[wp-hackers] Forum Post

Stefano steagl at people.it
Mon May 23 17:38:03 GMT 2005


Il Mon, 23 May 2005 11:36:13 -0500, Michael Hampton
<error10 at gmail.com> scrive:

>Hm, and I was just reading something about how WordPress doesn't take
>security seriously. And this is such a simple fix, too... Options
>-Indexes in .htaccess, for instance. A blank index.html or something
>for those sites where .htaccess won't work.

I would like to read it too, I didn't see any serious exploit in WP
code till now (i mean in 1.5.x) the serious bugs were related to
funtionality not security.

I agree that adding a blank index.php in dirs that have not to be
readable is an easy thing to do, on other front (.htaccess) it's
really technical, depending a lot by the web server setup etc, the
average user will probably get lost making changes that turn the
installation totally unasable. Better let this to web hosting help
desk ;)
-- 

Stefano Aglietti - StallonIt on IRCnet - ICQ#: 2078431
Email: steagl at people.it - steagl at despammed.com
BlogPage: http://www.40annibuttati.it/
PGP keys available on keyservers  (cripted & signed PGP mail welcome)


More information about the wp-hackers mailing list