« Two Web Analytics Software for Desktop
Give Error 404 to your plugins folder »

I know what plugins you are running

June 4, 2008, 7:43 am

If you run a Wordpress based blog, try something like this:
http://yourdomain/wp-content/plugins/

(replace “yourdomain” with your blog domain name)

plugins

Did you see what I see. Everybody can see what plugins you are running.

You can also Google for the name of some of the famous plugins. Google will display many open Wordpress based blog plugins directory.

So what is wrong if others can see them?

Usually you will use some third party plugins. Most of use did right? Either we are too lazy to write our own plugin, or we just don’t know how to.

That is the problem. You don’t know how secure the plugins that you are using. Maybe there is some bug found, but you are to lazy to update it to the recent version.

Hence, exposing the plugins that you are running may exposed you to some attack.

As a conclusion, hide the plugins folder.

If you liked this post, these other posts might also be interesting to you:

Spread/Promote this post.

Digg | Del.icio.us | Stumble | Y! MyWeb | Y! Buzz | Fave It! | Reddit
Tags: ,
Category: Blog Tips, WordPress  |  Comment (RSS)  |  Trackback

7 Comments

  1. KNizam:

    eh how to hide ek ? hehe :)

    June 4, 2008, 11:10 pm

  2. selinap.com:

    Read this article to hide the plugins folder.

    Give Error 404 to your plugins folder

    June 4, 2008, 11:12 pm

  3. hanep:

    what if i put an index.html to the dir? izzit work? CHMOD 775

    June 5, 2008, 1:43 am

  4. selinap.com:

    hanep: if you do it this way, you have to put into all folder the index.html file

    June 5, 2008, 2:00 am

  5. MobileAnswers:

    simple create a text file called index.php upload it to the plugins folder. That way people will see a blank file when they load it.

    June 5, 2008, 6:58 am

  6. selinap.com:

    MobileAnswers: like hanep, you have to repeat the job for other folders. Very messy.

    One more thing, I don’t think that it is nice to give a blank page to the reader. A nice 404 message would be nice though.

    Hide your plugins folder technique.

    June 5, 2008, 10:39 am

  7. Give Error 404 to your plugins folder | Selinap:

    [...] To leave furtively and stealthily. Skip to content HomeAboutContactArchivesSitemap « I know what plugins you are running How to save parking space [...]

    June 16, 2008, 9:10 am

Leave a comment