Hiding Installed Plugins For Security Reason

August 25, 2008 | Filed under: Tips | Author: armand

Do you know that we can see the lists of what plugins have been installed in our wordpress blo? Visitors can see them all by accessing http://www.wpblogname.com/wp-content/plugins. There’s a nice tips I’ve just read and it’s very simple to implement.

Log in to your blog cpanel and upload a blank file named index.php or index.html into your plugins directory. The blank file may contain some code like this:

<?php

?>

Don’t forget to save the file as index.php or index.html. From now on, when someone try to access the URL above, they will see only a blank page, nothing will be displayed. This tip is for security reason only. So, people won’t see what plugins are installed.

There’s also a good idea to redirect it to our blog homepage, then the code will be like this:

<?php

header(”Location:http://www.wpblogname.com/”);

?>

If you want some more privacy, you can also upload this file into wp-content/themes and wp-content/uploads directory with the same results. I’ve found this in a few professional wordpress blogs. We can see the list of themes installed under the themes folder and a list of uploaded files under uploads folder. It’s not a good thing to show it to everyone, right.

That’s all.

Follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

Related Entries

6 Responses to “Hiding Installed Plugins For Security Reason”

  1. Brad Blogging.com - Personal Blog Tips And Blog Help Says:

    Thanks for the link love :)

    Glad you liked the post!

    I didn’t think of PHP code for my example..

    Brad Blogging.com - Personal Blog Tips And Blog Helps last blog post..Weekend Wordpress Security Tip: Restrict Your Wp-Admin

  2. armand Says:

    Yup, thanks for the post. I also didn’t think about that hole.

  3. James Mann Says:

    Good tip. I try to email people when I see a folder showing it’s innerds like that.

    I have preached putting an index file in folders but every once in a while I catch myself forgetting to do it so I am glad when I get contacted letting me know I missed it.

    Keep the tips comin’

  4. armand Says:

    Thanks for the feedback James.

  5. Brad Blogging.com - Personal Blog Tips And Blog Help Says:

    Subscribed to your feed.. Keep the good updates comin!

    Brad Blogging.com - Personal Blog Tips And Blog Helps last blog post..Create A “Sidenotes” Section On Your Sidebar

  6. Armand Says:

    @Brad Blogging: Thank you very much.

    Armands last blog post..Deadline Comes Crazy?

Leave a Reply

Ads
Recent Visitors
Blog Helper
About
Armansyah Tjogong, is the founder of ArmandBook.com. He has been starting to write a blog since 2007 with his first blog to share his experiences and now he is seriously maintaining this blog while experimenting for a better blogging.