[wp-trac] [WordPress Trac] #4760: Add default index.php to
wp-content/plugsin to avoid directory listing
WordPress Trac
wp-trac at lists.automattic.com
Thu Aug 16 14:45:45 GMT 2007
#4760: Add default index.php to wp-content/plugsin to avoid directory listing
----------------------+-----------------------------------------------------
Reporter: zamoose | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.3 (trunk)
Component: Security | Version: 2.3
Severity: normal | Keywords: security directory-listing
----------------------+-----------------------------------------------------
As per a thread started by Ozh on wp-hackers, it would be a good idea to
include a default index.php in [source:trunk/wp-content/plugins] ala the
one included in [source:trunk/wp-content] in order to prevent unwanted
listing of the plugins directory. Preventing this will preclude attackers
from gaining insight into potentially flawed plugins that could compromise
the security of a WP-powered blog.
--
Ticket URL: <http://trac.wordpress.org/ticket/4760>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list