[wp-trac] [WordPress Trac] #62055: Put index.php into Public folder on the root directory
WordPress Trac
noreply at wordpress.org
Mon Sep 16 07:45:12 UTC 2024
#62055: Put index.php into Public folder on the root directory
-------------------------+-----------------------------
Reporter: sourav926 | Owner: (none)
Type: enhancement | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
Now we are writing `ABSPATH` constant existence check everywhere to
protect files from direct access.
But we can make a public (or any name) folder in the root and put the
index.php (/public/index.php) file in the folder. That way only index.php
file can be directly accessed. And we'll be able to remove `ABSPATH`
constant existence check from files.
**What about backward compatibility?**
Well, at the beginning we can keep both /index.php and /public/index.php
files for one or more year(s) and keep telling users, and hosting
providers to point their servers to the public folder. Then we can remove
the index.php and also constant checks from files.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62055>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list