> > If it worries you, you could add some deny rules to your .htaccess > this wouldn't be too smart - especially when you add
> wp-includes/js/tinymce/tiny_mce_config.php > into the deny's and do not own a static ip ;-) (yes there are possibilies anyway) What I would worry about is directory listing ON... you may be able to turn this off (this depends on wether the hoster allows this or not) with *Options -Indexes *in the .htaccess. If you have confixx as management panel you sould be able to turn it off there - no experience with the other management panels but could be possible with them too... 2008/4/15, Aaron D. Campbell <[EMAIL PROTECTED]>: > > You can't view the source of those files, what you see for example when > you go to http://xavisys.com/wp-includes/js/tinymce/tiny_mce_config.php is > the Javascript that this file is supposed to be outputting. If you compare > that to the actual contents of the file, you will see the difference. In > short, as long as your server is parsing PHP and not sending the entire > contents of the file to the browser, you should be fine. If it worries you, > you could add some deny rules to your .htaccess > > crime_genius86 wrote: > > > http://www.yourdomain.com/wp-includes > > you can directly open here, and may view all of the source file.. > > > > http://www.yourdomain.com/wp-includes/js/tinymce/tiny_mce_config.php > > http://www.yourdomain.com/wp-content/themes/ > > it is normal people can view this? or we must fix it up?? > > > > [crime_genius86] > > > > _______________________________________________ > wp-testers mailing list > [email protected] > http://lists.automattic.com/mailman/listinfo/wp-testers > _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers
