*Urgent* wp-content/plugins Security Hole

That might be an old fashion hack for some wordpress bloggers but surprisingly I found search result pages showing at least 3.0 Million wordpress blogs suffering this issue.

Going straight to the point, if you are on WordPress you should check your plugins folder security by simply browsing to your-wordpress-blog.com/wp-content/plugins If you get the index of your plugins directory then *congratulations* all your plugins are naked and ready to be downloaded by anyone! Although more than 90% of blogs used free ready-made plugins but some of you might have customized or paid ones that need to be secured.

Here is a screenshot  of what your should see…

Doing a simple search you will find some wordpress blogs already fixed their folder but many others with interesting plugins still did not fix it or even still don’t know about it.

A simple solution is disallowing the folder access in the .htaccess file or uploading a blank index.html in the plugins folder. Another published solution I found over the web is using your index manager in your hosting cpanel and change the folder plublic_html index setting from “default” to “no indexing”.

Please comment if this issue is addressed to you and any of the above solution worked or you share a better solution. I’m also not sure if the latest update of wordpress solved this issue of not.

Tags to Technorati: plugins, security, security fix, urgent, wordpress, wp hosting issue, wp plugins issue, wp problem

Related Articles:

• Why your 404 Page is Important