2 Simple Steps to Hide Wordpress Info and Better Secure Your Site.
26 Jan
Posted by SE as Plugins, Security
|
Email This Post
|
Print This Post
Each wordpress version has it’s known vulnerabilities. It’s a good practice to show as little info about your site installation as possible.
You don’t want to make your site an easy target. right?
Well, ideally you should always upgrade to the latest version, but to be honest a lot of us put this at the end of their to do list and might never get it done.
David Kierznowski of blogsecurity.net lately released a simple plugin to hide your wordpress installation version number.
The no version plugin is a simple plugin that will replace the version number with blanks, so anyone doing a view “page source” from the browser on your site will not be able to see your wordpress version.
Click here to read more and download it.
Another tip is to disable directory browsing to your plugin directory.
To check it out do a http://yourdomain.com/wp-content/plugins ( where yourdomain.com the domain of your site) and hit enter.
If you see your plugins files, then you have a security issue.
Here is how to fix it:
Go to your plugin directory in your file manager, and create a . htaccess file if there is no one.
Add the following line:
# disable plugin directory browsing
Options -Indexes
Go back and TEST. You should be fine now.
If you need any help, don’t hesitate to contact me.
Last Related Posts
Web Hosting
- Simple Steps to Upload Your Files to the Web Without FTP software?
- 40 Free Blog Hosts For You
- Does tdothost.com offer Server Side Includes (SSI)?
- .ME domains, a Great Investment to Consider.
- Hosting Service Interruption.
- I am receiving tons of e-mails. What can I do about it?
- What you Ought to Know About Fantastico?
- Now You Can Have a Web Presense with only a Fraction of the Cost.
- Is Affordable Hosting for me?
- Hello World from Tdot-Blog.com
Wordpress
- How Can You Easily Setup a Secure Wordpress Blog?
- Wordpress 2.5.1 has an Important Security Fix For 2.5 Users
- WordPress 2.5 released, are you ready?
- E-Book: Easy Steps You Should Follow to Secure Your WordPress Site
- 48 And More Ways to Use WordPress
- WordPress 2.3.3 has an 'Urgent Security Update'
- Chance to Win a Free Block Magazine Wordpress Theme
- 7 Key Features Your WordPress Blog should Never Miss.
- Beware downloading Wordpress Themes.
- BlogSecurity Guest blogger
Most Commented
- 6 Simple Steps to Change Your Table Prefix in Wordpress (11)
- Testimonials (10)
- How to prevent your Wordpress Site from being SQL Injected (9)
- E-Book: Easy Steps You Should Follow to Secure Your WordPress Site (9)
- Hosting Service Interruption. (8)
- How to deny access to your wp-config.php file under WordPress installation (7)
- BlogSecurity Guest blogger (5)
- Wordpress Plugin to make your Posts deliver Voice (3)
- Is Affordable Hosting for me? (3)
- Beware downloading Wordpress Themes. (3)
2 Responses
David
March 16th, 2008 at 9:49 am
1I just placed an index.html in the plugin folder. What is the advantage of the .htaccess file you describe?
David’s last blog post..Wordpress Backup
Sherif
March 16th, 2008 at 6:18 pm
2Hi David
Thanks for asking.
Since some plugins can be vulnerable, and hence present a risk to your site, it’s advisable not to show what plugins you have.
Placing an index.html is a good idea too, but don’t leave your plugin directory without doing anything to it.
RSS feed for comments on this post · TrackBack URI
Leave a reply
Welcome ...
My name is Sherif Elsisi and on this blog I will share my knowledge, discovery and experience with hosting issues, Webmaster tools and resources.
About Me | Free blog setup | Affordable Web Hosting
Categories
Archives
Links
Sponsors
Calendar
Most Popular Posts
Latest Posts
Your Testimonials
News Headlines
Article Headlines