Silence is golden

Silence is golden

Silence is golden


Is your new WordPress plugin secure? Did you see the small 30 byte size only index.php file in such WordPress folders as wp-content, wp-content/themes? It is placed there by WordPress developers for the security reason. The explanation is obvious: if somebody input in his browser the URL like
http://www.yourblog.com/wp-content/plugins/
he could not see the full folder content, its subfolders and files list. Of course there are some other methods to hide directory list from visitors, for example it can be done with .htaccess directive but this (empty index.php file) way is the most simple and straightforward one.
Some of WordPress plugins developers ignore this issue and don’t put such empty index.php file into theirs plugins folders and subfolders.
It is highly recommended that you check this file presence at the new installed plugin folder and its subfolders after every new WordPress plugin installation. Put this index.php file

<?php
// Silence is golden.
?>

there yourself if plugin’s author missed it.
I made a plugin to make this job automatically. You can read about it at Silence is Golden Guard WordPress Plugin. Download link is available there also.

Tags: , ,