Users can browse through the WordPress directories from browser. You can prevent this access from .htaccess using a simple line of code.
So, anyone can access the files and attacks against possible vulnerabilities in the plug-ins are possible if WordPress directory access from browser is not prevented.
It is not funny to show all the things you have in your server.
---
Prevent WordPress directory access from .htaccess
Open to the htaccess in your root directory and add the following line:
# Prevents directory listing Options -Indexes
Singular and plural differs greatly enough to show 404 error!
Bonus tips to prevent WordPress directory access
Some WordPress Security plugins can also prevent the WordPress directory access from browser. But, the users (or better to say hackers) will see a blank White page instead of Forbidden page which we will get by tweaking the .htaccess.
About Abhishek Ghosh
Here’s what we’ve got for you which might like :
Additionally, performing a search on this website can help you. Also, we have YouTube Videos.
Take The Conversation Further ...
We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!
If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.
Contact Us