Wordpress ´ç½ÅÀÇ ÁÖÁ¦¸¦ º¸È£ÇÏ´Â ¹æ¹ý ½ÅûÇÑ´Ù
¹«·á ´Ù¿î ·Îµå¸¦ À§ÇØ À¯È¿ÇÑ Wordpress ÁÖÁ¦ÀÇ 1000s°¡ ÀÖ´Ù, ±×·¯³ª ¿©ÀüÈ÷ ´ç½ÅÀº ´ç½ÅÀÇ blog À¥»çÀÌÆ®¸¦ À§ÇÑ À¯ÀÏÇÑ ÁÖÁ¦¸¦ °®°í ½ÍÀ¸¸é. ´ç½ÅÀÌ ¿ÀÁ÷ ÇÊ¿ä·Î ÇÏ´Â °ÍÀº ±âÁ¸ÇÏ´Â ÁÖÁ¦¿¡ ±Ù°ÅÇÑ »õ·Î¿î ÁÖÁ¦¸¦ º¯°æÇϰųª µðÀÚÀÎÇϱâ À§ÇÑ °ÍÀÌ´Ù. ´©±¸°¡ ¸ðµç ³ë·Â ÈÄ¿¡ ´ç½ÅÀÇ ÁÖÁ¦ Æú´õ¿¡¼ ´ç½ÅÀÇ ÁÖÁ¦¸¦ ÈÉÄ¡´Â °æ¿ì¿¡ Áö±Ý ¹«¾ùÀÌ ÀϾ´Â°¡? ³ªÀÇ Ä£±¸ Áß Çϳª Arpit¿¡´Â ±×ÀÇ ¾Æ¸§´Ù¿î ÁÖÁ¦ ¶³¾îÁ® Âõ¾î ¾î¶² »ç¶÷µé¿¡ ´ëÇÑ ¹®Á¦°¡ ÀÖ¾ú´Ù, ±×°¡ ±×ÀÇ blog¸¦ À§ÇØ ¸¸µé¾ú¾ú´ø. ´ç½ÅÀÇ blog ÁÖÁ¦¸¦ º¸È£ÇÏ´Â ÀÌ·¸°Ô ¹æ¹ý?
ºÎÀü½ÂÀ¸·Î ¸ðµÎ´Â ´ç½ÅÀÇ blog (Wordpress)¿¡ ÀÖ´Â ÁÖÁ¦ Æú´õ¸¦ Àü¸ÁÇÒ ¼ö ÀÖ´Ù. Ç×¹ý °æ·Î´Â ÀÌ´Ù http://www.yourwebsite.com/wp-content/themes. ´ç½ÅÀº ÀÌ Æú´õ¿¡ ÀÖ´Â ´ç½ÅÀÇ ÁÖÁ¦ÀÇ ÁöÆÛ·Î Àá±ä ¹öÀüÀÌ ÀÖ´Â °æ¿ì¿¡, ¸ðµÎ´Â ZIP ÆÄÀÏÀ» ´·¯¼ ´Ù¸¸ ´ç½ÅÀÇ ÁÖÁ¦¸¦ ´Ù¿î·ÎµåÇÒ ¼ö ÀÖ´Ù. ´ç½ÅÀÇ ±øÅëÀ» º¸È£Çϱâ À§ÇÏ¿©´Â ÀÌ °£´ÜÇÑ ´Ü°è¸¦ ÇϽʽÿÀ.
1. "´ç½ÅÀÌ ÀÌ ÆäÀÌÁö" ¶Ç´Â ±×°Í°ú À¯»çÇÑ ¹«¾ð°¡¸¦ Àü¸ÁÇÏ´Â Çã°¡ÇÏÁö ¾Ê´Â ó·³ ¸Þ½ÃÁö°¡ ÀÖ´Â HTML ÆäÀÌÁö¿¡´Â âÁ¶ÇϽʽÿÀ. º¸±â´Â ¿©±â¿¡¼ ÀÖ´Ù.
