MainWP has found some issues…What are your thoughts on these?

[webstar]

Hi,

I just started using MainWP.

I noted a few security issues that it listed. I listed them below.

/wp-content/, /wp-content/plugins/, /wp-content/themes/ and /wp-content/uploads/ directories listing has not been prevented
– After fixing this issue, an empty index.php will inserted in these directories to prevent listing.

WordPress version has not been hidden
– After fixing this issue, WordPress generator meta tag will be removed from the head sections of the Child Site

Really Simple Discovery meta tag has not been removed from front-end
– After fixing this issue, RSD meta tag will be removed from head sections of the Child Site

Windows Live Writer meta tag has not been removed from front-end
– After fixing this issue, WLW meta tag will be removed from head sections of the Child Site-

Any comments on these issues? Do you consider them really issues?

Even if these are minor issues or not truly security issues, if I were to apply the changes, would BPSPro allow the change or do you think it will cause some files to be quarantined?

[AITpro Admin]

The BPS Root htaccess file contains htaccess code that prevents directory listing.

Recommendation: You don’t need to hide your WordPress version.

I don’t have a recommendation regarding RSD and WLW meta tag removal. You can do some Google searches to see what these things do and why you might want to remove them from your child theme. In general a lot of people seem to be saying these meta tags are not really necessary or used for anything these days. I don’t personally use either of these meta tags for anything.

The only MainWP option that would cause files to be quarantined would be preventing directory listing. You would simply just restore the index.php files from Quarantine.

[Author]

Posts