Protect your wp-content folder if using a CPanel hosting account

If you are hosting with someone like Bluehost.com, Hostgator.com or any other host with WordPress installations on a cPanel.

Case in point. Let’s say I know www.thisdomain.com is using WordPress. So I simply go in and type www.thisdomain.com/wp-content. An index page will come up like this in your browser window..

And if I was to click on 2010/ I would get access to all images uploaded the this WordPress default file. So I could easily download everything they have uploaded to their site. Sometimes you can do this to the plugin and theme directories as well. Or if I typed in www.thisdomain.com/wp-content/uploads the same thing will happen.

This can be a very big security risk if you offer subscriptions, paid material or other information that you don’t want easily grabbed.

How to solve this…

Sign into your hosting account, and click on your cPanel. At the very bottom, go into the “Index Manager” and select No Indexing for your site and it’s directories, or if you choose, just certain directories. If you don’t, users will easily be able to rip content, plugin and theme information from your site.

It will either go to a 404 page not found, or directory not found.

As always, with WordPress, be safe!