-
Posts
-
I checked Webmaster tools and all of the php files in here and the subfolders are returning 500 errors:
wp-content/themes/enfold/framework/
See: http://prntscr.com/h03we41st question, why?
2nd question, why are core php files crawlable & accessible to web browsing!!!!???? Surely this is a security risk!I have never had this with any other theme I’ve used.What is the solution?
Hey geneticsed,
Google should not be able to access those files directly, that is why you see that error.
But to keep those errors from showing add this to your robots.txt:User-agent: * Disallow: /wp-content/themes/enfold/index.phpBest regards,
MikeHi, this seems to be a major issue with every enfold based websites.
You can google “Index of /wp-content/themes/enfold/framework” and you wil see millions of websites where core php files can be accessed.
It is a good start not to allow bots but what about security ? Parent folder cannot be access how comes it is not the same for framework ?
Could you provide some insights ?
Thank you.
Hi,
This is a server configuration issue. You need to disable directory listing to block users from browsing your directories. This article will help you: https://www.wpsuperstars.net/how-to-disable-directory-browsing-wordpress/ (if you’re not using Apache see https://www.netsparker.com/blog/web-security/disable-directory-listing-web-servers/ )
Best regards,
Dude
- You must be logged in to reply to this topic.