0

One of my websites is constantly being scanned for WordPress directories and files. This particular site never had or will have WordPress. If it did then I would follow the standard practices outlined at Hackertarget to prevent getting hacked.

There currently is a blank 404 page for the site (not really user friendly, but that's the point). This does not seem like the best option so I am considering using either an internal 301 redirect or possibly redirecting any requests for /wp/*, /wordpress/*, etc..., over to WordPress.org.

A similar question was asked, but I am not concerned about SEO and those answers do not address this particular scenario.

So, which is best? 1. Keep the blank 404. 2. Internal 301. 3. External 301.

Community
  • 1
  • 1
JaydenMedia
  • 3
  • 6

1 Answers1

1

The 404 response is certainly the standard. Any of the 300 codes will just divert the traffic to another site, which would be rude on your part. If you are being scanned, don't expect the scanner to take heed of the "permanence" of your 301 response. Please, go with the 404.

Cris P
  • 406
  • 2
  • 9
  • Exactly why it is currently set like that, but it's also rude on their part. I'll keep it as-is. Perhaps it's time to look into creating a custom 404 with John Travolta disco dancing atop a WordPress logo. – JaydenMedia Sep 16 '16 at 00:02