I See Your WordPress Plugins

Wordpress.com LogoSimonne of AllTipsAndTricks.com has posted a helpful tip for WordPress users. By default, the permissions for your WordPress directory are set up in such a way to allow the public viewing access. Like Simonne, I’m not sure what the practicality would be except for those snooping around or those trying to figure out which plugins you have installed in which they can then look for vulnerabilities or exploits in those plugins to hack your site.

The fix is quite simple. You can do one of two things, change the permissions of that directory from 0755 to 0750 or, you can upload a blank index.html file. When I set my plugin folder to 0750, some of my plugins decided to stop working. So I opted for option two. In fact, I added a redirect within my index.html page that redirects the browser to my homepage.

Here is the code I used in my index.html file if you would like to do the same.

Redirect Code I Used In My Index.html File

UPDATE -Thanks to LGR for adding this in via the comments. You can simply add Options -Indexes to your .htaccess file. This will redirect anyone who is trying to view a folder index to your 404 error page without the need of creating empty index.html files. Thanks again LGR.