Thursday, June 5, 2008

Give Error 404 to your plugins folder

It is crucial to hide your WordPress plugins folder. Click here for the reason why.

This is one way to do it.

Create a ".htaccess" file in the root of the WordPress installation.

Inside that file put this line of code:
Options All -Indexes

The idea is very simple. This instruction set will order Apache to not display list of files or directories, if there is no index file exists.

However, make sure not to touch anything else inside your ".htaccess" file.

Backup that file first. Even a small mistake will give your blog a "Server Error 500". If that ever happen, just restore the original ".htaccess" file.


  1. [...] a conclusion, hide the plugins folder. Share this article Related Posts:Give Error 404 to your plugins folderCreate a Rotating [...]

  2. This is a very useful and important tip!!!
    But it shows 403 forbidden page or may be it is just me. Just wanted to point out otherwise 404 or 403 this tip is very important.


    Alis last blog post..Nokia to purchase Symbian for EUR 264 million

  3. Ali: Perhaps you (or somebody else) had set your server to forbid displaying that folder before. BTW, that is another way of protecting your plugins folder.