Removing wp- on files

Yes, solely relying on security through obscurity in insane. Adding it as one technique to your security defences is a worthwhile activity. Especially when, as in the case of WP, it is so easy to implement (for which I thank the developers). I don’t really see how this can be argued?

Security is all about applying layers, this is simply one such layer. Yes you can get round it, as you can absolutely *any* security layer given enough time and effort. That is the point; the crackers/spammers pick the low level fruit because it is easier. Simple as that

In case you are wondering, I’m saying this as a server admin of 7+ years. Whenever I deal with defacement or crack on a software package I can almost guarantee that they have used known footprints when installing it. You can take this to extremes, like any security measure, of course. The time you can spend securing something is almost infinite but you try to hit the big targets first in the time you have. One of these, for me, is removing the wp- prefix.

wow so much attention to my question cool, i feel so special lol

the reason for wanting to remove the wp- was more of a curiosity then anything else and also keeping in mind security and if everyone knows files begin with wp- seems it would make an easy target.

And aesthetics too, make our html code look more like our own site vs someone elses and also i have not seen other programs put their ego (wp-) on every single file lol

maybe somone could make a plugin to remove all wp- ext doh!! now watch the wars begin he he

>i have not seen other programs put their ego (wp-) on every single file

Except of course mt- maybe it is a blog thing ??

Seriously though ongakukaku, have a go. It’s not tricky. I use TopStyle myself which has excellent support for ‘find+replace’. It highlights them in the preview window so you can check each one – there are about 300 odd in the WP code that need changing + the page names themselves.

Do make sure you only rename page names and not functions etc. That is why I suggest searching for ‘wp-‘ explicitly and not just ‘wp’.

This thread links to a plugin that should help automate this. I’ve not used it.

That is the point; the crackers/spammers pick the low level fruit because it is easier.

I like that expression, kinomuto. Very nicely phrased. And so very, very true.

I think one would have to perform a study to test for the validity of that statement. Having an apple orchard, I know the best fruit is nearer the top and worth the extra effort. And for many its the challenge – there’s a reason you don’t hear too many people exclaim, “I climbed a mole a hill!”

I actually have nothing to add to the thread, like a tree whose bottom fruit has been picked, it is about to topple over of its own weight.

Could you not just recursively descend through all the files in the WP folder piping them through tr /wp-// in a unix shell… or something similar?

I see no reason why this would not work… if I am wrong please enlighten me.

Why are you reviving year old threads? Did you sign up a few minutes ago just to dig out age old topics?

Hehehhe… I did not notice the time stamp. These are subjects I am interested in, and hence why I responded.

I will cease any further participation.

I will cease any further participation.

You are more than welcome to participate, to post, to ask questions… whatever ??
It was just strange that both of your posts were on quite old threads.

I do not want to ‘revive old stormy years’ ?? but I arrived here after doing some search about security and found the thread both funny and interesting.

I think both positions are pretty clear and of course, I’ve mine:
If I had any valuable goods at home (not the case ?? ) I would first buy a good security door and a good lock system. But take for granted I wouldn’t be shouting out the address where I live at.

Secure + hidden = secure + x

(IMHO) Determining the value of ‘x’ should be the target of a discussion trying to get any clues.

Have a good day,
hip

(I think someone mentioned it above: some other opensource web apps offer the ‘folders and database tables renaming’ option. There may be opinions even among experts. Let there be them!)