• About
    • History of Dallas SEO
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Services
    • Search Engine Optimization
    • Ongoing SEO Services
    • SEO Expert Witness
    • Google Penalty Recovery
    • Mini SEO Audit
    • Link Audit
    • Keyword Research
    • Combine Websites SEO Services
    • PPC Management
    • Online Reputation Management
    • Domain Name Consultant
    • Domain Names & Expired Domains
    • Domain Name Appraisal

Bill Hartzer

GoDaddy Airo: Register your .com domain name today!
Home » Search Engine Optimization » One Simple Way to Protect Your WordPress Plugins

One Simple Way to Protect Your WordPress Plugins

Posted on June 19, 2007 Written by Bill Hartzer

wordpress

I’m amazed that so many popular bloggers use WordPress and don’t protect their WordPress plugins. Here’s one simple way to protect people from seeing exactly which WordPress Plugins you’re using.

First, here’s a little background about it: If you don’t have a default web page (usually index.html or default.html or something similar) in each of your web site’s folders, then people can gain direct access to that folder’s contents by accessing it in a web browser. For example, try going to www.yourdomain.com/images/ in your favorite browser. See what I mean? You’ll most likely see a list of all the files in that folder. For most people, seeing the image files in your images folder is not a big deal. In fact, I even let people see the files I have in my images folder. No big deal.

But what if folders in your installed apps are open?

That’s right. What if there are key folders in applications or scripts that are left open for everyone to view? Exactly–they can view all the files in that folder (or directory).

Like me, you may be proud of the different WordPress plugins that you are using if you’re using WordPress to power your site or blog. Did you know that a default installation of WordPress actually doesn’t protect your WordPress plugins folder? Well, it doesn’t! So, most likely, people can go here and view all of the plugins you have installed, even some custom ones if you’re using them:

www.yourdomain.com/wp-content/plugins

Try it now on your own WordPress-powered site or blog. There’s a good chance that you’ve left yourself wide open. And if you’re using an anti-spam plugin then people can see which one(s) you’re using. Not good.

To be honest with you, I kind of stumbled across the fact that most people have their plugins open for everyone to view. I was interested in a certain blogger’s plugins so-to-speak and which ones they were using because I kept seeing some additional pings and additional links to his blog (yes, this blogger shall remain nameless, but you know who you are if you’re reading this post!). I actually checked some (ahem) other popular bloggers, even bloggers in the Technorati 100 and they’ve left their plugins folder wide open.

So, if you’re reading this, here’s (finally) the way to protect your WordPress plugins from being viewed by snoops:

Copy the following code and paste it into notepad or whatever text editor you use:

plugin-fix.txt

Save the file as index.html and upload that file to your blog’s wp-content/plugins folder. Voila! Fixed! Now you have to FTP into that folder or go to the Admin section of your blog in order to view the plugins you’re using.

If people view your WordPress plugins and see which ones you have installed, then it may not actually be a big deal to you. But, if you’re like me and you use certain plugins to add certain functionality to your WordPress install, then most likely you will not want people snooping around, looking at all of the WordPress plugins that you have installed.

Filed Under: Search Engine Optimization

About Bill Hartzer

Bill Hartzer is the CEO of Hartzer Consulting and founder of DNAccess, a domain name protection and recovery service. A recognized authority in digital marketing and domain strategy, Bill is frequently called upon as an Expert Witness in internet-related legal cases. He's been sharing insights and research here on BillHartzer.com for over two decades.

Bill Hartzer on Search, Marketing, Tech, and Domains.

Recent Posts

  • Why Everyone on Google Trends Is Suddenly a Person—And What It Means for SEO July 14, 2025
  • Grow Your Instagram Like a Pro with Hexrate’s Game-Changing Tools July 14, 2025
  • Unbounce Doubles Down on AI and Automation to Boost Go-To-Market Teams July 10, 2025
  • NameSilo to Acquire SewerVUE Technology in $2.45M Deal July 10, 2025
  • Internet Marketing Ninjas Acquired by Previsible.IO July 9, 2025
  • Metricool Brings Real Analytics to Personal LinkedIn Profiles July 8, 2025
  • This Cleveland Agency Found a Smarter Way to Rank in Every Suburb—Without Opening More Offices July 8, 2025
  • Survey: Gen Z Reuses Passwords but Demands Bank-Level Security From Small Businesses July 8, 2025
  • Liftoff Reveals What’s Actually Working in Mobile Ads July 7, 2025
  • EasySend’s Big Move: AI Tools That Make Static Forms Obsolete July 7, 2025
  • Is Social Media Failing Small Businesses? New Survey Reveals a Hidden Blind Spot July 7, 2025
  • Why Cloudflare’s Pay Per Crawl Is a Trap for 99% of Websites July 2, 2025
  • The Hidden Risk of Double Letters in Brand and Domain Names July 2, 2025
  • GEO Verified™ Launches to Help Brands Survive the AI Search Shakeup July 1, 2025
  • RetailOnline.com Hits the Market After 25 Years—And It’s Built for the Future of E-Commerce July 1, 2025
  • AI-Powered Task Planning: The Future of Business Efficiency and Personal Productivity June 30, 2025
  • New Yoast Add-On Turns Google Docs Into an SEO Power Tool June 26, 2025
  • Simon Data Flips the Script on Marketing with AI Agents June 26, 2025
  • IAB Lays Down the Law for Gaming Ads—Here’s What Brands Need to Know June 26, 2025
  • Google Review Extortion Text Message – Scam Warning for Business Owners June 25, 2025

Hartzer Domains

Bare-Metal Servers by HostDime

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:

Industry Friends

I Love SEO
WTFSEO
SEO By the Sea
Brian Harnish
Jeff Lenney
Jeff Gabriel
Scott Hendison
Dixon Jones
Brian Hartzer
Navah Hopkins
DNAccess
SEO Dallas
Confirmed Stolen

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on BlueSky
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (109)
  • AI (201)
  • Bing Search Engine (8)
  • Blogging (43)
  • Branding (19)
  • Domain Names (316)
  • Google (261)
  • Internet Marketing (52)
  • Internet Usage (95)
  • Link Building (53)
  • Local Search (63)
  • Marketing (232)
  • Marketing Foo (34)
  • Pay Per Click (9)
  • Podcast (19)
  • Public Relations (9)
  • Reputation Management (14)
  • Search Engine Marketing (46)
  • Search Engine Marketing Events (60)
  • Search Engine Marketing Firms (94)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (189)
  • Search Engines (223)
  • Social Media (302)
  • Social Media Marketing (59)
  • Tech (16)
  • Web Analytics (21)
  • Webinars (1)

Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.

 

Hartzer Consulting

Website, Content, and Marketing by Hartzer Consulting, LLC.

Disclaimer - Privacy Policy - Terms of Use

Copyright © 2025 ·