[wp-trac] [WordPress Trac] #36177: default htaccess should include security measures
    WordPress Trac 
    noreply at wordpress.org
       
    Fri Dec 20 22:01:27 UTC 2024
    
    
  
#36177: default htaccess should include security measures
-------------------------+------------------------------
 Reporter:  lelutin      |       Owner:  (none)
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Security     |     Version:
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:
-------------------------+------------------------------
Comment (by azaozz):
 This ticket is about enhancing/updating the default .htaccess file in WP.
 However it seems the path disclosure/PHP fatal error by direct access to a
 file/missing ABSPATH tickets redirect here. Indeed most of these can be
 solved by updating the .htaccess rules however it is not the only way to
 fix these errors. Also seems changing .htaccess may not be 100% backwards
 compatible, and may introduce regressions in plugins.
 Perhaps all tickets about missing bootstrap/missing ABSPATH should be
 separated and fixed now while updates for .htaccess are still being
 discussed (it's been 9 years already). Don't think there is a good reason
 for WP to keep filling the server's error logs when sites are being
 scanned by bots or probed for exploits, etc.
-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/36177#comment:21>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
    
    
More information about the wp-trac
mailing list