security and directory question

  • hello,
    we are trying to use wordpress for the first time and did an install on our server. we are trying to migrate from blogger.
    anyway, we noticed that in our web logs that people have found access to the admin/upgrade page for the wordpress. is there a way to protect all of the directories and not interfere with functionality? i dont think it is a cookie thing since i tested it on another machine.

    also, is it better to have wordpress on a subdomain or in another folder on the main domain? we cannot run it in the domains root folder due to other items that need to run there. we are concerned with security and seo issues running this. we like what it offers with the upgrades that are out there.

    thanks for any assistance.

Viewing 4 replies - 1 through 4 (of 4 total)

  • You can safely delete the upgrade and install files.
    More: https://codex.www.ads-software.com/Hardening_WordPress

    Edit. It doesn’t matter where WP is installed.

    Thread Starter trek406

    (@trek406)

    so we do the correct thing, what folder should we delete and files so nothing else is impacted?

    Don’t delete any folder(s).
    Just the install.php and upgrade.php files.

    Thread Starter trek406

    (@trek406)

    thanks. did that. if we need to upgrade in the future i guess we find that somewhere in the admin?

    we also installed plugins, etc. we see alot of traffic that reads /wpadmin….jax…php, planetnews…..ultimate-tag-warrior, yet i dont see these on the blog even though i installed them. dont know if this works in the background and if this is real traffic, etc…..
    ???

    thanks for the other help!
    ??

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘security and directory question’ is closed to new replies.