Useless and ignoring best practices

Using this plugin makes no sense at all. Why? That’s why…

1. You don’t have to delete these files – all you have to do is to deny access to them – you can do this easily using .htaccess file.

2. Deleting these files won’t help you secure your site – any WP upgrade will restore them.

3. This plugins checks if these files exists every time your site is requested. There’s no need to do this.

4. There are some other actions this plugin tries to perform – for example it tries to scan users table, but… It doesn’t use WPDB class and it assumes that your user table is wp_users – so it ignores your custom DB prefixes.

Don’t use this plugin… Put a simple rule in your .htaccess file instead.