Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #867005

    I checked Webmaster tools and all of the php files in here and the subfolders are returning 500 errors:
    wp-content/themes/enfold/framework/
    See: http://prntscr.com/h03we4

    1st question, why?
    2nd question, why are core php files crawlable & accessible to web browsing!!!!???? Surely this is a security risk!

    I have never had this with any other theme I’ve used.What is the solution?

    #867108

    Hey geneticsed,
    Google should not be able to access those files directly, that is why you see that error.
    But to keep those errors from showing add this to your robots.txt:

    User-agent: *
    Disallow: /wp-content/themes/enfold/index.php

    Best regards,
    Mike

    #1005709

    Hi, this seems to be a major issue with every enfold based websites.

    You can google “Index of /wp-content/themes/enfold/framework” and you wil see millions of websites where core php files can be accessed.

    It is a good start not to allow bots but what about security ? Parent folder cannot be access how comes it is not the same for framework ?

    Could you provide some insights ?

    Thank you.

    #1005916

    Hi,

    This is a server configuration issue. You need to disable directory listing to block users from browsing your directories. This article will help you: https://www.wpsuperstars.net/how-to-disable-directory-browsing-wordpress/ (if you’re not using Apache see https://www.netsparker.com/blog/web-security/disable-directory-listing-web-servers/ )

    Best regards,
    Dude

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.