/?wp-<code> how do i prevent that??
?wp-<any code>
each time I run a exploit search on my friend's forum (supraforums.com) I am helpin them narrowing down to least possible bugs on our site.. I keep getting this specific bug which I cant figure how to disable or block from user trying to access some data that we dont want to expose.. here are lists of url's and see if theres any code we could use to prevent that from happening?
[url]http://[/url]<ip>/?PageServices
[url]http://[/url]<ip>//?icon=/usr/local/kde/share/icons/hicolor/32x32/mimetypes/image.png
[url]http://[/url]<ip>//?wp-cs-dump
[url]http://[/url]<ip>//?wp-cs-dump
[url]http://[/url]<ip>//?wp-html-rend
[url]http://[/url]<ip>//?wp-start-ver
[url]http://[/url]<ip>//?wp-stop-ver
[url]http://[/url]<ip>//?wp-usr-prop
[url]http://[/url]<ip>//member/pass/.htpasswd
[url]http://[/url]<ip>//private
[url]http://[/url]<ip>//private/.htpasswd
[url]http://[/url]<ip>//private/htpasswd
im not going to list all but its just a few examples of bugs.
there is /admin, /mod, /mail, /member and such
was wondeering if there is some way where U can deny access to that folders and specify an ip address that is allowed to view those folder/files or access the page.
any help is greatly appreicated!
