wp-config and htacces revealed

  • My biggest issue with this plugin is the wp-config file and htaccess file is revealed on the dashboard under the plugin’s settings. If you should happen to have an unauthorized user log in to the account (which happened to me over the weekend), the keys to the kingdom are displayed for them to find.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi AthensWebStudio thank you for your review and sorry to hear that you had an intruder. Your point above is more of a request I think.

    One of the plugin developers will reply to your comment.

    Once again thank you for your review.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    the keys to the kingdom are displayed for them to find

    If an unauthorised user has logged into your site they are already in the so-called “kingdom”. The point is to prevent the unauthorised user from being able to login to your site in the first place – which is what this plugin tries to do.
    I’m assuming that you didn’t have one of the brute-force features enabled because it is highly unlikely they would’ve been able to access the login page if one of those features was active.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi AthensWebStudio have you tested the latest version?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘wp-config and htacces revealed’ is closed to new replies.