Good Morning,
I'm not sure if this is the right place to ask this question.
I used http://sitecheck.sucuri.net/scanner/?sc ... tlinux.org to scan my site and I'm getting this warning in the scan:
Wordpress internal path: /homepages/44/d282789879/htdocs/bootlinux/wp-content/themes/suffusion/index.php
I've looked high and low on how to resolve this. Adding inserts to the .htaccess file, adding a blank index.html file and so on.
Some say it's a PHP issue, some say Apache is at fault, some say the theme is at fault........
I've tried all the suggestions I've found so far but nothing has worked.
I even scanned http://aquoid.com and guess what?
Wordpress internal path: /home/aquoid/aquoid.com/news/wp-content/themes/suffusion/index.php
I ran other wordpress sites thru this scanner and some show the warning while others do not.
I'd really like to get this warning resolved.
Any ideas, thoughts?
wordpress internal path exposed
Forum rules
This forum is closed with effect from February 2019. Please post future requests on https://github.com/sayontan/suffusion.
1. No offensive language and no mocking
2. Please do a thorough search before you post something. Trust us, there is a high probability that the question you are asking has been asked previously.
3. No soliciting. You cannot post here soliciting bids for people offer you quotes, or even offer money to people for some work. You will be moderated if you do so. If you are looking for help, please post your request on http://jobs.wordpress.net or http://codepoet.com
4. Please be reasonable. You are getting software and support. For free. Complicated requests from a general purpose theme are not welcome and some volunteers might lose patience with you.
5. Please do your due diligence. If you posted a query and we answered with a link, take the trouble to go through the link contents.
6. Please post with complete information. Requests for help MUST be accompanied with your URL, particularly if you are asking something like "Why am I seeing a blank space?"
This forum is closed with effect from February 2019. Please post future requests on https://github.com/sayontan/suffusion.
1. No offensive language and no mocking
2. Please do a thorough search before you post something. Trust us, there is a high probability that the question you are asking has been asked previously.
3. No soliciting. You cannot post here soliciting bids for people offer you quotes, or even offer money to people for some work. You will be moderated if you do so. If you are looking for help, please post your request on http://jobs.wordpress.net or http://codepoet.com
4. Please be reasonable. You are getting software and support. For free. Complicated requests from a general purpose theme are not welcome and some volunteers might lose patience with you.
5. Please do your due diligence. If you posted a query and we answered with a link, take the trouble to go through the link contents.
6. Please post with complete information. Requests for help MUST be accompanied with your URL, particularly if you are asking something like "Why am I seeing a blank space?"
Re: wordpress internal path exposed
My question is just one word: so?I used http://sitecheck.sucuri.net/scanner/?sc ... tlinux.org to scan my site and I'm getting this warning in the scan:
Wordpress internal path: /homepages/44/d282789879/htdocs/bootlinux/wp-content/themes/suffusion/index.php
Pick any WP-powered site and you will get this: http://sitecheck.sucuri.net/scanner/?sc ... adlock.com, http://sitecheck.sucuri.net/scanner/?scan=diythemes.com.
This seems like a case of FUD and I doubt if it has a bearing on security.
Re: wordpress internal path exposed
OK, I followed up on this, and though I believe you have switched themes this is probably worthwhile for you and others who are concerned by this. This is surely a PHP thing and can be very easily fixed with the help of your hosting providers. Basically you need to turn off a PHP setting, "display_errors". This can be done in a variety of places depending on how your hosting provider has set things up for you. One way is to put this in your .htaccess file in your WP installation:
See this article for the above.
Now, if PHP is running as FastCGI, the above will not work for you. In that case you will have to modify php.ini or httpd.conf. These files are typically controlled by your hosting providers, so you have to seek their help. In general you can override settings under your host's php.ini file by defining a custom override. If you have PHP 5.3.x then this is very easy: you can create a folder called .php in your home directory, then create a folder called 5.3 under it, then add a file called phprc. In that file just put this in:
That will take care of things.
Code: Select all
<IfModule mod_php5.c>
php_flag display_errors off
</IfModule>
Now, if PHP is running as FastCGI, the above will not work for you. In that case you will have to modify php.ini or httpd.conf. These files are typically controlled by your hosting providers, so you have to seek their help. In general you can override settings under your host's php.ini file by defining a custom override. If you have PHP 5.3.x then this is very easy: you can create a folder called .php in your home directory, then create a folder called 5.3 under it, then add a file called phprc. In that file just put this in:
Code: Select all
display_errors = Off