Security – Prevent Directory Browsing

This entry is part 1 of 4 in the series WordPress Security

By default, most hosts allow directory listing. Because there are a standard set of directories in a WordPress installation, the hacker can go directly to the directory inside your site and see all of the files in that directory. This is definitely a security risk, because a hacker could see the last time that files were modified and access them.

This is a simple but important problem to fix. You have three options:

  1. Place an empty file in each directory with the name INDEX.HTML or INDEX.PHP
  2. If you are using an Apache webserver, modify your .htaccess file
  3. Use a Security plugin (see the end of the series for suggestions)


VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
Series NavigationSecurity – Proper WordPress Installation >>