MyBB Community Forums

MyBB Community Forums > Extensions > Plugins > Plugin Support > Extra security by renaming plugins?
Full Version: Extra security by renaming plugins?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

iHydra

2013-01-15, 09:52 PM
Would a forum be more secure and safe from the public knowing what plugins they are using by renaming the php file in ./inc/plugins?

So if a plugin has a Vuln, but is like a back end plugin, they won't know that they are using it. Does it ruin the plugin and how it works, or for some plugins and not for all?

Thanks.

Nathan Malcolm

2013-01-15, 09:57 PM
Probably would just be worth cutting off public access for the ./inc/ directory. No one should ever need to access it.

http://www.mybbsecurity.net/topic-protec...-directory

iHydra

2013-01-15, 10:11 PM
Good Idea, thanks. Would be more efficient than renaming plugins themselves.

-iHydra

frostschutz

2013-01-16, 12:13 PM
Most plugin vulnerabilities do not depends on the plugin name nor on the inc/ folder being accessible.

As plugins usually expose functionality to the public forum that is where its vulnerabilities are too.
MyBB Community Forums > Extensions > Plugins > Plugin Support > Extra security by renaming plugins?