Delete default readme.html should be repeated automatically or made inaccessible

  • Resolved Paddy Landau

    (@paddy-landau)


    2 years, 7 months ago

    Feature request

    Regarding the option:

    SG Security > Site Security > Delete the Default Readme.html

    As the name implies, this deletes the default /readme.html.

    However, WordPress restores that file every time it is updated.

    I think that this should instead be a toggle switch. If turned off, obviously /readme.html is left alone.

    But, if turned on, SG Security not only deletes /readme.html immediately but also deletes it every time when WordPress is updated.

    Alternatively, instead of deleting the file and having to watch for it, the file could be made inaccessible via .htaccess, adding it to FilesMatch. Something like this:

    <FilesMatch "xmlrpc\.php$|php\.ini$|php_errorlog$|readme\.html$">
    Require all denied
</FilesMatch>

    Otherwise, there is little point to this option.

    • This topic was modified 2 years, 7 months ago by Paddy Landau.
    • This topic was modified 2 years, 7 months ago by Paddy Landau.
    • This topic was modified 2 years, 7 months ago by Paddy Landau.
    • This topic was modified 2 years, 7 months ago by Paddy Landau.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Pavel Dosev

    (@pdosev)

    Hello @paddy-landau,

    Thank you for the suggestion. Indeed the file is recreated on each update, and it must be manually removed through this option after each update.

    I will pass your request to our developers for further consideration, and they will eventually implement it in one of the future releases of the plugin.

    Thread Starter Paddy Landau

    (@paddy-landau)

    Thank you, @pdosev

    I’ve implemented my suggestion in my .htaccess files, which should solve that problem.

    This is a low-priority request, I would imagine.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Delete default readme.html should be repeated automatically or made inaccessible’ is closed to new replies.