[wp-hackers] protecting wp-content/plugins ?

James Davis james at freecharity.org.uk
Thu Aug 16 14:14:02 GMT 2007


Ozh wrote:

> I wonder: how come there is no blank index.html file sitting in
> wp-content/plugins ? This is such a trivial thing to do that I suspect
> there must have been some ruling against it by the past (although I
> cannot really see any reason why one shouldnt have this file)

It'd be a nasty hack, hiding what is really an issue with the web
server's configuration.  If you think this is an issue you will almost
certainly want to address it across everything and not just WordPress.

This risks of allowing directory indexing might be something to mention
in the documentation if it's not already but that's all I think it needs.

James

-- 
http://www.freecharity.org.uk/ - Free IT services for charities
http://www.freecharity.org.uk/wiki/ - The VCSWiki


More information about the wp-hackers mailing list