Join Jeff Starr for an in-depth discussion in this video Prevent directory listings, part of WordPress: Developing Secure Sites .
- [Narrator] In this video, we increase the security…of WordPress by disabling directory views…which also are known as directory indexes…or directory listings.…Many web-hosts disable directory views by default…but it's important to know for sure.…If your files are visible, there are a couple of easy,…effective ways to lock things down.…An open directory listing of your files, such as this one,…may be the first thing an attacker sees…before destroying your website.…When directory views are enabled, any directory…that does not include some sort of an index file,…such as "index.html" or "Index.php", will openly display…a list of all files in the directory as seen here.…
As you can see, there is no index file included…in this directory so it's contents are displayed…for the world to see.…Open directory listings are a security risk…because they reveal the contents of your server…to an attacker.…It's much better if sensitive files…are not publicly accessible.…Fortunately, disabling directory views is drop-dead easy.…
- Backing up and restoring your site
- Setting up strong passwords
- Understanding users and roles
- Choosing trusted plugins and themes
- Changing and recovering passwords
- Configuring authentication keys
- Securing the login page
- Fighting spam in the comments
- Blocking access and detecting hacks
- Building a firewall for WordPress
- Detecting and blocking bots
- Auditing your WordPress security
Skill Level Intermediate
1. Getting Started
2. Security Essentials
3. Hardening WordPress
4. Improving Security with Plugins
5. Advanced Tips and Tricks
6. Applying Best Practices
Next steps2m 9s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.