Is it true that disabling the wp-admin folder breaks plugins and more?

M

Maxim Vetrov2015-11-22 11:15:14

Information Security

Maxim Vetrov, 2015-11-22 11:15:14

We create a well-known htaccess file in the site.ru/wp-amin directory, which we prohibit to everyone except the admin, adding access to the file only by the admin's ip-address. Everything is fine! but...
Some warn:
With this approach, you need to take into account that in the wp-admin directory there are some files that should be executed by simple anonymous users, for example admin-ajax.php, or admin-post.php. By blocking access to these files, you can break a lot of plugins.
How! Now the question is: will a lot of plugins really break?
And which ones?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

Maxim Vetrov, 2015-12-01
@maxveter

I myself found the answer from one wordpress specialist:
"Yes, they break, and any using AJAX for anonymous users in WordPress."

M

mureevms, 2015-11-22
@mureevms

I've been doing it this way for over a year and haven't noticed any problems. All plugins work.
Wordpress experts will correct, but it's strange enough that anonymous users need to do something from wp-admin.