« Secure Your wp-admin Folder
Perishable 3G Blacklist »

Deny Access to readme.html

One of the first steps a malicious hacker has to take when trying to “invade” your Wordpress blog is discover what version of the software you’re running. Unfortunately Wordpress makes this a tad too easy by placing the version number right in the public_html directory in the readme.html file. And even if you delete it once the file comes back next time you upgrade.

Place this code in your .htaccess file and no one will be able to access the readme.html file if you forget to delete it.

# protect readme.html
<files readme.html>
Order deny,allow
deny from all
</files>

You might also want to read...

This entry was posted on Sunday, October 4th, 2009 at 8:05 am and is filed under .htaccess Hacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply