Tag: Apache

Disable Directory Browsing

15 September 202320 August 2023 by Louis Stanford

Directory browsing one of the most common security flaws in a WordPress site. By default, the webserver enables directory browsing. This means that all files and folders inside the root directory of the webserver are accessible by a visitor.

Disable WordPress XML-RPC

24 September 202320 August 2023 by Louis Stanford

Attacks on xmlrpc.php are common. Not many websites actually use the XMLRPC functionality so one simple way of avoiding these attacks was to simply delete the xmlrpc.php file. However the file is restored every time you update WordPress, so this isn’t a very good solution.