I’ve just found out today that by default wordpress installation doesn’t protect the plug-ins and themes folder. Which enables script-kiddies to explore and steal your theme and your works as well and claim its theirs. Especially if you have purchased a theme. Anyway , there are couple of methods to protect your wordpress plugins and theme folder. I am sure you have heard of the 403 Forbidden method whereby you’ll restrict access to the folder when there is no index file. Alternatively you may place a blank index.html or php file in these sites to prevent the directory to be listed.
Anyhow , those methods are ‘old skool’ style and there will never do anything. To teach these script-kiddies a lesson , we must use their same method and use it against them. Get the point ? Its by rick rolling them. I created a simple php script that redirects them to this site (WARNING : Don’t click it , Trust me you don’t want to get rick rolled). You may download this simple php script by clicking here. Place them in /wp-contents/plugins and /wp-content/themes folder. Alternatively you may place in /wp-contents/ folder as well just to be extra safe. Now , whenever they try to access your plugins/themes folder , they will be redirected to another site and voila -rick rolled. Two things in one. Next time i am trying to make it to open mutiple windows so that it sucks more RAM out of their PC and it will teach these script kiddies a lesson not to mess with someone’s site. Oh it works for everything , not only word press. If you want to protect a directory properly I would suggest you to use hta access , but if you want to teach these people a lesson then the best method would be by rick rolling them. Imagine , using their own tricks against them ! Now you don’t have to worry about those pests (Well not really , but at least it would stop some of them)
For those of you who do not know what is a Rick Roll , I would suggest you to read this article over at Wikipedia