Just Purchased this a few minutes ago. I cannot find a share anywhere here. Ironically it's to give high security for files in Wordpress and protect against files being stolen... not sure if effective as only just downloaded. Few bonuses also included...
Just clicked on the links in Chrome, Firefox and Safari - and on different Computers on different IP and seems ok, let me know, although not sure how to fix, is the Share working? Fro my side all ok, sorry..
This is from the guy from way back when who created some Kunaki products, his name is Paul Mihai Pavel, an Indian guy. He had some practical products back then before the internet started to explode with WP and other apps and gadgets
I am surprised that there have not been more WSOs on WP security. Out of the box, WP has a lot of security leaks. You can go to almost any WP site and have access to downloads, just go to http://www.site-name.com/wp-content/uploads/ and it's an open bucket.
At the very least, a blank index.html file should be put into every folder to stop folks, like us :-), from browsing. There is a lot that can be done by just adding a few lines of code to the .htaccess file.
I agree with you on WP being so darned easy to breach. I even saw this company that claim to "Live Security" and their filepath was open for all to access:
Magic Button :
OPERATION WINDIGO - We Live Securitywww.welivesecurity.com/wp-content/uploads/.../operation_windigo.pdf
to malicious content, to send spam messages, and to steal more credentials from ...... W P. ,. Figure 3.20 Linux/Cdorked redirection victims by operating system.
One of the services I offer professionals in the coaching industry is monitoring and updating their sites every month so that their files (through the path you mentioned) are not open to the public. I don't tell them what I do but I show them the before and after scenarios. They can't argue with seeing their precious files open to the public and by the next day it's secured.
All stuff I learned online through BH forums!
Is there a way to automatically lock these folders on WP?
I know that each month a new /0x files is created and unless it's manually locked it's wide open. I'm sure there's a way to stop having the manual update each month, so does anyone know?
I am surprised that there have not been more WSOs on WP security. Out of the box, WP has a lot of security leaks. You can go to almost any WP site and have access to downloads, just go to http://www.site-name.com/wp-content/uploads/ and it's an open bucket.
At the very least, a blank index.html file should be put into every folder to stop folks, like us :-), from browsing. There is a lot that can be down by just adding a few lines of code to the .htaccess file.
Probably the closest that you can get to automatically securing WP folders is to edit the .htaccess file.
Open up the .htaccess file and add the following code snippet at the end and that will keep anyone from browsing the file folders of a WP site.
PHP Code:
<files wp-config.php>order allow,deny deny from all</files> Options -Indexes
If you want to do more research, this is an excellent site for information on editing the .htaccess file. http://www.htaccess-guide.com/
(02-04-2015 09:27 AM)WorldWarrior Wrote: [ -> ]I agree with you on WP being so darned easy to breach. I even saw this company that claim to "Live Security" and their filepath was open for all to access:
Magic Button :
OPERATION WINDIGO - We Live Securitywww.welivesecurity.com/wp-content/uploads/.../operation_windigo.pdf
to malicious content, to send spam messages, and to steal more credentials from ...... W P. ,. Figure 3.20 Linux/Cdorked redirection victims by operating system.
One of the services I offer professionals in the coaching industry is monitoring and updating their sites every month so that their files (through the path you mentioned) are not open to the public. I don't tell them what I do but I show them the before and after scenarios. They can't argue with seeing their precious files open to the public and by the next day it's secured.
All stuff I learned online through BH forums!
Is there a way to automatically hide these folders on WP?
I know that each month a new /0x files is created and unless it's manually locked it's wide open. I'm sure there's a way to stop having the manual update each month, so does anyone know?