Lock Down Your WP Blogs!

Tony Hung has a tremendous reminder / tip / must-do if you’re running a blog on WordPress:

If you’re running WordPress, unless you’ve already locked down your Wp-content folder with some .htaccess fixes, you may not notice that your Wp-content/plugins folder is naked and bare to the world. That is, navigate to http://www.yourblogname.com/wp-content/plugins and you may find a directory listing of your plugins folder, files and all. How do you fix it? Easy. Just upload an empty index.html into the wp-content/plugins folder and its all fixed.

(Via Deep Jive Interests.)

Leave a Reply