2. ÀÌ ÆÄÀÏÀ» Index.html·Î ÀúÀåÇÏ°í ´ç½ÅÀÇ ÁÖÁ¦ Æú´õ¿¡ ºÎÀü½ÂÀ¸·Î ÀÌ ÆÄÀÏÀ», ¿Ã·ÁÁÖ±âÇϽʽÿÀ wp ³»¿ë ¶Ç´Â ÁÖÁ¦. ±×°Í »ÓÀÌ´Ù.
Áö±Ý ´ç½ÅÀÌ µ¿ÀÏÇÑ °æ·Î¿¡ Ç×ÇØÇÏ´Â °æ¿ì¿¡, ÀÌ ÆÄÀÏÀº Ç¥½ÃµÇ°í ¾Æ¹«µµ´Â ´ç½ÅÀÇ ÁÖÁ¦ ÆÄÀÏ¿¡ Á¢±ÙÇÒ ¼ö ÀÖ´Ù. ¾çÀÚÅÃÀÏ·Î ´ç½ÅÀº ¾Æ¹«µµ°¡ ´ç½ÅÀÇ Æú´õ¿¡¼ ±×°ÍÀ» Á÷Á¢ÀûÀ¸·Î ´Ù¿î·ÎµåÇϰųª ÀÌ Æú´õ¿¡ ³õÀÎ Çã°¡¸¦ ¹Ù²Ü ¼ö ÀÖ´Ù ±×·¡¾ß, ´Ù¸¸ ´ç½ÅÀÇ ÁÖÁ¦ÀÇ ¸ðµç ÁöÆÛ·Î Àá±ä ¹öÀüÀ» Á¦°ÅÇÒ ¼ö ÀÖ´Ù.
ÀÌ Æ÷½ºÆ®¸¦ °øÀ¯ÇϽʽÿÀ
HTML ÆÄÀÏÀ» âÁ¶ÇÏ´Â °ÍÀº getright ºê¶ó¿ìÀú°¡ ¿©ÀüÈ÷ ÆÄÀÏÀ» º¸¿©Áִ ó·³ ºê¶ó¿ìÀú¿¡¼ Á¢±Ù, ±×·¯³ª °ø±¸¸¦ ¸·À» ¼ö ÀÖ´Ù.
I think you need to use the Index Manager in your cpanel and set the no index option for these directories.
i agree with alfred¡¦
or you can have this in robots.txt for all bots¡¦
Disallow: /wp-content/
@Alfred,
Thanks for the info.
@Rajesh,
Adding in robots.txt will only prevent search engines I guess.
Thanks Nirmal . I haven¡¯t yet down to doing this. haven¡¯t got time because of Christmas.
try it and see¡¦even noindex is for search engines¡¦
you will have several such directories exposed and having an index.html for every directory is not the right way to do it¡¦
I wonder who would be so careless as to store the zipped version in the theme dir! However, I ensure that my theme files are not accessible publicly! I am sure these tips can be useful to new users!
Good tip that can prevent you from simple geeks but as alfred said hackers would be easily bypass this.
How if we set the .httaccess and addedd script like this : Options -Indexes ?
I think using the .htaccess file is the best way. Because, as alfred has said some download managers could look into the directories, and adding robots.txt file will only protects from the search engines and not from the visitors. So i highly recommend to use a .htaccess file
Can¡¯t we CHMOD the folder and prevent anyone else from getting in it?
I feel from the comments above, writing a rule in .htaccess may be the best option.
I think to protect that directory, you can use a PHP script or .httaccess + .htpasswd file to prevent someone else download your themes/plugins.
This will thwart the attempts from many¡¦ but most people are after your CSS. They can get the rest of what is needed just by right clicking and viewing source and capturing your div tags and etc¡¦ The ultimate way to prevent theme theft is to figure out a way to prevent people from gaining access to your CSS.
@Garry,
I agree with you, there should be some way to prevent access to CSS files.
Unfortunately, I don¡¯t see how it is possible. Bloggers are all about having machine readable content. And unfortunately, bloggers are all about having this machine readable content looking pretty. CSS is nothing more than making regular text look styled and pretty.
For bloggers that didn¡¯t care about search engines and having their content machine readable, I wonder if it is possible to create a WordPress site written in Javascript?
Thanks for the tip, i did it in my blog.