Learn about Centmin Mod LEMP Stack today
Become a Member

Wordpress How to Hide MainWP Child Plugin from Search Engines

Discussion in 'Blogs & CMS usage' started by Subha Pal, Sep 5, 2019.

  1. Subha Pal

    Subha Pal New Member

    5
    1
    3
    Jul 9, 2018
    Ratings:
    +2
    Local Time:
    6:16 PM
    I start maintaining all of my sites via MainWP dashboard. It saves a lot of time for me. I want to hide the MainWp child plugins from search engines. MainWP gives a tutorial here, how to hide MainWP child for Apache-based WordPress installation. Can anyone here help me to do the same things in nginx in centminmod?

    Thanks
     
  2. eva2000

    eva2000 Administrator Staff Member

    42,085
    9,499
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,616
    Local Time:
    10:46 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    when you manually browse you domain.com/wp-content/plugins/mainwp-child/ files can you access them on centmin mod wordpress install ?

    i don't use mainwp-child plugin but test installed it and on centmin mod nginx installed wordpress via centmin.sh menu option 22, access to domain.com/wp-content/plugins/mainwp-child/mainwp-child.php will give 403 permission denied so search engines won't be indexing it as centmin mod default security for centmin.sh menu option 22 usually will prevent php scripts from public access in wp-content/plugins/* directories unless you whitelist them - see Wordpress - Wordpress 403 Permission Denied Errors
    Code (Text):
    curl -I http://domain.com/wp-content/plugins/mainwp-child/mainwp-child.php
    HTTP/1.1 403 Forbidden
    Date: Thu, 05 Sep 2019 13:17:40 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 146
    Connection: keep-alive
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    
     
    Last edited: Sep 5, 2019
  3. Subha Pal

    Subha Pal New Member

    5
    1
    3
    Jul 9, 2018
    Ratings:
    +2
    Local Time:
    6:16 PM
    When I tried to access on domain.com/wp-content/plugins/jetpack or any other plugins or our plugins directory it gives 403 Forbidden.

    But when I tried to access on domain.com/wp-content/plugins/mainwp-child/ it gives a blank screen. No 403 Forbidden.

    Imgur

    [​IMG]
     
  4. eva2000

    eva2000 Administrator Staff Member

    42,085
    9,499
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,616
    Local Time:
    10:46 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    centmin mod security only blocks *.php files not .html so mainwp-child/index.html results in blank page and is fine as index.html won't pose any security risk from access unlike if index.php was used so that's ok.

    but if you tried to access php files like at http://domain.com/wp-content/plugins/mainwp-child/mainwp-child.php, will give 403 permission denied

    jetpack's directory must use index.php and not index.html, hence 403
     
  5. Subha Pal

    Subha Pal New Member

    5
    1
    3
    Jul 9, 2018
    Ratings:
    +2
    Local Time:
    6:16 PM
    Thanks for your response.
    Actually I want to hide my MainWP network. So if their index.html, will google or other search engine index this link? Or I should remove this index.html file ?
     
  6. eva2000

    eva2000 Administrator Staff Member

    42,085
    9,499
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,616
    Local Time:
    10:46 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    if it's valid search engine just block indexing via robots.txt for /wp-content/plugins/mainwp-child/