[Plugin: Secure WordPress] Insecure: readme.html/license.txt

  • Software such as Nikto looks for files such as readme.html and license.txt to identify wordpress.

    + /readme.html: This WordPress file reveals the installed version.
    + OSVDB-3092: /license.txt: License file found may identify site software.

    The readme.html is an obvious target because it contains the version number of the wordpress install.

    Sure I could rename them to obscure them, but what’s the point of a “secure” plugin when it doesn’t even cover the basics?

    Sure I could delete these files, but what I want to keep them for my reference?

    Plus it’s likely that they will be restored when WordPress updates itself.

    https://www.ads-software.com/extend/plugins/secure-wordpress/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Secure WordPress] Insecure: readme.html/license.txt’ is closed to new replies.