How to Resolve Full Path Disclosure Issue in WordPress

Full path disclosure is a security measure in which a generation of fatal error can output the real path of your server (web root) and other information as well. This real path then allow attackers to harm your site. Nowadays, it is very important to secure your website with these types of issues.

If your website is using WordPress CMS, then load the following URL in to your browser to check the Full Path Disclosure.

After loading the URL, it will generate a fatal error as mentioned below:

Call to undefined function _deprecated_file() in /home/your-web-domain/public_html/wp-includes/rss-functions.php on line 8.

It means your information related to file paths will be seen to anyone if any time fatal error occurs. The attacker will take the advantage of this security lap.

To overcome this measure, just use the following rule into your .htaccess file:

This line of code will hide the warnings and errors that can cause an attack to your site.

User Comments

2 thoughts on “How to Resolve Full Path Disclosure Issue in WordPress

    Salvador says:

    This Solution does not work.

    500: Internal Error – Hosting

Leave a Reply

Your email address will not be published. Required fields are marked *

    Get in Touch