- This topic has 1 reply, 2 voices, and was last updated 14 years, 2 months ago by
.
-
Posts
-
Hi. Me again. Still playing around with EME and came across something I’m not sure if is by design or what.
One of the things I do with my site is hide my WordPress core folder (the one with wp-admin, wp-config.php, wp-includes, xmlrpc.php, etc.) from the public as a security precaution. For example, my WordPress URL is http://wp.local/MyRealWordPressFolder and my Site URL is http://wp.local.
To help secure my site some more, I have also moved my WordPress Content folder (wp-content) to the root of my web site (http://wp.local/content) to prevent my real WordPress core from being exposed. Otherwise uploaded content will show the path of http://wp.local/MyRealWordPressFolder/wp-content/…
With EME enabled, it outputs a bunch of JavaScript to be used with the AJAX Calendar feature (which I don’t use). While looking through the code, I noticed that the JavaScript is outputting my real WordPress directory. (This is happening on the lines where
$j_eme_calendar.getis used.)For the time being, I just commented the line
add_action('wp_head', 'eme_ajaxize_calendar');to prevent this from being outputted in the site’s header since I don’t sue the AJAX Calendar feature. I wanted to point this out just in case anyone else is trying to hide their WordPress core folder.Is it possible in a future version that this outputted JavaScript can be hidden or changed where it doesn’t show the true path to one’s WordPress files? Thank you.
If you talk about the prevMonthCalendar and nextMonthCalendar javascript functions: the url gets built using the standard wordpress function site_url(). So if this function is returning a path you don’t want, it means you didn’t adapt it to the one you want the public to see. Just moving the folders around doesn’t help …
Check the mysql table wp_options, option_name “siteurl” (and “home” as well maybe)
- The forum ‘How do I …’ is closed to new topics and replies.