wiki suggestions


New Member
rather than posting a new thread for each suggestion, maybe it would be better if i just created this one to house them all?

title: WordPress Security Tips
sec: Disabling Unnecessary Files & Access

this would have to be checked...

running the find/chmod commands to change permissions is not an optimal solution since one would have to remember to do it every time WP is updated or a plugin is installed, plus there's the risk of damage

in my search for an alternative, i found this...

the following could be dumped in an .htaccess for both /wp-content/plugins and /wp-content/themes

order deny,allow
deny from all
<files ~ ".(xml|css|jpe?g|png|gif|js)$">
allow from all

i haven't thoroughly tested this and someone more knowledgeable would have to look at it
correction on the above - the htaccess directives should be placed in the web root htaccess - but i didn't figure out how to do that yet

also, another shortcoming of the wiki guide is that it doesn't cover *changelog* files