[wp-hackers] wp-admin folder and admin-ajax.php
scribu
scribu at gmail.com
Mon Aug 9 13:54:40 UTC 2010
On Mon, Aug 9, 2010 at 4:27 PM, Gavin Pearce <Gavin.Pearce at 3seven9.com>wrote:
> Does anyone know of any plans or discussions, regarding a
> "configuration" option for moving the wp-admin folder? Is it in the
> pipeline?
>
No discussions that I'm aware of.
> Working on hardening a WordPress install for a security conscious
> client, I can't IP restrict the wp-admin folder, because admin-ajax.php
> is sometimes required by the front-end. Seems a strange idea to me!
> (Obviously ways around this, just seems a strange way of doing things -
> maybe someone can explain why?).
>
> Can't find a ticket open for either of the above, but maybe I'm being
> blind!
>
A front-end ajax handler has been proposed before:
http://core.trac.wordpress.org/ticket/12400
--
http://scribu.net
More information about the wp-hackers
mailing list