[wp-hackers] protecting wp-content/plugins ?
Sam Bauers
sam at viveka.net.au
Fri Aug 24 18:20:57 GMT 2007
On 25/08/2007, at 3:23 AM, Alan J Castonguay wrote:
> In the case of WP, there is no point in scanning for directly-
> requestable exploitable plugins. An attacker don't need to know
> whether an exploit exists before attempting it. Hiding direct file
> access does not make you any more or less secure.
That all depends on what the exploit does, but rather than debate the
benefits of this method perhaps we can just leave it on the table for
anyone that wants to use it. I was just trying to provide a complete
solution to the original question, i.e. "How do I hide my plugins?".
--------------------------------------------------------------
Sam Bauers
sam at viveka.net.au
--------------------------------------------------------------
More information about the wp-hackers
mailing list