[wp-hackers] protecting wp-content/plugins ?

Sam Bauers sam at viveka.net.au
Fri Aug 24 18:20:57 GMT 2007

On 25/08/2007, at 3:23 AM, Alan J Castonguay wrote:

> In the case of WP, there is no point in scanning for directly- 
> requestable exploitable plugins. An attacker don't need to know  
> whether an exploit exists before attempting it. Hiding direct file  
> access does not make you any more or less secure.

That all depends on what the exploit does, but rather than debate the  
benefits of this method perhaps we can just leave it on the table for  
anyone that wants to use it. I was just trying to provide a complete  
solution to the original question, i.e. "How do I hide my plugins?".

  Sam Bauers

  sam at viveka.net.au

More information about the wp-hackers mailing list