Protect Important Folders in your Blog
Posted by Sophia as Blog Tutorial, Blogging Tools, TipsBill Hartzer’s recent post reminds us to mask some of the more sensitive spots in your blog. Although this is only applicable to self-hosted blogs, I think everyone will benefit from this tip of keeping your blog secure. It’s another one of those tasks we should do habitually but often forget.
Here’s how it works: we should not allow sensitive directories on our blogs to list their contents publicly. We do not want malicious visitors getting any hints on how they can compromise our websites. We should not let search engines list irrelevant folders in their results.
Hartzer wrote specifically about denying other people access to one’s WordPress plugins directory, but when you go through your site carefully, you’ll notice several more directories you might want to protect:
Folders You Might Want To Protect
Folders for your photos, music, and videos. Unless you uploaded your multimedia so that anyone can download (or hotlink to) them, it’s best to hide the directory index from other people. This can potentially save you lots of bandwidth!
Folders for your blog admin panel. If possible, avoid revealing which locations need to be hacked to get into your blog.
Folders for your blog themes. This specifically applies to bloggers who have a custom-made theme. Don’t make it devastatingly simple for copycats to clone your blog design.
How to Protect These Directories
Here are ways of protecting your important and sensitive blog folders. You can apply what you’ve learned here to other non-blog folders (if you’re running some other type of website, whether static or dynamic).
Disable directory contents from being listed. JavascriptKit explains how to hide files from being listed inside a directory using .htaccess. Check out the other pages to learn how .htaccess works and other things you can do with it.
Password-protect the directories. Michi Kono has written a tutorial on how to rename and protect the WordPress administration folder (wp-admin). You can also apply this to specific directories one by one.
Prevent searchbots and spiders from accessing those directories. Most search engines follow the rules of skipping directories and files that are listed in a robots.txt file. Here’s Google’s own robots.txt file. To make bots and spiders skip directories and files, create a text file called robots.txt and enter the following:
User-agent: *
Disallow: */feed*
Disallow: */trackback
Disallow: */wp-admin
Disallow: */wp-content
Disallow: */wp-includes
Disallow: *wp-login.php
You can add more directories you wish to hide from search engines by following the format above. Learn more about robots.txt at its own website.
The only catch is that you need access to your blog folders. But if you’ve been uploading images for your blog posts, installing plugins, and adding new themes, you probably know how already.
No related posts.
Related Articles
No related posts.
Our Features
-
Design and Themes
The Modern and Creative Design and Themes
In order to design a website you can organize web design contests which are meant for the designers who are best in this field. This is one of the best way by which you can get the best designs and then you can pick any of them. You can use internet that is the ideal [...]
Read on
More Design and Themes Features -
Software and Widgets
WordPress Plug-ins
If you blog using WordPress and can’t do something that you want done like adding Sphere-related content at the end of your blog posts you might be surprised to find out that there are already plug-ins available that make it happen. To find good WordPress plug-ins all you need to do is search for “wordpress [...]
Read on
More Software and Widgets Features -
Reviews
A Friend In Need
I’m helping out my friends from the UA&P – IShareHappiness Blog Team. Whenever you feel pessimistic, angry, troubled, frustrated, and depressed – what have you – you need someone to talk to. Someone who could help you be more optimistic and help make you feel that there is hope. Sometimes it’s hard to talk to [...]
Read on
More Blog Reviews -
Monetization
The Modern and Creative Design and Themes
In order to design a website you can organize web design contests which are meant for the designers who are best in this field. This is one of the best way by which you can get the best designs and then you can pick any of them. You can use internet that is the ideal [...]
Read on
More Monetization Features -
Marketing and Search Optimization
The Importance of SEO Consulting in Creating Online Businesses
Due to the reception and acceptance of SEO as a business process for assuring successful profit generation, many blogs, article contents, and forums have been discussing this matter, even providing some tips and tricks for everyone who is interested to know what is behind the trend and the system. People who would like to achieve [...]
Read on
More Marketing and SEO Features -
Blog Resources
SUBSCRIBE
Via RSS Feed
Via Email
Via Mobile Phone
CATEGORIES
- Blog Tutorials News
- Design and Themes
- Featured Articles
- Marketing and Search Optimization
- Monetization
- Software and Widgets
- Writing
Friends
-
Freelance writing jobs
- SEO Copywriting Service
- SEO web hosting
- iPage
- FatCow
- Face to Face Sales
- China Wholesale
- For wordpress installation help, you could check 1-click Wordpress Setup on iPage.
Bloggy Awards
Blogger Jobs
- Need a Break From Blogging? Cook With Recipe Finder!
- Screencast/video blogger with wordpress/web 2.0 experience
- Android App Review/Blogger Wanted
- Canadian Business Blogger Wanted
- Fashion Writers Wanted at Pumpsicle

CONTRIBUTORS
RESOURCES
- Blog Herald
- Blog Network Watch
- Copyblogger
- Daily Blog Tips
- Japanese Blogs
- Lorelle on WordPress
- Problogger
4 Responses
joel badinas
21|Jun|2007Hi,
With other blogging software like WordPress, this is possible. But if you are using Blogger, like I do, you can’t set your .htaccess file. Do you have a suggestion for this?
Ia Lucero
21|Jun|2007Well, I’d expect Blogger/Google to take care of my data and other security issues I have in mind. Hosted blogging solutions (like TypePad and WordPress.com as well) should behave that way, especially paid ones. And you won’t have any chance to create new directories that need to be protected, so that’s not going to be a problem.
I hope I was clear enough.
fransisqw
13|Feb|2008I like to play online games and have found few online games in demo mode which are very small to play.
So please suggest me few web sites where I can fine some good full version online games.
Tech, How to, Software Reviews, Linux, Dog, Make Money Online with AhTim
31|Mar|2008Protect Private Files and Folders…
Do you have files or folders that you do not want to share with others? I know you will say as long as we do not share our computer login password, we are safe. But how if you are sharing computer with your colleagues in office? Even you do not share, …