wordpress 安全: 禁止目录浏览

apache 如果你的博客的域名是 example.com,浏览 example.com/wp-content/themes 或者 example.com/wp-content/plugins,你将发现你所使用的主题或者插件都会罗列出来。而如果正在使用的主题或者某个插件含有恶意代码或者存在安全漏洞,那么你的博客很可能就不是那么安全了。

解决方法很简单,在站点根目录下的 .htaccess 中添加如下内容,禁止 apache 的目录浏览功能。

Options All -Indexes

Share this :- Del.icio.us + Google Bookmarks + FriendFeed + ReTweet

Posted in: wordpress

Tags: , ,

This entry was posted on Friday, May 15th, 2009 at 8:34 am and is filed under wordpress. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Posts you may enjoy

One Response to “wordpress 安全: 禁止目录浏览”

gravatar image

ptubuntu May 19th, 2009 at 11:50 am | reply

不错.有效的控制网站的安会性.

Leave a Reply

Please copy the string 2r2hhr to the field below: