 20:40:07 UTC 2013
#23394: Remove version from readme.html / Upgrade core doesn't restore the file
---------------------------+------------------------------
Reporter: momo360modena | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: trunk
Severity: normal | Resolution:
Keywords: close |
---------------------------+------------------------------
Changes (by iandunn):
* cc: ian_dunn@… (added)
Comment:
Bulletproof Security will block access to the readme file. I think Better
WP Security will to, and perhaps Wordfence.
I actually don't have a problem with security-through-obscurity, provided
it's the first of many layers, but in this case I don't think the benefits
of hiding the version number outweigh the benefits of the readme file,
especially since it's easy to 403 the file with one of those plugins or a
custom htaccess rule.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23394#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list