wordpress security (access to the includes folder)
-
I am making a wordpress blog for my institute.
The institute is extremely cautious and blocks ALL access to the server from the outside (for example, i need to be onsite to login and add post etc.)
Unfortunately, the theme I’m using and a few of the plugins have features that apparently need access to the wordpress includes folder to work.I have several questions that I hope someone can answer (preferably a wordpress security professional) in language suitable for someone who knows very little technical lingo in this area.
(1) what are the terrible things someone can do if they hack into this directory on our server? for example, can pages be overwritten? can someone change our posts?
(2) what security measures (aside from totally blocking access) are best to block access to this folder?
(3) do most people worry about access to this folder or not?
(4) why do some features require access to the includes folder. On my site, it seems to be anything that uses jQuery. i don’t know what jQuery is, can someone explain? Could the plugins and theme features be made to work without using jQuery?
- The topic ‘wordpress security (access to the includes folder)’ is closed to new replies.