- /wp-content/
- /plugins/
- /themes/
All have empty index.php files in it. Are they safe to delete? What is their purpose, why even be in the default install if they’re empty? What is their purpose?
Why do folders have Empty Index.php Pages?
1 comment
Comments are closed.
As a security measure, WordPress includes these index.php files to account for hosts that by default enable directory browsing.
Including them makes sure that no one can see the list of files in that directory, which could let them know what plugins or versions you are running and thus give them some things to try to hack your site.
As long as you don’t have directory listings enabled, they are safe to delete (although there’s probably no reason to delete them).