Defender unable to fix one vulnerability

I have installed Defender and successfully resolved a number of issues recommended by the Hardener. However, I'm left with one Action Needed: Prevent Information Disclosure by adding a .htaccess file. When I click the button, the issue is not resolved. Help.

  • Adam Czajczyk

    Hello Sten,

    I hope you're well today and thank you for your question!

    The "Prevent Information Disclosure" tool adds special .htaccess files to your WordPress install to protect access to some files and folders. In order to be able to do this it must be able to write to folder on your server.

    With default folders permissions it should be able to do this but on some servers folder ownership and/or file permissions are different than default ones set by WordPress during installation. Usually this is caused by server configuration and is expected to further secure the site. It can however cause issues like this.

    The solution would be to access the site via FTP or via cPanel's "File Manager" and make sure that the permissions for folders of your site allow WordPress to write into them. Typically, all the folders should be set to "755" or "750". Both FTP clients and cPanel's "File Manager" let you set them that way. Furthermore, after successfully setting up the "Prevent Information Disclosure" option you would be able to use the same way to setup permissions as they are set currently.

    Could you please check it and see if that helps?

    Best regards,

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.