Remove unwanted files

Daily cleanup process

A daily cleanup process cleans up unneeded files from your WordPress installation.

Access to certain types of files like .bak, .sql, and others are blocked via the firewall module. These files are not necessary for the functioning of your WordPress site but are sometimes created automatically. For example, a plugin might make a copy of your wp-config.php file before making changes.

Remove unwanted files

If backup files are not removed, they can be located and exploited by attackers. This could give them access to sensitive information like your database password, leading to complete control over your site. Although simple, the step of removing these files is often overlooked. Security Ninja assists in this by identifying and deleting common file names that pose a risk.

Files Tested for and Removed:

  • wp-config.php backups (e.g., wp-config.php.old, wp-config.php_bak, wp-config.php~, and more variations)
  • Server and PHP logs (e.g., php_errorlog, php_mail.log)
  • .htaccess backups (e.g.,, .htaccess_backup)
  • Database files (*.sql)
  • Development files (e.g., phpinfo.php, info.php, test.php)
  • Backup files (*.bak)

By removing these files, Security Ninja helps ensure that critical information is not inadvertently exposed, thereby bolstering the security of your WordPress site.

Was this helpful?

Previous Article

Disable Username Enumeration

Next Article

Hide WP Version