Reputation: 801
Should I use Options -Indexes with Wordpress?
I noticed that if I go to mysite.com/wp-includes/ then it shows all the files in that folder and I would like to disable it (I think that it's a security vulnerability).
After searching online I found an easy solution (adding Options –Indexes in the .htaccess file) but I'm wondering if this may cause any problems with Wordpress or with Google indexing my website?
Upvotes: 2
Views: 3394
Answers (3)
Reputation: 1
This very popular security plugin blocks directory listing by adding to htaccess file: Options -Indexes
According to this answer, this is more secure than: Options All -Indexes
Upvotes: 0
Reputation: 727
If you want to block from your Apache put this in your virtualhost:
<Directory /var/www/mysite.com/public>
Options -Indexes
AllowOverride All
Require all granted
</Directory>
Restart your apache and it is done.
Upvotes: 0
Reputation: 4161
I use that (along with plenty other htaccess security measures) with all my WordPress sites:
I use:
Options All -Indexes
In my root .htaccess file and have never had issues with either WordPress or search crawlers.
I also have an additional .htaccess file in my /uploads directory for additional security precautions. Some of it may be overkill, so your mileage may vary.
Upvotes: 3
Related Questions
- How can I sanitize user input with PHP?
- Can I install/update WordPress plugins without providing FTP access?
- Wordpress with Laravel running on subfolder
- How should I ethically approach user password storage for later plaintext retrieval?
- Hosting multiple WordPress installations
- Create subfolder, not affected by WordPress
- Wordpress and directory issues
- Wordpress Options FollowSymLinks error