This weekend a friend of mine had her website hacked and inspired me to research into the security breaches in wordpress websites. I found out something very surprising.
Type into your browser http://www.YOURDOMAIN.com/wp-content/plugins/ - replacing the words YOURDOMAIN with your actual url.
If you see a list of all your plugins then so can any hacker! Some plugins are vulnerable to hacks - and you don’t want alert these mostly malicious computer users to the fact that you may have one installed.
The same holds true for themes http://www.YOURDOMAIN.com/wp-content/themes
Delete all unused plugins and themes and visit Jerry Leventer, the wordpress solutions expert’s blog for an elegant fix to this problem.
If you enjoyed this post, make sure you subscribe to my RSS feed!
1 response so far ↓
1 Jerry Leventer // Feb 12, 2008 at 1:55 am
Thanks for the referral, Katherine. It’s always a pleasure working with you in finding these types of solutions.
Leave a Comment