Secure WordPress by Blocking Access to readme.html and license.txt
Explanation
To keep your WordPress site secure, it's a good idea to block access to certain files like readme.html and license.txt. These files can give away information about your WordPress version and other details that could be useful to hackers.
This code snippet does just that. It checks if someone is trying to access these files and, if so, it stops them by sending a "403 Forbidden" response. This means the files are off-limits to anyone trying to peek at them.
Here's how it works:
- The function wp_dudecom_block_sensitive_files is set up to run every time your site is accessed.
- If you're in the admin area, it does nothing, so you can still manage your site without issues.
- It checks the requested file name against a list of files you want to block.
- If the requested file matches one of those in the list, it stops the request and sends a "403 Forbidden" message.
This is a simple yet effective way to add an extra layer of security to your WordPress site by keeping these sensitive files hidden from prying eyes.
Code
<?php
// Function to block access to readme.html and license.txt files
function wp_dudecom_block_sensitive_files() {
if (is_admin()) {
return;
}
$requested_file = basename($_SERVER['REQUEST_URI']);
// List of files to block
$files_to_block = array('readme.html', 'license.txt');
if (in_array($requested_file, $files_to_block)) {
// Send a 403 Forbidden response
status_header(403);
exit;
}
}
// Hook the function to the 'init' action
add_action('init', 'wp_dudecom_block_sensitive_files');
?>
Instructions
File Location: Add the following code to your theme's functions.php
file or a custom plugin file.
Prerequisites: None
Implementation Steps:
- Log in to your WordPress admin dashboard.
- Navigate to Appearance > Theme Editor if you are adding the code to
functions.php
. Alternatively, go to Plugins > Editor if you are using a custom plugin. - Locate and open the
functions.php
file or your custom plugin file. - Copy and paste the provided code snippet at the end of the file.
- Click Update File to save your changes.
- Test your site by trying to access
readme.html
andlicense.txt
directly in your browser. You should receive a "403 Forbidden" response.
This implementation will help secure your WordPress site by blocking unauthorized access to sensitive files.
If you need further assistance or more advanced functionality, consider reaching out to wp-dude.com for expert WordPress support.