wordpress-iconA very simple way to secure your wordpress’s folders from being exposed to the public is to create an index file which is going to render and hence wont allow the browser to actually index the folder list. There are folders like gallery, plugins, images which can be reached thru their absolute paths and can be compromised to index the contents they have in it. So just for the sake of hiding them all, there are many ways to do this, I am going to show these one by one.

1) Creating a blank index.php

Browse into the folder which you want to hide and then create a file named index.php . Leave this file blank or you can display a message ,if you want to.

2) With a redirect function in the PHP file

Repeat the above step as explained. But instead of leaving it blank we are going to redirect the visitors to the blog’s home page. This can be done using a simple php function as show below :

//redirects the curent visitor to the URL give
//you can change the mydomain.com to your blog's address
header("Location: http://mydomain.com");

3) Doing it the htaccess way

I have written a htaccess tutorial long back which explains how we can stop indexing the directories and do other useful stuff with htaccess. But for this tutorial let me put those magical lines here . You have to create a .htaccess file in the folder which you want to stop from being indexed and paste the following contents into that file.

Options -Indexes

I would recommend the second method, cause that way the user is redirected to your homepage instead of seeing a blank white page. Hope this helps you somewhere.

Sachin Khosla

Share this post: